You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When receiving a valid signed package, I would register the certificate always, without requiring an explicit gesture (checkbox in Web, --register-certificate in CLI).
The signature probes the user has access to the private key, and that should be enough.
Registering a certificate ahead of time can be considered as Opt-In for extra auth protection, but not a requirement.
/cc: @rido-min @onovotny (your feedback)
Package upload
Note: The 2FA requirement for registering certificates applies.
Package push (P2)
With an additional push option:
The text was updated successfully, but these errors were encountered: