Friday, December 20, 2019

Python 2 series to be retired by April 2020

The CPython core development community is urging users to migrate to Python 3 as it will be the only version that will be updated for bugs and security vulnerabilities.

After nearly 20 years of development on the Python 2 series, the last major version 2.7 will be released in April 2020, and then all development will cease for Python 2. Users are urged to migrate to Python 3 to benefit from its many improvements, as well as to avoid potential security vulnerabilities in Python 2.x after April 2020. This move will free limited resources for the CPthyon core developer community for other important work.

The final Python 2.7 maintenance release was originally planned for 2015. However, it was delayed 5 years to give people adequate time to migrate and to work closely with vendors and redistributors to ensure that supported Python 3 migration options were available. Part of the reason for this delay was because the stricter text model in Python 3 was forcing the resolution of non-trivial Unicode handling issues in the reference interpreter and standard library, and in migrated libraries and applications

Python 3 is a noticeable improvement to Python. There is ground-up support for Unicode and internationalization. It better expresses common idioms and patterns, which in code makes it easier to read and reason about. Improvements in concurrency, fault handling, testing, and debugging provide developers with the opportunity to create more robust and secure applications.

Going forward, Python 3 will be the only major version of CPython that is actively maintained for bugs and security issues.

More information:
 

Clarification Update January 8, 2020

Effective January 1, 2020, no new bug reports, fixes, or changes will be made to Python 2.

After Python 2.7.17 (October 19, 2019) was released, some additional changes accumulated before the end of 2019 when the core development team froze the 2.7 branch. As a final service to the community, python-dev will bundle those fixes -- and only those fixes -- into a final 2.7.18 release. The release date for 2.7.18 will be in April 2020 because that allows time for the release managers to complete a release candidate and final release.

Wednesday, December 04, 2019

Mozilla and Chan Zuckerberg Initiative to support pip



The Python Software Foundation is receiving $407,000 USD to support work on pip in 2020. Thank you to Mozilla (through its Mozilla Open Source Support Awards) and to the Chan Zuckerberg Initiative for this funding! This foundational, transformational work will release Python developers and users to concentrate on the tools they're making and using, instead of troubleshooting dependency conflicts. Specifically, CZI and Mozilla are funding user experience, communications/publicity, and testing work (including developing robust testing infrastructure) as well as core feature development and review.

 

What we're doing with the money

Computers need to know the right order to install pieces of software ("to install x, you need to install y first"). So, when programmers share software, we have to precisely describe those installation prerequisites, and our installation tools need to navigate tricky situations where they're getting conflicting instructions. This project will make pip, a package installer for Python, better at handling that tricky logic, and easier for people to use and troubleshoot.

Millions of people and organizations use tools written in Python, and nearly the entire ecosystem of Python software projects depends on pip. Our project will help everyone more easily install software, diagnose and fix problems, and maintain infrastructure.

The Chan Zuckerberg Initiative funding is, in particular, aimed at improving Essential Open Source Software for Science. Scientists use many tools written in Python -- many of CZI's awardees in this round are written in Python -- but, also, researchers often want to write tools and share them with each other to help science advance faster. Our work will include research and improvements so the installation process will be easier to use and understand, which will enable researchers to build better applications and compose complex toolchains more easily.

We've laid out a detailed three-phase work plan on our pip 2020 Donor-funded Roadmap wiki page. To summarize:

  • Mozilla is awarding PSF a Mozilla Open Source Support Award (Track I: Foundational Technology) for $207,000, which is paying for 5 months of:
    • Python development work: Reviewing and responding to open issues and pull requests, refactoring build logic, collaborating with downstream projects and users about config flags and transition schedules, working on the dependency resolver itself and fixing bugs.
    • Initial user experience research and design work: Reading existing bug reports and posts about Python package management confusion, interviewing users and running user tests, developing user journey maps and workflows, and working with maintainers to write documentation and help messages and to design resolver user experience.
  • CZI is giving PSF an Essential Open Source Software for Science grant for $200,000, which is paying for:
    • 12 months of Python development, test infrastructure, and project maintenance: Triaging bugs and reviewing pull requests, writing test cases, testing lead developers' work, building test infrastructure, investigating and fixing bugs, and writing the raw material for documentation to help future maintainers onboard better.
    • 4 months of Phase III user experience research and design work: Training maintainers in UX design, doing further user tests on the new pip, developing a checklist for developing new features, and making templates for commands, error messages, output, documentation, and config files.
    • Travel for initial developer onboarding and for some contributors to attend PyCon North America.
  • And both CZI and Mozilla are paying for project management (planning, testing, editing, coordinating, communicating with stakeholders, announcing, reporting to funders, and getting obstacles out of everyone's way) and PSF administrative work (recruiting and overseeing contractors, project oversight, and financial processing).
The Packaging Working Group is currently selecting contractors for the programming parts of this work. The other two contractors have already been selected:

 

Why this and why now?

We're partway through a next-generation rewrite of pip's dependency resolver. The project ran into massive technical debt, but the refactoring is nearly finished and prototype functionality is in alpha now.

We need to finish the resolver because many other packaging improvements are blocked on it, it'll fix many dependency issues for Python users, and it'll fix installation problems for conda, certbot, WebSocket, and many other projects. And we need to improve pip's UX by providing better error messages and prompts, logs, output, and reporting, consistently across features, to fit users' mental models better, make hairy problems easier to untangle, and reduce unintended data loss.

The Packaging Working Group looks for potential improvements in Python packaging and distribution that are well-scoped, have community consensus, and could be expedited through funding. In the past three years, the Packaging WG has received funding for several improvements to PyPI -- $170,000 from Mozilla, $80,000 from OTF, and $100,000 from Facebook -- and is seeking to help other packaging tools. In June, pip maintainers and Packaging Working Group members discussed the importance and difficulty of rolling out the new resolver. We worked together to write and submit proposals to Mozilla and the Chan Zuckerberg Initiative.

