Trusted Publishing is popular, now for GitLab Self-Managed and Organizations
Trusted Publishing has proven popular since its launch in 2023.
Recap: Trusted Publishing enables software build platforms to publish packages to PyPI on your behalf, eliminating the need to manage long-lived authentication tokens. After a one-time setup where you delegate publishing authority to your platform, it automatically obtains short-lived, scoped tokens for each build—no manual token management required.
Read the Security Model for a deeper understanding of how Trusted Publishing works.
Since its inception, Trusted Publishing has been adopted by communities and companies alike, with ~45,000 projects configured for Trusted Publishing on PyPI so far. In early 2024 we added the ability to track whether each file upload was done via a Trusted Publisher, enabling us to analyze its impact over time. Also in 2024, more platforms were added as detailed in our April 2024 blog post.
Here’s a chart displaying the overall count of files uploaded to PyPI each month, broken down by whether they were uploaded via Trusted Publishers or not:
A couple of numbers for comparison:
As this chart shows, the overall scale of files uploaded to PyPI has grown (as detailed in this blog from the PSF Director of Infrastructure on open infrastructure growth) but what is great to see is that the proportional rate of Trusted Publishing use has grown as well. This can be seen by charting the percentage of files uploaded for each method over time:
Here we can see that back in February 2024, only about 10% of files were uploaded via Trusted Publishers. By October 2025, that number has grown to over 25% of all files uploaded to PyPI in a given month.
Hopefully posts like this and increased visibility in how to adopt Trusted Publishing will help continue this growth trend. Having folks like Sviatoslav Sydorenko and other contributors voluntarily maintain the widely-used GitHub Actions workflow for Trusted Publishing that makes everything that much easier has been a huge help, support them as well if you can! Using that action adds Digital Attestations automatically.
I hope that when we examine these stats next year, we’ll see even more growth as more organizations adopt Trusted Publishing for their package publishing workflows.
Which brings me to…
Since folks have been loving Trusted Publishing, I’m excited to share that it’s now available in beta for GitLab Self-Managed instances. This means organizations running their own GitLab can now use Trusted Publishers to publish packages more securely, without dealing with long-lived tokens.
As a reminder, trusted publishing support for the public GitLab.com instance has been available since early 2024.
Since GitLab itself can be self-hosted, we’re initially launching this feature as a beta to gather feedback and ensure a smooth experience. Organizations’ self-hosted instances must be manually onboarded by PyPI staff during this beta phase, while we learn more about the various configurations and setups in use.
In this scenario, the trust relationship is established between your GitLab Self-Managed instance and PyPI, allowing GitLab CI/CD pipelines to publish packages on behalf of your organization without the need for long-lived tokens.
If your organization runs your own GitLab Self-Managed instances and wish to publish packages to PyPI using Trusted Publishing, we encourage you to try out Trusted Publishing and provide feedback during this beta phase. Email support+orgs@pypi.org (or click this link for a pre-filled email that you can update with your details).
Oh, and one more thing – an important feature of PyPI Organizations is now available:
You can now create a pending Trusted Publisher at the Organization level.
Why does this matter? Previously, a PyPI user account creating a Pending Trusted Publisher (for a project that does not yet exist) would become the Owner of the project once it’s been uploaded by the Trusted Publisher. This made sense for individual users, but for Organizations, it meant that the user who created the Pending Trusted Publisher would become the Owner of the project once it was published, and may overlook transferring ownership back to the Organization, which is less than ideal.
With this new feature, when creating a Pending Trusted Publisher at the Organization level, the project will be owned by the Organization itself once it’s published, regardless of which user created the Pending Trusted Publisher.
This makes managing projects in Organizations way easier, making sure projects belong to the Organization itself and not just whoever set things up.
If you have a PyPI Organization and wish to create a Pending Trusted Publisher, check it out on your Organization’s Trusted Publishers page, by following:
https://pypi.org/organizations/<your-org-name>/)All other behaviors of Pending Trusted Publishers remain the same, see the Trusted Publishers documentation for more details.
We’re continuing to work on making PyPI publishing safer and more secure, so we’ll keep watching how Trusted Publishing adoption grows. During the GitLab Self-Managed beta, we’d love to hear your feedback so we can improve things based on how you actually use it.
Some next step ideas we have, and would love your feedback on:
For any of these, feel free to visit the related GitHub issue and add your
Live long, and publish!
We've implemented a new security feature designed to protect PyPI users from phishing attacks: email…
We are pleased to announce the release of the new Expense Submission flow! 🎉We’ve done…
Digital signatures add another layer of security to your online transactions and communications. But how…
Unfortunately the string of phishing attacks using domain-confusionand legitimate-looking emails continues. This is the same…
SummaryI recently responded to an attack campaign where malicious actors injected code into GitHub Actions…
Internet security is leveling up with MPIC. While your organization likely won’t need to do…
This website uses cookies.