Improving security and integrity of Python package archives

Security and integrity of the Python packaging ecosystem is critical, and the smallest unit of a packaging ecosystem is a "package". Python packages use existing archive formats like ZIP and tar to distribute Python projects to their users. Archives seem simple on the surface, but many ZIP and tar features can be abused to confuse implementations into seeing different contents of the same archive.

These vulnerabilities affect the "integrity of the ecosystem" if tools can't agree what a package contents actually are. This can cause many downstream issues, such as vulnerability or malware scanners giving different results from the package when installed on disk.

The Python Software Foundation Security Developer-in-Residence, Seth Larson, published a new white paper with Alpha-Omega titled "Slippery ZIPs and Sticky tar-pits: Security & Archives" about work to remediate 10 vulnerabilities affecting common archive format implementations such as ZIP and tar for critical Python projects.

The white paper highlights how the PSF maintained Python Package Index (PyPI) can be used to protect insecure implementations of archives preemptively, whether their vulnerability status is known or unknown, by coordinating disclosures with other packaging tools. 

 

The white paper details potential future work to shore up the security of ZIP and tar implementations that are in widespread use, such as the zipfile and tarfile module in the Python standard library. The white paper also makes recommendations for packaging ecosystems regarding reproducible builds of archives.

If you rely on PyPI and the Python packaging ecosystem you can directly contribute to further security work done by the PSF by:

• Become a Member: When you sign up as a Supporting Member of the PSF, you become a part of the PSF. You’re eligible to vote in PSF elections, using your voice to guide our future direction, and you help us sustain what we do with your annual support.
• Donate: Your donation makes it possible to continue our work supporting Python and its community, year after year.
• Sponsor: If your company uses Python and isn’t yet a sponsor, send them our sponsorship page or reach out to sponsors@python.org today. The PSF is ever grateful for our sponsors, past and current, and we do everything we can to make their sponsorships beneficial and rewarding.

The Security Developer-in-Residence position is sponsored by Alpha-Omega. If you'd like to support improving Python at the ecosystem-scale contact sponsors@python.org to discuss sponsoring a Developer-in-Residence position. 

 

Open Infrastructure is Not Free: PyPI, the Python Software Foundation, and Sustainability

In September, the Python Software Foundation (PSF) co-signed the Open Infrastructure is Not Free: A Joint Statement on Sustainable Stewardship Letter published by the Open Source Security Foundation (OpenSSF) as a steward of the Python Package Index (PyPI). As a follow up, I would like to share a bit more about the concerns expressed in this letter as they relate to our community and the PSF.

History and Current Conditions

PyPI (and Python) have continued to experience effectively exponential growth in usage over the past decade, from October 2018 to the present. This is clear in our telemetry: 

 

Daily requests over time for PyPI's services, showing a trend line starting in 2018 in the millions, reaching 2-3 billion per day at present.

This growth has been met with persistent and growing investment by the PSF. Starting with the hire of a full-time Director of Infrastructure in June 2018, as well as ongoing costs associated with operating PyPI and managing relationships, grants, and sponsorships that support it.

At present, the PSF employs personnel and pays operational costs to keep PyPI online, reliable, secure, and supported to meet the modern expectations of the Python community globally. While we are very fortunate to have long-term partnerships with Fastly, Amazon Web Services, Google Cloud, Datadog, Sentry, depot, and PagerDuty that help us to develop, test, host, operate, monitor, and respond to incidents for PyPI, we still pay monthly fees for things like our support inboxes and other infrastructure.

The largest cost for the PSF is staffing. The PSF staff who support PyPI include:

• Ee Durbin (myself), Director of Infrastructure
• Jacob Coffee, Infrastructure Engineer
• Maria Ashna, PyPI Support Specialist
• Mike Fiedler, PyPI Safety and Security Engineer

While our Safety and Security Engineer role is funded via a grant from The Linux Foundation’s Alpha-Omega project, all others are paid for from the PSF’s general fund, which comes from our sponsorship program and individual contributions.