 

What's next?

This work will start by early January 2020. Day-to-day work will mostly happen in pip's GitHub repository and the Python developers' Zulip livechat. You can check for regular reports at the Python Insider blog and the Packaging category of Python's Discourse developer forum, archived at the Packaging WG's wiki page. And we'll publicize calls for volunteers, especially for user interviews and tests, on this blog, on community mailing lists, and on Twitter.

The Packaging WG will continue to seek funding for future improvements in pip, manylinux, setuptools, the Python Packaging User Guide, PyPI, etc.

 

Thanks

This award continues our relationship with Mozilla, which supported Python packaging tools with a Mozilla Open Source Support Award in 2017 for Warehouse. Thank you, Mozilla! (MOSS has a number of types of awards, which are open to different sorts of open source/free software projects. If your project is looking for financial support, do check the MOSS website to see if you qualify.)

This is new funding from the Chan Zuckerberg Initiative. This project is being made possible in part by a grant from the Chan Zuckerberg Initiative DAF, an advised fund of Silicon Valley Community Foundation. Thank you, CZI! (If your free software/open source project is used by biology researchers, check the Essential Open Source Software for Science Request for Applications and consider applying for the next round).

Thank you to the pip and PyPA maintainers, to the PSF and the Packaging WG, and to all the contributors and volunteers who work on or use Python packaging tools.

Monday, December 02, 2019

Giving Tuesday 2019


For the first time the PSF is participating in Giving Tuesday! This event is held annually the Tuesday after Thanksgiving - this year on December 3rd, 2019. The global celebration runs for 24 hours and begins at midnight local time.

Please donate on December 3rd and help us meet our goal of $10,000!


Donations support sprints, meetups, community events, Python documentation, fiscal sponsorships, software development, and community projects. Your contributions help fund the critical tools you use every day.

What if everyone around the world, gave together, on one day? Please consider supporting the PSF on Giving Tuesday, December 3rd, 2019. 


Your donations have IMPACT

----------------------------------------

Our Annual Report will show just a few ways your support has made a difference, thanks to the generous support from our partners and friends. Some highlights are below:

  • Over $137,200 was awarded in financial aid to 143 PyCon attendees in 2019.
  • $324,000 was paid in grants to recipients in 51 different countries.
  • Donations and fundraisers resulted in $489,152 of revenue. This represents 15% of our total 2018 revenue. PSF and PyCon sponsors contributed over $1,071K in revenue!

How your donation dollars are spent:

  • $99 pays for 6 months of Python meetup subscriptions
  • $60 a month ($2.00 a day) pays for one workshop, impacting over 250 people
  • $.50 a day ($15 a month) pays for a meetup.com subscription for one Python group
  • $1 a day ($30 a month) supports a regional workshop, impacting over 200 people.
  • The PSF meetup.com network currently supports 68 groups with 89,000 members in 16 countries. It costs $.60 per member per month to support these worldwide meetups. 

Comments from grant recipients:

"The PSF Fiscal Sponsorship allows us to focus on building community, while they handle our non-profit status, accounting, and back office." - Eric Holscher, PyCascades Conference Organizer

"The PSF was North Bay Python's first sponsor. Their early financial support for our mission helped kickstart what has become one of the most well-regarded regional conferences in our community." - Christopher Neugebauer, Conference Organizer

"Without the support of the PSF, our events would not have been possible. Many of our attendees are now working or interning as Python or Django Developers." - Jeel Mehta, Django Girls Bhavnagar, India Conference Volunteer

"The PSF grant allowed us to run an all day workshop for women. More organizations should apply for a PSF grant so they can enable and motivate more people, especially minorities, to start their great journey into programming." - Women in Technology, Peru


From the team at the PSF!



______________________________


Monday, November 18, 2019

Python Software Foundation Fellow Members for Q3 2019

We are happy to announce our newest PSF Fellow Members for Q3!

Q3 2019


Abigail Mesrenyame Dogbe

Anton Caceres

Bruno Oliveira

Gautier Hayoun

Mahmoud Hashemi

Manabu Terada

Mannie Young

Michael Young

Noah Alorwu

Paul Kehrer

Tom Viner
Twitter, Blog

Valentin Dombrovsky


Congratulations! Thank you for your continued contributions. We have added you to our Fellow roster online.

The above members have contributed to the Python ecosystem by teaching Python, maintaining popular libraries/tools such as cryptography and pytest, helping document on packaging.python.org, organizing Python events, starting Python communities in their home countries, and overall being great mentors in our community. Each of them continues to help make Python more accessible around the world. To learn more about the new Fellow members, check out their links above.

Let's continue to recognize Pythonistas all over the world for their impact on our community. Here's the criteria our Work Group uses to review nominations:

  • For those who have served the Python community by creating and/or maintaining various engineering/design contributions, the following statement should be true:
    • Nominated Person has served the Python community by making available code, tests, documentation, or design, either in a Python implementation or in a Python ecosystem project, that 1) shows technical excellence, 2) is an example of software engineering principles and best practices, and 3) has achieved widespread usage or acclaim.
  • For those who have served the Python community by coordinating, organizing, teaching, writing, and evangelizing, the following statement should be true:
    • Nominated Person has served the Python community through extraordinary efforts in organizing Python events, publicly promoting Python, and teaching and coordinating others. Nominated Person's efforts have shown leadership and resulted in long-lasting and substantial gains in the number and quality of Python users, and have been widely recognized as being above and beyond normal volunteering.
  • If someone is not accepted to be a fellow in the quarter they were nominated for, they will remain an active nominee for 1 year for future consideration.
  • It is suggested/recommended that the nominee have wide Python community involvement. Examples would be (not a complete list - just examples):
    • Someone who has received a Community Service Award or Distinguished Service Award
    • A developer that writes (more than one) documentation/books/tutorials for wider audience
    • Someone that helps translate (more than one) documentation/books/tutorials for better inclusivity
    • An instructor that teaches Python related tutorials in various regions
    • Someone that helps organize local meet ups and also helps organize a regional conference
  • Nominees should be aware of the Python community’s Code of Conduct and should have a record of fostering the community.
  • Sitting members of the PSF Board of Directors can be nominated if they meet the above criteria.
If you would like to nominate someone to be a PSF Fellow, please send a description of their Python accomplishments and their email address to psf-fellow at python.org. We are accepting nominations for quarter 4 through November 20, 2019. More information is available at: https://www.python.org/psf/fellows/.

