GitHub debuts pedigree check for npm packages via Actions

Publishing provenance possibly prevents problems

Developers who use GitHub Actions to build software packages for the npm registry can now add a command flag that will publish details about the code’s origin.…

Author: Thomas Claburn. [Source Link (*), The Register]

Shop with us!