OIDC authentication worked correctly throughout the TanStack attack. The build cache is the substrate participant that wasn't governed. Here's the full audit checklist and the governance analysis that explains why OIDC alone can't prevent this attack class. The TanStack NPM supply chain attack compromised 84 package versions across 42 packages in approximately 20 minutes. The attack chain: pull_request_target misconfiguration → build cache poisoning → OIDC token extraction from runner memory → authenticated publication of malicious packages Enter fullscreen mode Exit fullscreen mode Before the audit checklist, one framing point that changes how you think about this attack class: OIDC authentication worked correctly throughout. The token was valid. The workload was authenticated. The authorization was granted. Everything Workload Identity Federation was designed to protect was functioning as intended. The attack lived in the layer below authentication—the build cache.…