Why Sponsor PyCon 2020?





Sponsors help keep PyCon affordable and accessible to the widest possible audience. Sponsors are what make this conference possible. From low ticket prices to financial aid, to video recording, the organizations who step forward to support PyCon, in turn, support the entire Python community. They make it possible for so many to attend, for so many to be presenters, and for the people at home to watch along.

As a PyCon sponsor, your outreach to attendees begins before the conference even starts and lasts throughout the year. Your reach isn’t limited to the number of people who attend the conference itself. Following PyCon, you’ll continue to connect with the Python community through many touch points:
  • Playback and Recorded PyCon Coverage: Over 17,000 people have subscribed to PyCon’s YouTube channel with over 723,000 views of either the keynotes or the recorded videos of PyCon 2018 sessions. Those videos continue to attract viewers today.
  • Conference Page and Announcement E-Lists: The PyCon home page has thousands of unique visitors every year and this year we’ll have an opt-in at signup for a newsletter to receive PyCon announcements.
  • Social Media: The PSF and PyCon Twitter accounts have more than 332,000 followers combined and thousands of followers of the PyCon speakers.
A Silver Sponsorship is a great low-cost option that includes (2) full passes and Job listing(s) on the Jobs Fair page! We also offer organizations with fewer than 25 employees a 30% discount for gold and silver sponsorships.

Check out the new marketing and promotional opportunities for 2020!
We are also happy to customize a sponsorship package to give you the freedom to choose what you think works best in order to meet your event participation goals. Our sponsorship prospectus can be found here.

For more information please contact: pycon-sponsors@python.org





         

Monday, November 11, 2019

Seeking Developers for Paid Contract Improving pip

The Python Software Foundation Packaging Working Group is receiving funding to work on the design, implementation, and rollout of pip's next-generation dependency resolver. (We'll be able to publicly name the funders later this month and in early December.)

pip is the official package installer for Python. pip aims to make it easy for the millions of people who use Python to download and install Python libraries and applications (open source and closed source, source and binary, globally and within isolated virtual environments). It's a foundational component of the Python ecosystem and broader computer software and technology landscape.

This project aims to complete the design, implementation, and rollout of pip's next-generation dependency resolver. This will lower the barriers to installing Python software, empowering users to get a version of a package that works. It will also lower the barriers to distributing Python software, empowering developers to make their work available in an easily reusable form.

Because of the size of the project, funding has been allocated to secure two contractors, a senior developer and an intermediate developer, to work on development, testing and building test infrastructure, code review, bug triage, and assisting in the rollout of necessary features.

We plan to begin the project in Quarter 1 of 2020. We are also interested in senior developer candidates who are available to start in December 2019.

Timeline and budget

Date Milestone
November 11 Request for Proposal period opens.
November 22 Request for Proposal period closes.
November 27 Date proposals will have received a decision.
December 31 Latest date for contracts for accepted proposals to be finalized.
January 2 Latest date for contract work to commence.

Role 1: We seek a senior Python developer, work starting in mid-December 2019 or early January 2020, work ending at the end of May 2020. Pay: $116,375 total (665 hours of work at $175 per hour).

Role 2: We seek an intermediate-to-senior Python developer, work starting in early January 2020, till the end of December 2020. Pay: $103,700 (670 hours of work at $150 per hour), plus $1600 budgeted for onboarding travel and $1600 budgeted for PyCon travel.

What is the Request for Proposals period?

A Request for Proposals (RFP) is a process intended to allow us (the Python Software Foundation) to collect proposals from potential contractors and select contractor(s) best suited to fulfill the specified work.

After the RFP period closes we will evaluate the received proposals based on the evaluation criteria, seek clarification from proposers as necessary, and select one or more contractors to complete the work specified in the scope section.

Note: This Request For Proposal document may be updated to reflect things that we learn during the process. The canonical version and history is available here.

How do I submit a proposal?

First, please read the full contents of the Request for Proposals!

You'll find the instructions for submission, evaluation criteria, as well as the scopes of the two roles, there.

Thursday, October 31, 2019

The 2019 Python Developer Survey is here, take a few minutes to complete the survey!

It is that time of year and we are excited to start the official Python Developers Survey for 2019!

In 2018, the Python Software Foundation together with JetBrains conducted an official Python Developers Survey for the second time. Over 20,000 developers from almost 150 different countries participated..

With this third iteration of the official Python Developers Survey, we aim to identify how the Python development world looks today and how it compares to the last two years. The results of the survey will serve as a major source of knowledge about the current state of the Python community and how it is changing over the years, so we encourage you to participate and make an invaluable contribution to this community resource. The survey takes approximately 10 minutes to complete.

Please take a few minutes to complete the 2019 Python Developers Survey!

Your valuable opinion and feedback will help us better understand how Python developers use Python, related frameworks, tools, and technologies. We also hope you'll have fun going through the questions.

The survey is organized in partnership between the Python Software Foundation and JetBrains. The Python Software Foundation distributes this survey through community channels only (such as this blog, Twitter, mailing lists, etc). After the survey is over, we will publish the aggregated results and randomly select 100 winners (those who complete the survey in its entirety), who will each receive an amazing Python Surprise Gift Pack.

