Seen favorably, staged publishing is a band aid. Seen more realistically I believe that in the long run it will even hurt our efforts for more secure infra.
For trusted publishing, it's not a band-aid, it's a significant improvement that kills an entire class of CI takeover publish attacks. I'm sure attackers will find another way but it's a big gap this is closing up.