These roles ensure that the expectations of our community are met when it comes to reliability and availability of the infrastructure and systems that run PyPI. They also ensure responsiveness to both critical support concerns, such as account recovery and project ownership, and to security incidents and malware, as well as continuing improvements to PyPI’s security stance overall.

We fulfill these roles and operate PyPI as a free resource for Python developers to find, install, and publish their open source projects in pursuit of our mission. This will not change, but we do believe that there are concrete ways that our community can help to support us. We also believe that there are changes that we can make to help guide PyPI and the PSF to long-term sustainability, commensurate with the value and usage of for-profit companies.

While we echo the statement from the open letter, “This is not (yet) a crisis.”, we also believe that “it is a critical inflection point” as we look to the future of the sustainability of PyPI and the PSF.

What Needs to Change

We are aligned with the OpenSSF letter on their three key points, but would like to say more about how they relate to PyPI:

Commercial and institutional partnerships

In 2024, the PSF and Fastly signed and announced a five-year agreement under Fastly’s Fast Forward program. This is a fundamentally different kind of commitment from others that we rely on to operate PyPI (and the rest of the Python Software Foundation infrastructure).

We feel very fortunate to have long-term recurring partnerships with other providers, but the annual renewal cycles do come with overhead and risk. While we work incredibly hard to use donated credits and services as efficiently as possible¹, a critical in-kind sponsor choosing not to renew would require precious engineering resources to prepare for and complete a migration to another provider or cost the PSF tens of thousands of dollars a month during an interim period to pay outright.

As an organization, we will seek to establish similar long-term agreements with our infrastructure partners.

Value-added capabilities & tiered access models

Having users pay for PyPI usage is something we cannot, and will not do. As we stated when we originally announced PyPI Organizations, paid features must remain opt-in, and core features for publishing and installing projects will remain free.

However, we do recognize that corporate publishers have been a large driver of the growth in the resources needed to serve PyPI. As we continue to develop PyPI Organizations features, providing these publishers with higher quotas will allow for the usage they drive by publishing large files to PyPI to be paid for.

In general, our roadmap for PyPI Organizations will focus on value-added features that benefit Companies as well as Community projects alike, while continuing to provide those features to Community organizations at no cost.

How You Can Help

If you or your team install from PyPI for development, continuous integration testing, or deployment, please take time to review the ways in which your tooling utilizes caching, and implement as much of it as possible when installing from free package repositories. PyPI itself heavily utilizes caching when installing our own dependencies, leveraging Docker cache mounts and pip’s internal caching to reduce usage and increase speed of builds, not only for our Python dependencies but npm and apt as well. This shared responsibility for usage is one that we all should bear, rather than treating package repositories as a limitless resource.

Just as we intend to seek longer-term agreements with the providers we rely on to operate PyPI, we ask members of the community in organizations that provide such support to champion for similar long-term agreements with open source foundations and projects that rely on them for operations.

If your company publishes projects to PyPI, consider signing up for PyPI Organizations. The recurring revenue generated by Organizations is a key way that we hope to build a reliable and sustainable base for PyPI moving forward.

Even if any of those do not apply to you or your company, but you rely on PyPI, you can always:

• Become a Member: When you sign up as a Supporting Member of the PSF, you become a part of the PSF. You’re eligible to vote in PSF elections, using your voice to guide our future direction, and you help us sustain what we do with your annual support.
• Donate: Your donation makes it possible to continue our work supporting Python and its community, year after year.
• Sponsor: If your company uses Python and isn’t yet a sponsor, send them our sponsorship page or reach out to sponsors@python.org today. The PSF is ever grateful for our sponsors, past and current, and we do everything we can to make their sponsorships beneficial and rewarding.

_{1. Fun Fact: The Python Software Foundation’s AWS Open Source Credits usage has only grown 25% over the past 8 years, despite the explosive growth in usage of our services.}

A new PSF Board- Another year of PSF Board Office Hour sessions!

Greetings, Pythonistas- thank you so much for supporting the work of the PSF and the Python community! The newest PSF Board has decided to continue investing in connecting with the global Python community by running the PSF Board Office Hour sessions on the PSF Discord into 2026. 