Wednesday, October 30, 2019

CPython Core Developer Sprint 2019

During the week of September 9th to September 13th, 34 core CPython committers gathered together in the Bloomberg London headquarters for the 2019 Python core developer sprint. The core developer sprint is an annual week-long meeting in which the CPython core team has the opportunity to meet each other in person in order to work together free from distractions. Having this many core developers in the same room allows us to work efficiently on several aspects of the Python language and CPython (the default implementation). This can include topics such as future designs and in-process PEPs (Python Enhancement Proposals), prototyping exciting changes that we may see in the future,  various core development processes such as issue triaging and pull request reviewing, and much more! This is a very exhausting week for everyone, but also a very productive one, as these meetings are known for generating a much-needed boost in core development, especially close to new releases.

CPython Core Developers in attendance at 2019 Sprint

This year’s core developer sprint was funded thanks to the Python Software Foundation (PSF) and the donation of PyLondinium 2019 ticket proceeds, which were gathered specifically to support this event. This helped the PSF cover the cost of travel and accommodation for all core developers attending. Additionally, some companies covered their employees’ expenses, such as Microsoft, Facebook, Google and Red Hat. Bloomberg provided the venue, infrastructure and catering, as well as some events that happened during the week.

Major Achievements


One of the main advantages of having the core developers together in the same room is how much smoother the iteration and design process is. For example, major achievements were made around the release of Python 3.8 (and older versions) in terms of stability and documentation and many exciting things were prepared for future releases. Some highlights include:


  • More than 120 pull requests were merged in the CPython repository. We had a friendly competition in which attending core developers were ranked based on the number of pull requests merged (only those pull requests created by others were considered). In the end, the winners received a poster with all of the attendees’ names created specifically for the sprint.
  • Discussions around PEP 602: Python 3.9 release schedule, including gathering user feedback about several aspects of the PEP.
  • Work on improving the bugs.python.org interface and feature set, including updating the infrastructure to the latest roundup version and reworking the CSS to give a friendlier face to the site.
  • API design and discussion around PEP 416 -- Add a frozendict built-in type.
  • Draft design on a future PEP to implement an exception hierarchy to support TaskGroups and cancel scopes.
  • Work towards multiple interpreters: major efforts are needed before we have one GIL per interpreter. This included starting to refactor the existing global state into per-interpreter structures and developing tests that avoid new global state bleeding.
  • Work on a PEG-based parser prototype to substitute the current parser in order to improve maintenance and allow dropping the LL(1) restriction in the future.
  • Several pull requests to squash some complex bugs in multiprocessing.
  • Work on a possible implementation to introduce a Control Flow Graph (CFG) optimizer in CPython.
  • Work on the CI process. AppVeyor was dropped and replaced with Azure Pipelines.
  • Major improvements in the unittest.mock module, such as perfecting the new AsyncMock and related documentation, work on a prototype to add a WaitableMock class that can be joined (for threaded scenarios), as well as bug squashing around the module.


As you can imagine, with this level of activity, the buildbots were at maximum capacity and many issues were found and fixed both during and after the sprint.

Friday Event


As part of the core dev sprint, an event was organized with the help of Bloomberg in order to let the community know about the work done during the core developer sprint, why these events are important, and the impact they have on the future of the language. The event consisted of 4 lightning talks about some of the things worked on during the sprint:

Moderated panel discussion at the CPython Core Developer Sprint Friday Event


  • Work in AsyncMock - Lisa Roach
  • Removing dead batteries in the standard library - Christian Heimes
  • Sub-Interpreters support in the standard library - Eric Snow and Joannah Nanjekye
  • Improving bugs.python.org - Ezio Melotti



There was also a moderated Q&A session about the core development sprint and, more generally, Python’s future direction. 



We hope that events like this will help communicate more transparently what the core developers do at the sprints and how much impact these events have on maintenance, processes, and the language itself.

Mentorees


As part of the ongoing effort to improve mentoring and growing the core dev team, two mentees who have been contributing for a long period of time and have previously been awarded triaging privileges were invited to the sprint. Joannah Nanjekye was being mentored by Eric Snow, while Karthikeyan Singaravelan was being mentored by Yury Selivanov (and remotely by Andrew Svetlov). Mentoring is a very important part of core development, as it helps to grow the core dev team and allows us to have more impact and scalability in the different areas that are the responsibilities of the core dev team. As a result of this mentoring process, Joannah Nanjekye was been promoted to a core developer a few weeks after the core dev sprint! 

Other Blogs


Some of the other attendees have posted their own blogs describing their experiences at the sprints (this list may be updated over time as additional updates are published by other core devs).




Thank you!


A huge thanks to all the participants who attended, the various companies who sponsored parts of the event, and the PSF for covering the majority of travel expenses. We also thank those core developers who could not attend this year. 

CPython Core Developers in attendance at 2019 Sprint

Attendees: Christian Heimes, Ezio Melotti, Ned Deily, Benjamin Peterson, Mark Shannon, Michael Foord, Joannah Nanjekye, Karthikeyan Singaravelan, Emily Morehouse, Jason R. Coombs, Julien Palard, Stéphane Wirtel, Zachary Ware, Petr Viktorin, Łukasz Langa, Davin Potts, Yury Selivanov, Steve Holden, Stefan Behnel, Larry Hastings, Guido van Rossum, Carol Willing, Gregory P. Smith, Thomas Wouters, Dino Viehland, Mark Dickinson, Vinay Sajip, Paul Ganssle, Steve Dower, Lisa Roach, Eric Snow, Brett Cannon, Pablo Galindo

