Ask anyone who’s ever had to administer Java software at scale about what they think about Java trust stores.
runs screaming into the middle distance, breaking down several walls along the way
That is exactly the issue that this is trying to solve. Right now basically everything in Python uses certifi package, which bundles a bunch of root certificates with it, similar to Java’s trust stores. truststore package works by reading the systems root certificate store, which is the better way to deal with it.
That’s excellent news! I suspect there are some folks at work who’ll need to see this. I’ll check up. But knowing them they’re already on it :)