Trusted Publishing support for Forgejo #12261
jacobsvante
started this conversation in
Feature Requests
Replies: 2 comments
-
|
I'm not opposed, but the threat model needs to be thoroughly investigated, especially in light of this being a self-hosted platform (unless we limit to codeberg?). PyPI recently introduced trusted publishing support for self-hosted GitLab instances, but idk what the implications of that are yet. It is unlikely that I personally will have the time to implement it in the near future unfortunately. |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
Related issue on Codeberg here: https://codeberg.org/forgejo/forgejo/issues/9939#issuecomment-8065805 |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Throwing this one out there!
Forgejo supports OIDC, but I haven't checked if it's exactly what is needed for Trusted Publishing.
Considering the strong open source communities of both Rust and Forgejo I think it would make sense to implement Trusted Publishing support for Forgejo.
Beta Was this translation helpful? Give feedback.
All reactions