Written by: Pablo Galindo

Thursday, October 24, 2019

Chris Angelico: 2019 Q2 Community Service Award Winner

The Python language is used around the world, and therefore so much surrounding it happens online. Python users turn to wikis, mailing lists, and forums to get their questions answered and concerns addressed. Python core developers use mailing lists to decide on critical additions and timelines. All this requires trusted and experienced contributors and administrators to ensure these wikis and mailing lists are focused on the Python language. Chris Angelico is one of these individuals and for this work, the PSF is pleased to present him with the Q2 2019 Community Service Award:
RESOLVED, that the Python Software Foundation award the Q2 2019 Community Service Award to Chris Angelico for his work towards fostering the online Python community by helping maintain the pydotorg-www mailing list, helping community members get edit access to the public-facing Python wiki, and also for being an active contributor to python-ideas mailing list and the python-dev mailing list.
Chris had a very noble reason to start programming: his older brother was doing it so he had to follow suit! This, along with getting into the family business of importing and exporting educational materials, led to a lifelong love of learning and technology. By the 1990’s Chris was working as a developer and first used Python when he needed to embed a scripting language in a C++ project. “Python offered a simple, clean, boilerplate-free scripting language that still had all the power that I needed for that initial project,” he says. Though the project ended up going in a different direction, Chris was already hanging out on Python mailing lists and was there to stay.

Since 2012, Chris has been an active contributor to the python-dev and python-ideas mailing lists, which are a large part of how the Python language gets developed. python-dev is used by core developers to discuss release dates and plans that could involve breaking changes to Python. On python-ideas, topics surround proposals that haven't matured enough to discuss on python-dev, and contributors can either reject ideas or help to refine them until they can be seriously proposed. “Both lists have a lot of incredibly smart people, but also very opinionated people, so it's pretty awesome to hang out and discuss,” says Chris. “They are significant parts of the funnel that brings proposals to fruition. Many changes start out with a discussion on python-ideas, then perhaps a PEP [Python Enhancement Proposal] is written, and it's discussed at length before migrating to python-dev for detailed discussion, and then finally code gets written and merged in.”

“Over the years I've known him, he's helped many people with technical questions.” recalls fellow python-ideas contributor Steve D’Aprano, “he's also been granted write permissions for the PEP repo, so Chris is the guy to go to for technical help with writing PEPs and pushing them into the repo.”

In 2015, a dominant topic on python-ideas was the f-string, a briefer string format than was previously available. Those against it said it was not Pythonic, and those for it said it was more readable than existing options. “The discussion went back and forth on that one, with many people supporting it intensely, and many others fighting just as intensely against it,” recalls Chris. F-strings were added to the Python core library in version 3.6, and you can read the discussion on python-ideas here.

A user-maintained repository of all things Python, the Python Wiki holds everything from user guides to advanced topics in the Python ecosystem. Since 2012 Chris has been an administrator, making sure contributors are actual humans with honest intent. “If it weren't for Chris I doubt the wiki would be anywhere near as popular as it is,” notes Steve Holden, PSF Director (2004-2013) and creator of the Community Service Award. “His efforts on python-dev help to keep Python moving forward and I'm happy that Chris' efforts for the community are being publicly recognised in this way.” More on how to become a contributor to the Python wiki can be found here.

Chris can even thank his work on Python lists for his current job teaching Python and JavaScript to adult learners at Thinkful. “The company head-hunted me based on the mailing list posts they saw.” Chris recalls, “So if you, too, enjoy coding and talking about code, hang out, you never know who'll notice you!”

In his free time, he can be found playing and modding video games. He’s a big fan of Alice in Wonderland, which he frequently uses as an avatar.

Monday, September 30, 2019

Grants Awarded for Python in Education

The Python Software Foundation has been asked about Python in education quite a bit recently. People have asked, “Is there an official curriculum we can use?”, “Are there online resources?”, “Are there efforts happening to improve Python on mobile?”, and so on.

9 years ago we instituted the Education Summit at PyCon US where educators as well as students work together on initiatives and obstacles. Earlier this year we decided we needed to do more. In November of 2018, the PSF created the Python in Education Board Committee and it was tasked with finding initiatives to fund to help improve the presence of Python in education.

In January of this year, the Python in Education Board Committee launched a “request for ideas” phase taking suggestions from the community on what we should focus our funding on. After the RFI period, we came up with 3 areas of education we wanted to focus on and asked to receive grant proposals on the following: resources (curriculums, evaluations, studies, multidisciplinary projects), localization (primarily translations), and mobile (development on mobile devices).

We are happy to publish more details on the grants the PSF approved from this initiative!

Beeware

The BeeWare Project wants to make it possible for all Python developers to write native apps for desktop and mobile platforms. Most desktop operating systems and iOS are supported already, but Android needs attention. Since Android users outnumber other mobile OS users worldwide by over 3 to 1, we determined it is important to fund this project. Beeware was awarded a $50,000 grant to help improve Python on Android. Phase one will be starting soon with this set of goals:

  1. A port of the CPython runtime to Android, delivered as a binary library ready to install into an Android project.
  2. A JNI-based library for bridging between the Android runtime and the CPython runtime.
  3. A template for a Gradle project that can be used to deploy Python code on Android devices. 

Beeware announced that they are looking for contractors to help with the work. Check out their blog post for more information.

Python in Education Website

Educational resources are in demand.  The PSF awarded a grant of $12,000 USD to Meg Ray, to work on creating a Python in Education website where we can curate educational information from all over the world. Meg will begin by collecting resources and after auditing the shared information, she will work on organizing it on an official PSF webpage. This work will begin in October of 2019 so please keep an eye out for updates via tweets and blogs!

Friendly-tracebacks

Lastly is a project called friendly-tracebacks. This project is not in need of financial support but is asking the PSF to help publicize it.  Friendly-traceback aims to provide simplified tracebacks translated into as many languages as possible. The project maintainer is looking for volunteers to help with tasks such as documenting possible SyntaxError use cases and documenting exceptions that haven't already been covered. Read more on their blog for the full call to action from the maintainer.