We began running these sessions in September 2024, and they have proven to be a great method for the community to connect with the board and vice versa. The sessions have provided the PSF Board and Staff the opportunity to hear what our community is up to and what challenges they are facing, as well as receive invaluable feedback about how the PSF can continue to improve our service to the Python community. 

What are the PSF Board Office Hours?

During the PSF Board Office Hours, you can participate in a text-based live chat with PSF Board Directors. This is a chance to connect, share, and collaborate with the PSF Board and Staff to improve our community together. Occasionally, we will have dedicated topics such as PyCon US and the PSF Board Elections for the office hour sessions. 

Here is some of the work that we collaborate with staff and volunteers on:

• Promotion and outreach for the Python programming language
• Supporting local Python communities
• Organizing PyCon US
• Diversity and Inclusion in our community
• Support handling Code of Conduct issues within our communities
• Furthering the mission of the PSF

Unless we have a dedicated topic for a session, you are not limited to talking with us about the above topics, although the discussions should be focused on Python, the PSF, and our community. If you think there’s something we can help with or we should know, we welcome you to come and talk to us!

Joining the office hours

The office hour sessions will take place on the PSF Discord server in the #psf-board channel. If you are new to Discord, make sure to check out a tutorial on how you can download the app and sign up for free– then join us on the PSF Discord! To make the office hours more accessible, the office hours will be scheduled at alternating times, so no matter where you are based, you can find a time that is most convenient for you! Here is a list of the dates and times:

• November 4th, 2 pm UTC
• December 9th, 9 pm UTC
• January 13th, 2 pm UTC 
• February 10th, 9 pm UTC
• March 10th, 1 pm UTC 
• April 14th, 9 pm UTC
• May 12th, 1 pm UTC 
• June 9th, 9 pm UTC
• July 14th, 1 pm UTC 
• August 11th, 9 pm UTC
• September 8th, 1 pm UTC 
• October 13th, 9 pm UTC

Each session lasts for an hour. Sessions after October 2026 will be announced in the future.

Who will be at the office hours?

Some board members of the PSF will be attending each office hour, as well as members of the PSF Staff. The list of the current PSF Board Directors can be found on our website. We are passionate Python community members who are excited to listen, help, and provide support to you. We are happy to follow up with you if there are any issues we cannot address immediately during the office hour sessions. As always, you can email us at psf-board@python.org with inquiries, feedback, or comments any time. 

The PSF has withdrawn a $1.5 million proposal to US government grant program

In January 2025, the PSF submitted a proposal to the US government National Science Foundation under the Safety, Security, and Privacy of Open Source Ecosystems program to address structural vulnerabilities in Python and PyPI. It was the PSF’s first time applying for government funding, and navigating the intensive process was a steep learning curve for our small team to climb. Seth Larson, PSF Security Developer in Residence, serving as Principal Investigator (PI) with Loren Crary, PSF Deputy Executive Director, as co-PI, led the multi-round proposal writing process as well as the months-long vetting process. We invested our time and effort because we felt the PSF’s work is a strong fit for the program and that the benefit to the community if our proposal were accepted was considerable.  

We were honored when, after many months of work, our proposal was recommended for funding, particularly as only 36% of new NSF grant applicants are successful on their first attempt. We became concerned, however, when we were presented with the terms and conditions we would be required to agree to if we accepted the grant. These terms included affirming the statement that we “do not, and will not during the term of this financial assistance award, operate any programs that advance or promote DEI, or discriminatory equity ideology in violation of Federal anti-discrimination laws.” This restriction would apply not only to the security work directly funded by the grant, but to any and all activity of the PSF as a whole. Further, violation of this term gave the NSF the right to “claw back” previously approved and transferred funds. This would create a situation where money we’d already spent could be taken back, which would be an enormous, open-ended financial risk.   

Diversity, equity, and inclusion are core to the PSF’s values, as committed to in our mission statement: 

The mission of the Python Software Foundation is to promote, protect, and advance the Python programming language, and to support and facilitate the growth of a diverse and international community of Python programmers.

Given the value of the grant to the community and the PSF, we did our utmost to get clarity on the terms and to find a way to move forward in concert with our values. We consulted our NSF contacts and reviewed decisions made by other organizations in similar circumstances, particularly The Carpentries.  

