Thursday, January 26, 2023

The PSF is hiring a Security Developer-in-Residence!

The Python Software Foundation (PSF) is happy to announce the launch of a year-long security enhancement initiative that will include a security audit and the creation of a new Security Developer-in-Residence role. Generous funding by the OpenSSF’s Alpha-Omega Project has made this work possible.

Recent open source supply chain security attacks on open source projects and infrastructure have increased awareness of the critical role projects like Python and the Python Package Index (PyPI) play in providing a safe and secure ecosystem for millions of open source users. Historically, the Python Software Foundation’s ability to make key security improvements has only been realized when dedicated teams of volunteers or its existing infrastructure staff make time, or when it has received occasional grants, such as the introduction of 2FA and other security improvements to PyPI in 2019.

The Security Developer-in-Residence will work full-time during the initiative to formalize existing security practices and become more proactive in Python-related security improvements. The new role will be responsible for addressing security issues across PSF projects such as CPython and PyPI, and applying knowledge and expertise and working with volunteers to implement key improvements in a timely manner. They will also establish new processes and features that make it easier to prevent, detect, and respond to security risks to lay a foundation that makes it easier and more sustainable for the community to identify and address security issues going forward.

The Security Developer-in-Residence job is posted HERE. Please take a look and and share with your friends and colleagues.

This role is funded by a substantial investment from the Open Software Security Foundation’s Alpha-Omega Project. The OpenSSF is a non-profit cross-industry collaboration that brings together leaders to improve the security of open source software by building a broader community, targeted initiatives, and best practices. The OpenSSF brings together open source security initiatives under one foundation to accelerate work through cross-industry support.

The PSF is a non-profit whose mission is to promote, protect, and advance the Python programming language, and to support and facilitate the growth of a diverse and international community of Python programmers. The PSF supports the Python community using corporate sponsorships, grants, and donations. Are you interested in sponsoring or donating to the PSF so it can continue supporting Python and its community? Check out our sponsorship program, donate directly here, or contact our team!

Tuesday, January 10, 2023

Starting 2023 with momentum, thanks to you!

We are grateful to each of you who shared or donated to our year-end fundraiser and membership drive. Over 300 individual donations plus new Supporting Memberships, renewals, and JetBrains’ generous match came together to raise $61,868 total for our work supporting Python and the Python community! This generosity means we can confidently start 2023 by investing in our key goals for the year, knowing the community is behind us.

Those goals include:

  • deepening our global reach
  • supporting more community endeavors
  • making Python even more sustainable, from both an infrastructure and security perspective

Community investment–of money, but also time, energy, ideas, and enthusiasm–is critical to reaching each of these goals. 

Supporting Membership is a great way for the community to invest in the PSF’s work. We were delighted to meet and then exceed our goal of 100 new Supporting Members: 174 new Supporting Members stepped up to become champions of the PSF! It was exciting to see that 29 of those new Supporting Members were able to join based on our new sliding scale rate option. Welcome aboard, new members, and thank you for joining us! We’re looking forward to having your voice take part in the PSF’s future.

Because the PSF doesn’t buy lists or ads, your help in sharing our fundraiser with your networks makes a big difference, and we really appreciate how many of you took the extra time to help promote it. We’re excited about where 2023 will take us together, and as always, we’d love to hear your ideas and feedback. Looking for how to keep in touch with us? You can find all the ways here.

Wishing you and yours a happy, healthy, and Pythonic new year,