Staged publishing for npm packages
4 points by jonchurch
4 points by jonchurch
The context of why this is rad is that Trusted Publishing was missing a true second factor gate. The Github Environment approach was a poor man's 2fa, it can be defanged via the API with a stolen gh cli token from someone with high enough perms on the repo (aka a maintainer). And an attacker who has done that, can also trigger a malicious publish from within the same trust model, by nature of the that stolen token being enough to both commit and defang the environment gate protections.
This doesn't solve the fact that your CI could still be pwned and a release poisoned, but it does mean that pwning your CI via "pwn request" style attacks is not enough to instantly trigger a publish from a compromised CI.
2fa is so back!