Astral Shares Open Source Security Practices After Supply Chain Attack Wave

Open Source Security at Astral: Lessons from the Supply Chain Attack Wave

Astral, the company behind popular developer tools Ruff, uv, and ty, has published a detailed blog post sharing their CI/CD security practices in response to the growing wave of supply chain attacks in the open source ecosystem.

Context

Recent high-profile compromises — including Trivy, LiteLLM, Ultralytics, tj-actions, and Nx — have shaken developer confidence in the security of their toolchains. Astral's tools are used by millions of developers, making security posture a critical concern.

Key Security Measures

1. Dangerous Trigger Ban: Astral completely forbids and across their entire GitHub organization — the triggers responsible for most GitHub Actions compromises
2. Contributor Workflow Preservation: Despite security restrictions, third-party contributors can still validate PRs using the same CI processes
3. Controlled Environments: Critical development and release processes run inside CI/CD workflows rather than on local machines
4. Observability: All workflow execution happens in controlled, observable environments

Why It Matters

GitHub Actions has poor security defaults, and many projects unknowingly expose themselves through commonly used but dangerous features. Astral's approach of simply eliminating the most dangerous options — rather than trying to use them safely — represents a pragmatic security philosophy that other projects should consider adopting.

The full blog post provides additional details on their specific configurations and recommendations for other maintainers.

Source: astral.sh — via Hacker News