Collection of security best practices documentation for various package managers
A project under the Best Practices for Open Source Developers WG.
This project intends to create documents that cover the recommend way to use various package managers for optimum security.
Video introduction starts here
Documents for package managers, such as:
- npm
- Pip
- RubyGems
- etc.
The procedure for proposing, reviewing, and publishing guideline documents is covered in process.md
- See Best Practices for Open Source Developers WG for meetings/lists/slack/etc.