Thursday, December 20, 2018

Upcoming PyPI Improvements for 2019

The Python Package Index (PyPI) is far and away the largest and most visible service that the Python Software Foundation (PSF) supports for the Python community. Throughout the project’s 16 year history, it has primarily relied on volunteers and donated services to operate as it grew from an empty repository to one hosting more than 1.1 million releases for over 162,000 projects and serving more than 2.2 petabytes in 13.8 billion requests in the last month.

In November 2017, we announced an award from the Mozilla Open Source Support (MOSS) program that made it possible to launch the ground up rewrite of PyPI’s backend in April of 2018. This milestone has offered lower maintenance overhead and helped put the codebase into a much better state to add new features, improved security, and increased accessibility for users.

While some smaller features have already been proposed, designed, submitted, reviewed, and merged by volunteer contributors, other larger improvements warrant paid work. As 2019 approaches, we are excited to look forward to plans that will help deliver important improvements to the security and accessibility of PyPI.

As a grant-giving non-profit, the Python Software Foundation is grateful to the organizations that make funding this work possible. For 2019 we are glad to have two initiatives in the works.

Facebook Gift

We’re excited to announce that Facebook has provided the Python Software Foundation with a monetary gift that will be used to fund the development and deployment of enhanced security features to PyPI. As a major Python user, contributor, and supporter, Facebook was impressed with the success of the MOSS award and is enthusiastically assisting with further enhancements to PyPI with this gift.

The PSF Packaging Working Group plans to use these funds to implement highly requested security features in PyPI such as cryptographic signing and verification of files uploaded and installed from the index. Additionally, systems for the automated detection of malicious uploads will lower the time to response and improve the resiliency of PyPI against attacks such as “pytosquatting”.

This work will be undertaken in the second half of 2019 but planning will begin in the second quarter of the year.

Open Technology Fund

The Open Technology Fund (OTF) supports projects and people that develop open and accessible technologies promoting human rights and open societies and help advance inclusive and safe access to global communications networks.

The PSF Packaging Working Group is delighted to have been awarded a contract through the OTF Core Infrastructure Fund to add key security features to PyPI including API keys, multi-factor authentication, and audit logs. Additionally, accessibility and localization features will be a key focus as we ensure service’s ability to support our global community of users.

Get Involved

We plan to begin this work in the first quarter of 2019, if you’re interested in getting involved, keep reading!

If you’re interested in getting involved, you can do so today by responding to our Request for Proposals to fulfill the OTF contract. This RFP will close January 25th, 2019 AoE. If you’re interested in getting involved at a later date to complete the work planned for the Facebook Gift, keep your eyes on this blog, subscribe to the PSF newsletter, or follow us on Twitter.

Wednesday, December 19, 2018

PyPI Security and Accessibility Q1 2019 Request for Proposals Update

Earlier this year we launched a Request for Information (RFI) followed by the launch of a Request for Proposals (RFP) in November to fulfill a contract for the Open Technology Fund (OTF) Core Infrastructure Fund.

The initial deadline for our RFP was December 14th. We had hoped to begin work with the selected proposers in January 2019, but ultimately fell short of the ability to do so.

What’s holding us back

After the deadline passed there were no proposals submitted for Milestone 2. This leaves us in a position where the project cannot proceed as planned without reassessing the RFP process and extending the deadline.

How we’ll move forward

The RFP document has been updated based on feedback received from those who took part in the initial period to allow for additional flexibility on proposal parameters.

The RFP contained two milestones that could be proposed for independently or as a pair. In responses to our RFP the security development milestone (Milestone 1) received more attention than the accessibility and internationalization milestone (Milestone 2).

Given that we will at least need to extend the RFP period to obtain proposals for Milestone 2, we plan to continue to accept proposals for both. This offers us the best chance to select a proposal that will best utilize the available funds.

Our new deadline for responses will be the end of the day January 31st, 2019 AoE. You can read the full Request for Proposals document here.

If you have any questions, concerns, or feedback about the RFP please contact the Python Software Foundation Director of Infrastructure, Ernest W. Durbin III. Proposers may also discuss the RFP in our community discussion forum at

Monday, December 17, 2018

Evangelizing Python in Africa: Chukwudi Nwachukwu, Q2 CSA Recipient

Chukwudi, or Chux as he is often referred to in more familiar circles, is the president of Python Nigeria (@PythonNigeria) and has served as part of the PSF’s Grants Working Group for several years. Some of the work he has done with the grants working group involves dealing with very delicate situations, as grant requests need to be authenticated and require due diligence to properly understand the local context for preparing and awarding a grant. According to Nicholas H. Tollervey, a fellow Grants Working Group member, Chux regularly contacts, researches and (where possible) visits in-person many of the requesters so the Grants Work Group has the context needed to be able to make an informed decision. All of this detail oriented  work requires a great deal of interpersonal skill and effort, which Chux exerts freely as a credit to our larger Python community. 

