| 22:49 | <ljharb> | is it moved to 2pm every day or just this once? |
| 22:49 | <ljharb> | trusted publishing isn’t any more secure than our current setup, which is also one factor. It’s equally as secure module the flaw i described. |
| 23:00 | <bakkot> | every day |
| 23:01 | <bakkot> | I described above why I think trusted publishing is more secure than our current setup:
what part of that do you think is false, or do you not think that constitutes "more secure" for some other reason? |
| 23:03 | <bakkot> | though also to be clear I don't actually care much about the minor difference in security, just that this will continue to work next month after github disables existing non-granular tokens, and that it does not require manually rotating tokens |