We hope to continue this initiative yearly! Companies that are passionate about supporting Python in Education should get in touch; we can't continue our work without your support!  As a non-profit organization, the PSF depends on sponsorships and donations to support the Python community.

Donate to the PSF: https://www.python.org/psf/donations/
Sponsor the PSF: https://www.python.org/psf/sponsorship/

Thursday, September 26, 2019

Felipe de Morais: 2019 Q2 Community Service Award Winner

Pythonistas everywhere benefit when our community reflects the many backgrounds and experiences of Python’s users. However it can be challenging to participate in the community when there are no local user groups or harder yet if groups do exist but you do not feel represented in them. After learning that a friend was experiencing gender descrimination at work, Felipe de Morais of Porto Alegre, Brazil, decided to start Django Girls Porto Alegre. By starting this group, women like his friend who were facing similar challenges could have a community to call their own.

Since Django Girls Porto Alegre took off in 2015, it has become one of the most active Django Girls groups in the world. Inspired by Django Girls and PyLadies, Felipe also started AfroPython, an initiative to empower Black people through technology. Additionally, Felipe contributes to Operação Serenata de Amor, an open source project that monitors public spending by politicians. For this work the PSF is pleased to award Felipe de Morais with the Q2 2019 Community Service Award:

RESOLVED, that the Python Software Foundation award the Q2 2019 Community Service Award to Felipe de Morais for his work towards facilitating the growth of the Python Brazilian community by organizing workshops, contributing to open source code that benefits the Brazilian people and for setting an example for all community organizers.

Felipe grew up in Rio De Janeiro where he earned a graduate degree in Computer Science and later moved to Porto Alegre in southern Brazil. With a strong desire to be part of a community, Felipe traveled to IT-related Meetup groups but longed for more accessible means to network and teach. Python was his go-to language for its simplicity and ease, and he loved to teach the language to help other people along in their careers. It is no surprise that the groups he’s started have both a Python and inclusivity focus.

When asked about his motivation for starting Python groups, Felipe says that that he simply gets great joy out of helping people. “I've seen people starting their work life because the workshop unlocked this career path for them,'' he says. “The most important part of it is the relationships made along the way, which make a great support system for a lot of people making positive life changes.”

AfroPython 2017
Renata D'Avila, a Django Girls Porto Alegre organizer, met Felipe 2016 at a Hackerspace event and the two have kept in touch ever since. “He is one of the people behind one of the biggest Django Girls workshop ever organized.” she recalls, “Django Girls Porto Alegre 2017 had about 180 people involved, among participants, mentors, and organizers.” However the event, as most events do, encountered some bumps in the road. As lunchtime rolled around and the planned caterers never showed up, Felipe raced across campus and resolved the issue, returning to the event with enough food for everyone. “That was one of the greatest achievements of that huge workshop,” says Renata, “that everyone could eat and that the schedule for the workshop was kept without people even knowing about how much effort it took to make it work.”

AfroPython 2018
Amanda Vieira met Felipe at Django Girls Porto Alegre and later worked with him to create AfroPython. She says of his work in these groups, “He has always helped both in the organization of events and as a coach, encouraging more and more women to get started in the area [of tech].” He has even developed a nickname, she quips “In his workplace and with friends, he is known as Felipython for all his involvement with language and the community.”

In May of 2017 when Felipe was attending Python Sudeste, a regional Python event in southeastern Brazil, he met Jessica Temporal. Jessica had been working as a data scientist on a large political open-source project, Operação Serenata de Amor. Serenata analyzes open data from the Brazilian government and flags expenses made by elected politicians that might be unlawful. Jessica was organizing a sprint at the conference and Felipe jumped in to help. In addition to working on some important refactoring and code readability issues, “Felipe was significant in making the project more friendly to newcomers,'' she says. He continues to contribute to the project today.

Felipe (left) with Seranata founder Eduardo Cuducos (middle) and Seranata data scientist Jessica Temporal (right)
Though Django Girls Porto Alegre and AfroPython have taken off, Felipe has no plans to slow down. In addition to continuing to work on open source projects, he is on the organizing team for the first ever AfroPythonConf later this year, and will be a keynote speaker at Python Brazil 2019.

CSA Award Winner Felipe de Morais
In his free time, Felipe enjoys Brazilian Jiu Jitsu, playing video games that remind him of his childhood, watching anime, and helping friends with finances and investments.

Wednesday, September 25, 2019

PyPI Security Q4 2019 Request for Proposals period opens.

The Python Software Foundation Packaging Working Group has received a grant from Facebook Research to implement advanced security features for PyPI. These features include cryptographic signing of uploaded artifacts and the infrastructure necessary to implement automated detection of malicious files uploaded to the index.
The Python Package Index (PyPI) is a foundational component of the Python ecosystem and broader computer software and technology landscape. This project aims to improve the security and accessibility of PyPI for all users worldwide, whether they are direct users, like project maintainers and pip installers, or indirect users. The impact of this work will be highly visible and improve crucial features of the service.
We plan to begin the project in Quarter 4 of 2019. Because of the size of the project, funding has been allocated to secure one or more contractors to complete the development, testing, verification, and assist in the rollout of necessary features.

Timeline

DateMilestone
September 25Request for Proposal period opened.
October 21Request for Proposal period closes.
October 29Date proposals will have received a decision.
December 2Contract work commences.

What is the Request for Proposals period?

A Request for Proposal (RFP) is a process intended to allow us (The Python Software Foundation) to collect proposals from potential contractors and select contractor(s) best suited to fulfill the specified work.
After the RFP period closes we will evaluate the received proposals based on the evaluation criteria, seek clarification from proposers as necessary, and select one or more contractors to complete the work specified in the scope.
The Request for Proposals period opens today, September 25th, 2019, and is scheduled to close October 21, 2019 AoE.

