**Author signing:** The developer signs with their personal key - **Build system signing:** The CI/CD pipeline signs artifacts automatically - **Repository signing:** The package registry signs all hosted packages - **Notarization:** A third party (like Apple's notarization service) attests that cod