It is for this demonstrated passion and devotion to the Python community that in July 2018 the Python Software Foundation unanimously voted to award Chukwudi Nwachukwu with a Q2 2018 Community Award:

RESOLVED, that the Python Software Foundation award the Q3 2018 Community
Service Award to Chukwudi Nwachukwu for all of the support he provides the PSF's Grants Work Group by researching regional grant requests and for all of his contributions to the Python Nigeria community.

Python in Nigeria

The Python community in Nigeria has grown exponentially in the last few years. Chux has done an incredible job of guiding this growth along with Aisha Bello, the Vice President of Pycon Nigeria (@Pythonnigeria). PyCon Nigeria launched for the first time in August 2017, and was the fourth PyCon to have been hosted on the African continent. Aisha Bello share her thoughts on Chux winning the award, saying: 

“I have known and worked with Chuks for over 2 years now and he is family. His passion for the python community as a whole and his significant contributions, continuous sacrifices and dedication has gone a long way in shaping the collective growth and successes we have had. He definitely deserved the award" 

As a new Director for the PSF, I was able to attend the conference and witness first hand Chux’s thoughtful leadership and strong organizational skills. He attended the event with his wife and new baby, happily commenting how he wanted to make sure his family became plugged into the Python community as early  as possible. He tried his best to navigate through the room, making sure that everyone present felt comfortable and informed. 

Chux is an integral part of the Nigerian and global Python community. According to Tosin Damilare James Animashaun, a member of the local Python community in Lagos, Chux is one of the reasons he joined: 

Many, like myself, owe our entrance and involvement with the community to Chukwudi, who is very dedicated to advancing the cause of the community. This is aside [from]
him being a great programmer, as I have worked with him well enough to know this. He is a great influence. I have no doubt that Chuk’s  passion is definitely Python. In his words, "Python is something I code and breathe." 

 PyCon Africa: The continued growth of Python in Africa

Chukwudi has done and continues to work tirelessly to forward the mission of the PSF by supporting its sustainable growth in Africa. He is also involved in planning the upcoming PyCon Africa, where he has offered to share his knowledge in regards to running a conference. He is well known in the region, interacting daily with African Pythonistas. He is consistently looking for ways to connect, support and grow the Python community and for that, he is truly deserving of this award. From all of us at  the PSF we say a hearty thank you for all your hard work Chukwudi! 

Tuesday, December 11, 2018

PyConZA 2018 – a beautiful community in South Africa

This year I attended my second PyConZA, which is held in Johannesburg, South Africa. It is the annual gathering of the South African Python community that uses and develops the open source Python programming language. It's organized by the community for the community, fostering unique solutions to the challenges faced in Africa. For the curious: ZA stands for Zuid-Afrika, a Dutch abbreviation for South Africa.

I keep coming back to South Africa to attend PyConZA. I am from Brazil but I struggle to resist a trip to South Africa to visit amazing friends, the beautiful mountains, beaches, wine farms, great food, safaris, and more.

The South African conference, a conference ran entirely by a team of dedicated volunteers, reached its eighth edition this year. As an added success this year the conference reached an outstanding number of attendees.

The Numbers

Over five days – which included tutorials, main conference and sprints – the conference received 255 attendees, boasting 100% growth compared to the last time it was held in Johannesburg in 2015.

The main event counted three simultaneous tracks – plus daily open space sessions. Collectively the conference had 41 speakers, 34 talks, 13 lightning talks and 3 keynotes. The Data Science and Typing tutorials gathered 36 people. Roughly 15 attendees with hacker spirits joined the sprints and ate pizza whilst working on various projects.

Women in Tech ZA & PyConZA gathered 13 attendees for their beginners friendly workshop "Python for Everyone".

Sponsored by 11 entities – including companies such as Microsoft and Oracle – the event had   lunch daily, a lounge with really good coffee, juices and mocktails – freshly made by professionals and available at all times – a speaker's dinner and lots of swag in the Birchwood Hotel Conference Center.

If a Python conference wasn't enough, Johannesburg hosted at the same week and venue, LinuxConf and PostgresConf, bringing in yet more attendees, diversity and people walking around with three different badges.

Speakers photo <3

Running a Conference Ain't Easy!

Here is what the conference organizers had to say about this year's conference:

David Sharpe, chair of the PyConZA 2017, said:
PyConZA is a conference made for the community and by the community. Getting people involved with it is relatively easy – getting people up to speed with how to run a conference is the hard part. The same team has been running the conference for the past seven years, and now our biggest challenge is to spread this knowledge and show other people the ropes, having redundancy in the committee and enabling PyConZA to move around the country more.

