What are the Principles for Package Repository Security, and how can organizations effectively protect their code supply chain?  The U.S. Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the the Open Source Security Foundation (OpenSSF) Securing Software Repositories Working…