In the end, however, the PSF simply can’t agree to a statement that we won’t operate any programs that “advance or promote” diversity, equity, and inclusion, as it would be a betrayal of our mission and our community. 

We’re disappointed to have been put in the position where we had to make this decision, because we believe our proposed project would offer invaluable advances to the Python and greater open source community, protecting millions of PyPI users from attempted supply-chain attacks. The proposed project would create new tools for automated proactive review of all packages uploaded to PyPI, rather than the current process of reactive-only review. These novel tools would rely on capability analysis, designed based on a dataset of known malware. Beyond just protecting PyPI users, the outputs of this work could be transferable for all open source software package registries, such as NPM and Crates.io, improving security across multiple open source ecosystems.

In addition to the security benefits, the grant funds would have made a big difference to the PSF’s budget. The PSF is a relatively small organization, operating with an annual budget of around $5 million per year, with a staff of just 14. $1.5 million over two years would have been quite a lot of money for us, and easily the largest grant we’d ever received. Ultimately, however, the value of the work and the size of the grant were not more important than practicing our values and retaining the freedom to support every part of our community. The PSF Board voted unanimously to withdraw our application. 

Giving up the NSF grant opportunity—along with inflation, lower sponsorship, economic pressure in the tech sector, and global/local uncertainty and conflict—means the PSF needs financial support now more than ever. We are incredibly grateful for any help you can offer. If you're already a PSF member or regular donor, you have our deep appreciation, and we urge you to share your story about why you support the PSF. Your stories make all the difference in spreading awareness about the mission and work of the PSF. 

How to support the PSF:

• Become a Member: When you sign up as a Supporting Member of the PSF, you become a part of the PSF. You’re eligible to vote in PSF elections, using your voice to guide our future direction, and you help us sustain what we do with your annual support.
• Donate: Your donation makes it possible to continue our work supporting Python and its community, year after year.
• Sponsor: If your company uses Python and isn’t yet a sponsor, send them our sponsorship page or reach out to sponsors@python.org today. The PSF is ever grateful for our sponsors, past and current, and we do everything we can to make their sponsorships beneficial and rewarding.

Announcing Python Software Foundation Fellow Members for Q3 2025! 🎉

The PSF is pleased to announce its third batch of PSF Fellows for 2025! Let us welcome the new PSF Fellows for Q3! The following people continue to do amazing things for the Python community:

Abhijeet Mote

LinkedIn

Abigail Afi Gbadago

LinkedIn, Website 

Becky Smith

LinkedIn, Bluesky, Mastodon, GitHub 

Christopher Bailey

Dawn Wages

Leah Wasser

Website, Bluesky, Mastodon, LinkedIn, GitHub

Maaya Ishida

Mason Egger

Website, Twitter, LinkedIn, GitHub

Miguel Grinberg

Website, GitHub

William Vincent

Website, LinkedIn, GitHub

 

Thank you for your continued contributions. We have added you to our Fellows Roster.

The above members help support the Python ecosystem by being phenomenal leaders, sustaining the growth of the Python scientific community, maintaining virtual Python communities, maintaining Python libraries, creating educational material, organizing Python events and conferences, starting Python communities in local regions, and overall being great mentors in our community. Each of them continues to help make Python more accessible around the world. To learn more about the new Fellow members, check out their links above.

Let's continue recognizing Pythonistas all over the world for their impact on our community. The criteria for Fellow members is available on our PSF Fellow Membership page. If you would like to nominate someone to be a PSF Fellow, please send a description of their Python accomplishments and their email address to psf-fellow at python.org. Quarter 4 nominations will be in review soon. We are accepting nominations for Quarter 4 of 2025 through November 20th, 2025.

Are you a PSF Fellow and want to help the Work Group review nominations? Contact us at psf-fellow at python.org.

CPython Core Dev Sprint 2025 at Arm Cambridge: The biggest one yet

Guest blog post authored by Diego Russo, Python Core Developer and Principal Software Engineer at Arm. 