Adam Piskorski, chair of this year’s edition, completed:
Finding volunteers and chasing sponsors has been especially difficult when most of the organizers are based in Cape Town – a city near the south most part of the country. For the next year, we want a larger conference with more optimized planning and execution.


The talk "Python Community Development in East Africa" is proof of how the Python programming language and community is changing the world's landscape and people's life.  I’d encourage you to  take 40 minutes of your time and watch this, it's inspirational.

Joshua Kato (PSF Python Ambassador in East Africa), Linus Wamanya and Buwembo Murshid showed us how they are empowering the community in East Africa through training and mentoring kids, students, and people with intellectual or physical disabilities and refugees.

AfroDjango already has trained more than 3000 people since 2015, from basic digital literacy to professional software development. Projects such as home automation, online learning platforms and an online market for hardware and sensors are being currently developed by their students.

Today, AfroDjango has support from a variety of partners, including the PSF. All of this amazing work has been recognized as "Promoting ICT practical skills" by Uganda's Head of State.

Financial Aid

Financial assistance is provided for those who might otherwise not be able to attend the conference. Those potentially eligible were attendees with accepted talks, attendees from South Africa and other African countries (especially those from underprivileged backgrounds) and volunteers helping the conference.

This year, PyConZA was able to provide an amount of R40.000 (about US$2.700) as financial aid for 7 attendees – 2 from South Africa, 3 from Mozambique, 1 from Nigeria and 1 from Uganda, 4 of them being women and 5 being speakers. The organizing team used a points system to reward speakers, giving priority to people from Africa and South Africa. They also wanted to choose people from disadvantaged backgrounds, but the committee mentioned it proved difficult to fairly ascertain that.

The Video Team

Another highlight shared by all three events was the video recording crew. Everything seemed magical and seamless. The video infrastructure organization was led by Carl Karsten, a really cool Pythonista wearing hawaiian shorts from Chicago, and the Next Day Video team.

They were able to record and livestream three simultaneous tracks using open source software and even open source hardware. The recording interface was so simple that volunteers (including me) could help with the job after just a two minutes tutorial. On top of that, the videos were released on and Youtube in couple of hours, with minimal manual intervention.

The Python Software Society of South Africa

The PyConZA organizing committee created PSSSA – a non-profit organization – in May 2017. The objective is to support and grow the Python community and events across the country, as well as manage and run PyConZA.

Today it's being used mainly as a legal and financial entity to support the conference infrastructure, but the plans are to spread its influence and facilitate Python groups throughout South Africa.

PyConZA is awesome!

I'd like to say thanks to the PyConZA organizing committee for helping me gather all the information necessary to put this article together. It is always a pleasure to hang out with you folks.

PyConZA 2019 is expected to be hosted once again in Johannesburg, in October 2019. I hope to see you there!

Monday, December 03, 2018

November 2018 board meeting summary

On November 12th and 13th, ten of the thirteen PSF board members convened in Chicago, IL. Those who could not make it to the in-person meeting, joined via phone conferencing when possible.

In attendance were Naomi Ceder, Jacqueline Kazil, Thomas Wouters, Van Lindberg, Ewa Jodlowska, Lorena Mesa, Eric Holscher, Anna Ossowski, Christopher Neugebauer, and Jeff Triplett. Kushal Das and Marlene Mhangami connected remotely.

In continued efforts to be transparent with our community, we wanted to share what we discussed and what actions will be taken next.


The first discussion we had pertained to directors' involvement in fundraising.

What is being addressed?

It is common for non-profit board members to help raise resources via their various networks. In the past, our board hasn’t been very active in this area, and we’d like to change that going forward.

What are the next steps?

During the meeting, we created two board committees to get directors more involved in the fundraising process:
  • Fundraising committee: This committee will be focused on incoming sponsorships and donations. Even though this is a responsibility all directors will work on, this committee will help move things forward and provide the resources that other directors need to help with this role.
  • Outreach committee: This committee will decide if/how PSF funds will be used to help promote the PSF globally (this would be in addition to funds given via a grant/sponsorship). This group will also assist with creating resources for directors to use when attending an event to represent the PSF.

Code of Conduct

Since the Code of Conduct’s creation in 2013, the PSF has not updated nor worked on any related resources for our community to use outside of PyCon.