How do I submit a proposal?

First, please read the full contents of the Request for Proposals here!
You'll find the instructions for submissionevaluation criteria, as well as scope of the project there.

Tuesday, September 24, 2019

The Python Software Foundation has updated its Code of Conduct

The Python community values members who are accepting, helpful, and respectful: for many years, the Python Software Foundation (PSF) has had an organization-wide Code of Conduct that defines these values, and behaviors that we want to have in our community. The Foundation has also insisted for years that every event that we sponsor have a Code of Conduct in place.

But spaces where our community meets – online, or in person – need a Code of Conduct that does more than just emphasize our values. The PSF’s flagship conference, PyCon US, has had its own Code of Conduct – separate from the PSF Code of Conduct – for many years. The PyCon US Code of Conduct not only highlights our community’s values, but it also identified behaviors that are not acceptable at the conference, explained how to report violations, and included enforcement procedures.

The PSF Board approved a new organization-wide Code of Conduct and enforcement guidelines at the August 2019 board meeting, and reporting guidelines at the September 2019 board meeting, taking effect immediately.

Our new Code of Conduct brings together the statement of values defined in the former PSF Code of Conduct, and enforcement guidelines – proven through our experience at PyCon US – that the PSF can now apply to every space that we oversee.

It saves the PSF from having to enforce two Codes of Conduct: one for PyCon US, and another for our other spaces. In crafting the Code of Conduct, we undertook an intentional effort to account for the unique needs of an international community that spans all seven continents on Earth.

Community members will now know that if they’re participating in an online space, a project, or an event facilitated by the PSF they will be subject to the same Code of Conduct, and will be able to report incidents in the same way.

The process of defining the new Code of Conduct was led by the PSF’s Conduct Working Group, which the PSF established in 2018. The PSF worked with Sage Sharp of Otter Tech to produce the draft of the new Code of Conduct. Sage has previously worked on the Codes of Conduct for Open Source communities including the Data Carpentries, Elastic Search, and GNOME, and previously worked with the PSF on modernizing PyCon US’ Code of Conduct and incident response procedures. 

In the future, the Conduct Working Group will help the Board oversee the reporting and enforcement of Code of Conduct reports, following the enforcement guidelines that accompany the new Code of Conduct.

The Board thanks the Conduct Working Group, and Sage Sharp for their invaluable service in getting our new Code of Conduct in place.

Wednesday, August 28, 2019

PyPI Security Q4 2019 Request for Information period opens.

The Python Software Foundation Packaging Working Group has received funding from Facebook research to develop and deploy of enhanced security features to PyPI.
PyPI is a foundational component of the Python ecosystem and broader computer software and technology landscape. This project aims to improve the security and accessibility of PyPI for all users worldwide, whether they are direct users like project maintainers and pip installers or indirect users. The impact of this work will be highly visible and improve crucial features of the service.

Specifically, this project aims to implement verifiable cryptographic signing of artifacts and infrastructure to support automated detection of malicious uploads to the index.
We plan to begin the project in December 2019. Because of the size of the project, funding has been allocated to secure one or more contractors to complete the development, testing, verification, and assist in the rollout of necessary features.
Register Interest
To receive notification when our Request for Information period closes and the Request for Proposals period opens, please register your interest here.

What is the Request for Information period?

A Request for Information (RFI) is a process intended to allow us (The Python Software Foundation) and potential contractors to openly share information to improve the scope and definition of the project at hand. Also, we encourage stakeholders in the community with expertise in the project areas to contribute their viewpoints on open questions for the scope of the work.
We hope that it will help potential contractors better understand the work to be completed and develop better specified proposals. Additionally we have designed the RFI with an open nature in order to expose the project to multiple perspectives and help shape the direction for some choices in the project.
The Request for Information period opens today, August 28, 2019, and is scheduled to close September 18, 2019.
After the RFI period closes, we will use the results of the process to prepare and open a Request for Proposals to solicit proposals from contractors to complete the work.

More Information

The full version of our Request for Information document can be found here.

Participate!

Our RFI will be conducted on the Python Community Discussion Forum. Participants will need to create an account in order to propose new topics of discussion or respond to existing topics.
All discussions will remain public and available for review by potential proposal authors who do not wish to or cannot create an account to participate directly.

Tuesday, August 27, 2019

Python Software Foundation Fellow Members for Q1 & Q2 2019


We are happy to announce our newest PSF Fellow Members! This group includes nominated Fellows from Q1 and Q2 of 2019.

Q1 2019

Christoph Gohlke

Q2 2019

Aaron Yankey

Chris Jerdonek

Florian Bruhin
Matt Lebrun
Micaela Reyes
Pradyun Gedam
Rami Chowdhury
Tania Allard
Congratulations! Thank you for your continued contributions. We have added you to our Fellow roster online.

The above members have contributed to the Python ecosystem by teaching Python, maintaining popular libraries/tools, maintaining pip, organizing Python events, starting Python communities in their home countries, and overall being great mentors in our community. Each of them continues to help make Python more accessible around the world. To learn more about the new Fellow members, check out their links above.

