Loading…
Open Source Summit + Embedded Linux Conference North America...
May 18-20, 2026
Minneapolis, MN
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit North America 2025 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Central DaylightTime (UTC -5). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.
← Back to schedule
Trusted Publishing: Eliminating Credentials From Your Release Workflow - Mike Fiedler, Python Software
Tuesday May 19, 2026 11:00am - 11:40am CDT
200G (Level Two)
In February 2024, about 10% of PyPI uploads used Trusted Publishers. By October 2025, that number exceeded 25%, a massive shift toward eliminating long-lived credentials. For maintainers still using stored API tokens, this talk demonstrates why and how to modernize.

Trusted Publishing uses OpenID Connect (OIDC) to generate short-lived, automatically-scoped tokens from CI/CD environments. No passwords. No API tokens to rotate. No secrets stored in repositories.

This talk walks through setting up Trusted Publishers for GitHub Actions (as an example, but others are available), explains the security model in accessible terms, and shares case studies, including how Sigstore integration enabled forensic investigation of the 2024 Ultralytics compromise.

Attendees will learn the step-by-step setup process, common pitfalls and troubleshooting, and migration strategies for maintainers with many packages. The session also covers why token removal is critical when Trusted Publishing in place, and when restricted API tokens remain the appropriate fallback. Whether maintaining one package or a hundred, attendees will leave with everything needed to adopt credential-free publishing.
Speakers
avatar for Mike Fiedler

Mike Fiedler

PyPI Safety & Security Engineer, Python Software Foundation
Mike’s been in the engineering game for 30+ years, leading teams at Datadog, MongoDB, LeafLink, Warby Parker, and Capital One. He’s a big believer in learning from every peer and helping others navigate tech’s complexities. An AWS Hero and Awesome Community Chef, Mike loves... Read More →
Tuesday May 19, 2026 11:00am - 11:40am CDT
200G (Level Two)
  Packages + Images + Containers

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share

Get help with the event

Contact event planner Event login
View support guides Find upcoming events
Create an event you'd love to attend!
Explore why organizers choose Sched Success stories
Event App Event scheduling Event registration Event ticketing Sched forms Call for papers Badges Conferences
© 2026. SCHED LLC - All rights reserved - Helping events since 2008
Event Planning App Privacy Terms
Share Modal

Share this link via

Or copy link