Hackers' Pub

Syntax	Description	Examples
`"` keyword `"`	Finds the string within quotes, including spaces. Case-insensitive. (Escape quotes inside with `\"`)	`"Hackers' Pub"`
`from:` handle	Finds content written by the specified user.	`from:hongminhee` `from:hongminhee@hollo.social`
`lang:` ISO 639-1	Finds content written in the specified language.	`lang:en`
`#` tag	Finds content with the specified tag. Case-insensitive.	`#HackersPub`
condition condition	Finds content that satisfies both conditions on either side of the space (logical AND).	`"Hackers' Pub" lang:en`
condition `OR` condition	Finds content that satisfies at least one of the conditions on either side of the OR operator (logical OR).	`#HackersPub OR "Hackers' Pub" lang:en`
`(` condition `)`	Combines the operators within the parentheses first.	`(#HackersPub OR "Hackers' Pub" OR "Hackers Pub") lang:en`

Bernát Gábor @gaborbernat@fosstodon.org

3/12/2026, 2:44:35 PM

Public

Wrote down everything I wish I knew earlier about Python supply chain security. Hash pinning, pip-audit, SBOMs, trusted publishing — the whole thing. Enjoy 🐍🔒https://bernat.tech/posts/securing-python-supply-chain/

Defense in Depth: A Practical Guide to Python Supply Chain Security

A comprehensive guide to securing your Python dependencies from ingestion to deployment, covering linting, pinning, vulnerability scanning, SBOMs, and attestations

bernat.tech · Bernát Gábor - Engineering & Open Source

If you have a fediverse account, you can quote this note from your own instance. Search https://fosstodon.org/users/gaborbernat/statuses/116216737020019189 on your instance and quote it. (Note that quoting is not supported in Mastodon.)

Brett Cannon @brettcannon@mastodon.social

3/12/2026, 11:06:11 PM

Public

RE: https://fosstodon.org/@gaborbernat/116216737020019189

The stuff about lock files here are also covered by pylock.toml. As well, pylock.toml supports recording attestations in the lock file.