Scene Image

Trusted Publishing: The Game

Who needs passwords when you have trust?

Simulation Business Text Game
You play as a PyPI package maintainer who must navigate the complexities of trusted publishing using OIDC. Manage your time, resources, and relationships with external systems to ensure the security and success of your package releases. Will you choose the PyPA's GitHub Action or manually exchange tokens? Will you trust a third-party IdP or set up a specific GitHub Actions environment? Make strategic decisions and earn the trust of the PyPI community.