Github Moves to Guard Open Source Against Supply Chain Attacks
The popular Microsoft-owned code repository plans to roll out code signing, which will help beef up the security of open source projects.
https://www.wired.com/story/github-code-signing-sigstore/