Another step toward better software supply chain security - trust-based auth ftw: github.blog/changelog…