Search
131 results for “miketheman”
-
By popular demand (@miketheman), pypistats now has a `--sort` option so you can sort by other columns such as date, rather than the default downloads.
-
By popular demand (@miketheman), pypistats now has a `--sort` option so you can sort by other columns such as date, rather than the default downloads.
-
By popular demand (@miketheman), pypistats now has a `--sort` option so you can sort by other columns such as date, rather than the default downloads.
-
By popular demand (@miketheman), pypistats now has a `--sort` option so you can sort by other columns such as date, rather than the default downloads.
-
By popular demand (@miketheman), pypistats now has a `--sort` option so you can sort by other columns such as date, rather than the default downloads.
-
RE: https://hachyderm.io/@miketheman/115618016841703831
Use Trusted Publishing instead of long-lived PyPI tokens. For other things, here's how to use 1Password with direnv to set secrets in env vars.
https://hugovk.dev/blog/2025/secrets-in-env-vars/
#security #1Password #direnv #cli #PyPI -
RE: https://hachyderm.io/@miketheman/115618016841703831
Use Trusted Publishing instead of long-lived PyPI tokens. For other things, here's how to use 1Password with direnv to set secrets in env vars.
https://hugovk.dev/blog/2025/secrets-in-env-vars/
#security #1Password #direnv #cli #PyPI -
RE: https://hachyderm.io/@miketheman/115618016841703831
Use Trusted Publishing instead of long-lived PyPI tokens. For other things, here's how to use 1Password with direnv to set secrets in env vars.
https://hugovk.dev/blog/2025/secrets-in-env-vars/
#security #1Password #direnv #cli #PyPI -
RE: https://hachyderm.io/@miketheman/115618016841703831
Use Trusted Publishing instead of long-lived PyPI tokens. For other things, here's how to use 1Password with direnv to set secrets in env vars.
https://hugovk.dev/blog/2025/secrets-in-env-vars/
#security #1Password #direnv #cli #PyPI -
RE: https://hachyderm.io/@miketheman/115618016841703831
Use Trusted Publishing instead of long-lived PyPI tokens. For other things, here's how to use 1Password with direnv to set secrets in env vars.
https://hugovk.dev/blog/2025/secrets-in-env-vars/
#security #1Password #direnv #cli #PyPI -
The PSF's PyPI Safety and Security Engineer, @miketheman, is giving a keynote at OpenSSF Community Day this Thursday! "Anatomy of a Phishing Campaign" is a deep dive into the 2025 PyPI phishing attack, how it worked, and what stopped it.
Thu May 21 @ 9:20am CDT 👉 https://openssfcdna2026.sched.com/event/2I44z
#Python #PyPI #SupplyChain #Security
https://openssfcdna2026.sched.com/event/2I44z -
Impromptu #Python #security meeting over coffee! ☕️🛡️
-
Impromptu #Python #security meeting over coffee! ☕️🛡️
-
Impromptu #Python #security meeting over coffee! ☕️🛡️
-
Impromptu #Python #security meeting over coffee! ☕️🛡️
-
Impromptu #Python #security meeting over coffee! ☕️🛡️
-
I just attended the “PSF - Update from our Security Engineers” session at PyCon US 2026 🔐
@miketheman and @sethmlarson were both excellent presenters: funny, clear, and very informative at the same time.
It was great to hear more about the huge amount of work happening behind the scenes to improve the security of Python, PyPI, and the PSF infrastructure ✨
-
3 moves to better security against phishing for open source maintainers, ranked by @miketheman #PyConUS
1. Move to WebAuthn, today
2. Let your password manager be the judge
3. Hover before you click.... And for the love of everyone, let go of Long Lived Tokens 🔥
-
🔐 Catch PSF's PyPI Safety and Security Engineer, @miketheman, talking Trusted Publishing at #OSSummit next week! Learn how to eliminate long-lived credentials from your #PyPI release workflow: no tokens, no secrets, just secure deploys. Tue May 19 @ 11am CDT #Python #SupplyChain #Security
https://osselcna2026.sched.com/event/2JQsc -
🔐 Catch PSF's PyPI Safety and Security Engineer, @miketheman, talking Trusted Publishing at #OSSummit next week! Learn how to eliminate long-lived credentials from your #PyPI release workflow: no tokens, no secrets, just secure deploys. Tue May 19 @ 11am CDT #Python #SupplyChain #Security
https://osselcna2026.sched.com/event/2JQsc -
🔐 Catch PSF's PyPI Safety and Security Engineer, @miketheman, talking Trusted Publishing at #OSSummit next week! Learn how to eliminate long-lived credentials from your #PyPI release workflow: no tokens, no secrets, just secure deploys. Tue May 19 @ 11am CDT #Python #SupplyChain #Security
https://osselcna2026.sched.com/event/2JQsc -
🔐 Catch PSF's PyPI Safety and Security Engineer, @miketheman, talking Trusted Publishing at #OSSummit next week! Learn how to eliminate long-lived credentials from your #PyPI release workflow: no tokens, no secrets, just secure deploys. Tue May 19 @ 11am CDT #Python #SupplyChain #Security
https://osselcna2026.sched.com/event/2JQsc -
🔐 Catch PSF's PyPI Safety and Security Engineer, @miketheman, talking Trusted Publishing at #OSSummit next week! Learn how to eliminate long-lived credentials from your #PyPI release workflow: no tokens, no secrets, just secure deploys. Tue May 19 @ 11am CDT #Python #SupplyChain #Security
https://osselcna2026.sched.com/event/2JQsc -
I have made it to my first talk at #PyConUS
First up: Python Security with @sethmlarson and @miketheman
-
Listen to PyPI turns the Python Package Index into a live ambient soundscape.
https://miketheman.github.io/listen-to-pypi/ -
Listen to PyPI turns the Python Package Index into a live ambient soundscape.
https://miketheman.github.io/listen-to-pypi/ -
Listen to PyPI turns the Python Package Index into a live ambient soundscape.
https://miketheman.github.io/listen-to-pypi/ -
Listen to PyPI turns the Python Package Index into a live ambient soundscape.
https://miketheman.github.io/listen-to-pypi/
