Featuring:

  • Identifying bundled libraries on Python distributions to help scanning for vulnerabilities.
  • Trusted Publisher adoption metrics.
  • GitHub push protection for PyPI API tokens.

Lots of great stuff!