To better support our community, in the third quarter of 2017, the PSF created the Code of Conduct Work Group ( The purpose of this work group is to:
  1. Review, revise, and advise on policies relating to the PSF code of conducts and other communities that the PSF supports. This includes any #python chat community & email list under PSF jurisdiction.
  2. Create a standard set of Codes of Conduct and supporting documents for multiple channels of interaction such as, but not limited to, conferences, mailing lists, slack/IRC, code repositories, and more.
  3. Develop training materials and other processes to support Python community organizers in implementing and enforcing the Code of Conduct.

What is being addressed?

At our November meeting, the board discussed certain risk exposure that was brought to our attention. This discussion is still ongoing and as soon as there is a resolution for moving forward, we will work together with the Code of Conduct Work Group to update the community.

Python in Education

What is being addressed?

At PyCon 2018, one of the directors hosted an open space about Python in Education. The goal was to hear from attendees how the PSF can help educators with any obstacles they face with introducing Python into their curriculums. Lot of data points were collected and needed to be discussed.

What are the next steps?

The board directors created a Python in Education group. This group will facilitate ways the PSF can use its resources to improve the way we support educators with introducing Python into their curriculums.

The first goal will be to curate impactful and proven open source material that educators can use globally. The group will write up a request for proposal, decide on a budget that will be allocated to accepted proposals, and market it to our community. Our intended timeline is to launch the RFP by the new year and have the deadline be before PyCon. At PyCon, we will announce accepted proposals so the work can be done during the third quarter of 2019.

Finance Committee

As the PSF continues to grow, we have to make sure that operationally we are efficient and effective, especially when it comes to our finances.

What is being addressed?

For every non-profit board, a major responsibility is to ensure that there is a group to monitor the organization’s overall financial health. Prior to now, the PSF has not had a board finance committee.

What are the next steps?

During the meeting, we created a committee that the Director of Operations and Finance Controller will report to. To start, the group will meet quarterly. Their goals will be to:
  • Oversee financial planning (PSF & PyCon budgets)
  • Monitor that adequate funds are available for financial management tasks
  • Ensure that assets are protected
  • Draft organizational fiscal policies 
  • Anticipate financial problems from external fiscal environments
  • Oversee financial record keeping
  • Relay financial health to the rest of the board
  • Ensure all legal reporting requirements are met
  • Sustain the financial committee itself by training and recruiting subsequent board members

PyCon Trademark

What is being addressed?

At our meeting in May 2018, the board directors decided that the PSF needs to improve the way we monitor the PyCon trademark. The main reason behind this decision is to protect the mark by being able to prove that we are monitoring its use, which will help avoid certain legal challenges. Additionally, it will help us ensure that all PyCons are up to community standards: Python focused, non-commercial, and have actionable code of conducts.

The process has not yet been fully implemented.

What are the next steps?

The board directors will revive the discussion with the PSF’s trademark committee. The goal is to find common ground on how the process will work. Afterwards, we will work on full transparency with the community via blogs and a message on

Diversity Tracking

Even though this topic was not on our initial agenda, we wanted to talk about this if time allowed. We got lucky and were able to sneak it in!

What is being addressed?

Our grants program currently does not require any tracking or reporting for diversity grants. Nor does the PSF have a policy for expectations of diversity grants. Since we want to see that the funding we give towards diversity is impactful, we wanted to discuss options for what we can do.

What are the next steps?

We will work on a policy for diversity grants that ask organizers to collect relevant diversity statistics. In addition to that, the PSF will work on a template survey so conferences can have a starting point in order to lessen the burden on volunteer organizers. Once a template and policy is in place, we will market the resource via relevant mailing lists, communication chats, and the Grants Program page.

Python Governance and Core Development

Python has recently seen the resignation of its BDFL, Guido van Rossum. This encouraged the core developers to rethink the governance of Python. Several governance proposals were created in the forms of PEPs, which the core developers will be voting December 1st, 2018 to December 16th, 2018 (Anywhere on Earth).

Even though the board is not currently involved with core development, we did discuss what has been developing with the governance discussions. We reflected on some of the discussions happening on We discussed the various PEPs such as PEP 8001, which is about the Python Governance Voting Process. We also discussed what the directors thought about the proposals for Python governance such as PEP 8010, 8011, 8012, 8013, 8014, 8015, 8016.

What’s next?

Working across the table from one another was motivational and acted as a catalyst for several initiatives. It gave us the opportunity to have in-depth conversations, establish stronger professional relationships, and create actionable tasks to help move initiatives forward beyond the two-day meeting.

We plan to host more 24-hour chat channels throughout 2019. They give us the chance to hear from community members world wide. Additionally, we will have our next in-person board meeting at PyCon 2019 on May 2nd. We look forward to updating you all on our progress then.

It is important for us to know that the PSF Board is inline with our community’s needs. If you have comments or suggestions on what was recently discussed or something completely new, please reach out to me: ewa at python dot org.