Ensuring Open Source Security at Astral

At Astral, we prioritize the security of our tools, which are trusted by millions of developers globally. In light of increasing supply chain attacks, like the recent Trivy and LiteLLM incidents, we are committed to sharing our security practices to benefit our users, other projects, and CI/CD developers.

## CI/CD Security

Our development velocity for tools like Ruff, uv, and ty is maintained through robust CI/CD workflows on GitHub Actions. These workflows are crucial for keeping development processes secure and away from local machines. However, GitHub Actions has poor security defaults, which have led to compromises in other projects. To mitigate these risks, we avoid using insecure triggers like `pull_request_target` and `workflow_run`, opting instead for safer alternatives or GitHub Apps for necessary use cases.

We pin all actions to specific commits to prevent unauthorized changes, using tools like zizmor's audits and GitHub's hash-pinning policy. This ensures reproducibility and security, although manual reviews are still necessary to identify immutability gaps.

## Repository and Organizational Security

We limit high-privilege roles and enforce strong 2FA methods for all members. Branch and tag protection rules are in place to prevent unauthorized changes, and repository admins cannot bypass these protections. We share our rulesets to help others implement similar controls.

## Automations

For tasks that GitHub Actions cannot securely handle, like commenting on third-party issues, we use GitHub Apps. These apps provide more control and security, though they require careful development to avoid vulnerabilities.

## Release Security

We use Trusted Publishing to eliminate long-lived registry credentials and generate Sigstore-based attestations for our binary and Docker releases. Immutable releases prevent post-hoc modifications, and our release processes are isolated and require multiple approvals to prevent unauthorized actions.

## Dependency Security

We manage dependencies with tools like Dependabot and Renovate, maintaining social connections with upstream projects for security contributions. We are cautious about adding new dependencies and financially support projects that advance the OSS ecosystem.

## Concluding Thoughts

Open source security is complex, involving both technical and social challenges. We emphasize the importance of CI/CD, credential isolation, strong release processes, and dependency awareness. As attackers evolve, so must our defenses, and we continue to refine our security practices.