William Woodruff published a blog post arguing that PyPI's trusted publishing should not be interpreted as a signal of package trust or quality, but rather as a form of authentication. This clarifies a common misconception among developers, which could otherwise lead to over-reliance on trusted publishing for software supply chain security decisions. Woodruff emphasizes that trusted publishing uses OpenID Connect (OIDC) to establish identity between a CI/CD workflow and PyPI, and that PyPI deliberately avoids rendering it as a green checkmark.
Background
Trusted publishing is a mechanism introduced by PyPI that allows packages to be published without storing long-lived API tokens. Instead, it uses OIDC to exchange short-lived identity tokens between a trusted third-party service (like GitHub Actions) and PyPI. It is designed to simplify the publishing workflow, but Woodruff warns that it should not be conflated with package trust or security assurance.