Let's continue to recognize Pythonistas all over the world for their impact on our community. Here's the criteria our Work Group uses to review nominations:

  • For those who have served the Python community by creating and/or maintaining various engineering/design contributions, the following statement should be true:
    • Nominated Person has served the Python community by making available code, tests, documentation, or design, either in a Python implementation or in a Python ecosystem project, that 1) shows technical excellence, 2) is an example of software engineering principles and best practices, and 3) has achieved widespread usage or acclaim.
  • For those who have served the Python community by coordinating, organizing, teaching, writing, and evangelizing, the following statement should be true:
    • Nominated Person has served the Python community through extraordinary efforts in organizing Python events, publicly promoting Python, and teaching and coordinating others. Nominated Person's efforts have shown leadership and resulted in long-lasting and substantial gains in the number and quality of Python users, and have been widely recognized as being above and beyond normal volunteering.
  • If someone is not accepted to be a fellow in the quarter they were nominated for, they will remain an active nominee for 1 year for future consideration.
  • It is suggested/recommended that the nominee have wide Python community involvement. Examples would be (not a complete list - just examples):
    • Someone who has received a Community Service Award or Distinguished Service Award
    • A developer that writes (more than one) documentation/books/tutorials for wider audience
    • Someone that helps translate (more than one) documentation/books/tutorials for better inclusivity
    • An instructor that teaches Python related tutorials in various regions
    • Someone that helps organize local meet ups and also helps organize a regional conference
  • Nominees should be aware of the Python community’s Code of Conduct and should have a record of fostering the community.
  • Sitting members of the PSF Board of Directors can be nominated if they meet the above criteria.
If you would like to nominate someone to be a PSF Fellow, please send a description of their Python accomplishments and their email address to psf-fellow at python.org. We are accepting nominations for quarter 4 through November 20, 2019. More information is available at: https://www.python.org/psf/fellows/.

Monday, August 19, 2019

Humble Bundle by No Starch supports the Python Software Foundation!

We are super excited to announce that the Python Software Foundation is featured as a charity in a Humble Bundle by No Starch Press this month.



This bundle features books such as Python Playground, Mission Python, Invent your own Computer Games with Python, and so much more.

Click here to see all the books being featured and GET THE BUNDLE before it closes! The bundle will run from August 19th to September 2nd (11am Pacific). Proceeds received help charities such as the Python Software Foundation (PSF). Once you click to get your bundle, you can also choose where your money goes if you'd like to customize the split of proceeds.



Humble Bundle sells games, ebooks, software, and other digital content. Their mission is to support charity while providing awesome content to customers at great prices. Thanks to past Humble Bundles that the PSF has been a part of, this program has helped the PSF raise more than $300,000 since 2017! The PSF and the Python community thank Humble Bundle and all of the featured products that have selected the PSF as one of their charities. This funding has had a positive impact for Pythonistas all around the world.

No Starch is a long time community contributor supporting the PSF in various Bundles and supporting Young Coder classes that happen at PyCon US.  “As one of the leading publishers of Python books worldwide, No StarchPress is very excited to support the organization at the core of the Python programming language” said No Starch Press Founder Bill Pollock. “Python is at the core of so much technical work today and very much at the core of our publishing program.”

The PSF staff and board of directors send a big "Thank You!" to everyone involved.


Wednesday, July 31, 2019

PyPI now supports uploading via API token

We're further increasing the security of the Python Package Index with another new beta feature: scoped API tokens for package upload. This is thanks to a grant from the Open Technology Fund, coordinated by the Packaging Working Group of the Python Software Foundation.

Over the last few months, we've added two-factor authentication (2FA) login security methods. We added Time-based One-Time Password (TOTP) support in late May and physical security device support in mid-June. Now, over 1600 users have started using physical security devices or TOTP applications to better secure their accounts. And over the past week, over 7.8% of logins to PyPI.org have been protected by 2FA, up from 3% in the month of June.

Add API token screen, with textarea for token name and dropdown menu to choose token scope
PyPI interface for adding an
API token for package upload
Now, we have another improvement: you can use API tokens to upload packages to PyPI and Test PyPI! And we've designed the token to be a drop-in replacement for the username and password you already use (warning: this is a beta feature that we need your help to test).

How it works: Go to your PyPI account settings and select "Add API token". When you create an API token, you choose its scope: you can create a token that can upload to all the projects you maintain or own, or you can limit its scope to just one project.


API token management interface displays each token's name, scope, date/time created, and date/time last used, and the user can view each token's unique ID or revoke it
PyPI API token management interface
The token management screen shows you when each of your tokens were created, and last used. And you can revoke one token without revoking others, and without having to change your password on PyPI and in configuration files.

Uploading with an API token is currently optional but encouraged; in the future, PyPI will set and enforce a policy requiring users with two-factor authentication enabled to use API tokens to upload (rather than just their password sans second factor). Watch our announcement mailing list for future details.

A successful API token creation: a long string that only appears once, for the user to copy
Immediately after creating the API token,
PyPI gives the user one chance to copy it

Why: These API tokens can only be used to upload packages to PyPI, and not to log in more generally. This makes it safer to automate package upload and store the credential in the cloud, since a thief who copies the token won't also gain the ability to delete the project, delete old releases, or add or remove collaborators. And, since the token is a long character string (with 32 bytes of entropy and a service identifier) that PyPI has securely generated on the server side, we vastly reduce the potential for credential reuse on other sites and for a bad actor to guess the token.


Help us test: Please try this out! This is a beta feature and we expect that users will find minor issues over the next few weeks; we ask for your bug reports. If you find any potential security vulnerabilities, please follow our published security policy. (Please don't report security issues in Warehouse via GitHub, IRC, or mailing lists. Instead, please directly email security@python.org.) If you find an issue that is not a security vulnerability, please report it via GitHub.

We'd particularly like testing from:
  • Organizations that automate uploads using continuous integration
  • People who save PyPI credentials in a .pypirc file
  • Windows users
  • People on mobile devices
  • People on very slow connections
  • Organizations where users share an auth token within a group
  • Projects with 4+ maintainers or owners
  • People who usually block cookies and JavaScript
  • People who maintain 20+ projects
  • People who created their PyPI account 6+ years ago
What's next for PyPI: Next, we'll move on to working on an advanced audit trail of sensitive user actions, plus improvements to accessibility and localization for PyPI (some of which have already started). More details are in our progress reports on Discourse.

Thanks to the Open Technology Fund for funding this work. And please sign up for the PyPI Announcement Mailing List for future updates.