CISA and OpenSSF Release Framework for Package Repository Security
12 February 2024 at 10:41
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced that it's partnering with the Open Source Security Foundation (OpenSSF) Securing Software Repositories Working Group to publish a new framework to secure package repositories.
Called theΒ Principles for Package Repository Security, the frameworkΒ aimsΒ to establish a set of foundational rules for package