Woodruff: You shouldn't trust trusted publishing
William Woodruff, better known online as "yossarian", has publisheda blog post to make the case that users should not place their trustin trustedpublishing:
Trusted Publishing is a mechanism for establishing trust between anexternal machine identity (like a CI/CD workflow) and one or moreprojects on a package index/registry. The "trust" in "TrustedPublishing" refers to that trust relationship, and not to anythingelse.
It is not, and cannot be, a signal for package trust orquality. You cannot use it to determine whether a package is safe or"good," and PyPI consciously stymies attempts to misuse it for thatpurpose by not rendering it as a "green checkmark" or anything else ofthe sort.
Or as another framing: Trusted Publishing is just a form ofauthentication. It doesn't tell you anything other than that an uploadwas authenticated, which all uploads to PyPI are.
LWN covered trustedpublishing in June.