Sprint overview

For one week, Arm’s Cambridge headquarters became the heart of Python development. Contributors from around the world came together for the CPython Core Developer Sprint. It was the largest gathering in the project’s history, with 35 core developers and 13 invited guests collaborating in person. 

Unlike a conference, the sprint is a working retreat. There are no spectators or formal keynotes, just space for deep technical debate, design, coding, and consensus-building. 

The sprint offers a rare chance for real-time dialogue. Ideas can be sketched on whiteboards, trade-offs debated face-to-face, and tricky issues given momentum.

What happened

The week included technical presentations, collaborative work, and community events. Talks and presentations were grouped around key themes:

• JIT and performance
• Ken Jin Ooi – Building a Community Around the JIT Compiler and demo of the new C API
• Antonio Cuni – Tracing JITs in the Real World, highlighting challenges such as trace blockers, control flow, and async behavior

• Packaging and distribution
• Russell Keith-Magee – Managing Cross-Platform Wheel Builds
• Brett Cannon – Precompiled Binaries from python.org

• Language design and standards
• Steering Council – PEP 793 and abi3/abi3t/abi4
• Matthew Parkinson – Designing Deep Immutability

• Ecosystem and infrastructure
• Brett Cannon – WASI Update
• Hood Chatham – Upstreaming the Pyodide FFI
• Gregory P. Smith – Claude Code and Agents for Good in OSS

• Lightning talks
• Guido van Rossum – A New Python History Project
• Ee Durbin – PSF Infrastructure Next Gen
• Steve Dower – Python Install Manager
• Larry Hastings – A Missing Fundamental Data Structure
• Adam Turner – Bring Out Yer Dead (Issues)
• Greg Smith – Async Exception Group Tracebacks

• Arm contributions
• James Greenhalgh – Arm Neoverse: Overview
• Martin Weidmann – A Brief History of the Arm Architecture
• Peter Smith – Compilers, ABI, and Optimizations

The program also included a Q&A with the Steering Council, where Barry Warsaw and Emily Morehouse joined remotely. It also featured a mentorship discussion led by Tania Allard on how to welcome and support new contributors.

 

Beyond presentations, the sprint fostered hands-on collaboration. Developers had advanced JIT planning, explored progress on free threading, and discussed improvements to documentation and translations. They also strengthened testing and CI across platforms, and refined governance and contributor onboarding processes.

Antonio Cuni highlighted real-world JIT pitfalls, which informed many of these discussions.

Finally, the sprint included community activities that helped balance the technical intensity with moments of connection. The Python Guild at Arm hosted an Ask Me Anything (AMA) session, giving local engineers the chance to interact with core developers.

A formal dinner at Jesus College reflected Cambridge traditions, while a punting trip on the River Cam offered a relaxed opportunity to connect outside of work.

A Team Effort

The Python Software Foundation coordinated the event, making the sprint possible. We thank Phyllis Dobbs for managing the RSVP process and the travel grants that enabled many contributors to join us in Cambridge.

Hosting the CPython Sprint at Arm’s Cambridge offices shows a shared commitment and we send huge thanks to everyone at Arm who made the sprint possible. Arm shares, 

“Hosting the latest CPython sprint was more than providing a venue. It was an investment in strengthening one of the most influential open-source communities. Python’s reach is vast, and ensuring its modern components run smoothly on Arm platforms helps the language stay inclusive and performant across architectures. Hosting the sprint gave Arm a way to give back, reinforce bonds with the core team, and invest in Python’s future.”

The Arm Software Communities team led the effort from start to finish, handling logistics, sponsorship, and every detail that kept things running smoothly. Their support, along with the help of Central Engineering, Facilities, Workplace, People, IT, Developer Marketing, and the Python Guild organizers, ensured a successful and well-organized week for all participants. 

Finally, a huge thank you to all the attendees who traveled from across the world to spend a week in Cambridge. Some came from nearby in the UK and neighboring countries. Many others journeyed across Europe, several crossed the Atlantic, and a few took long-haul and even ultra-long-haul flights of more than 10,000 km. That dedication and commitment to the Python community is what truly made this sprint special.

Organizing a sprint of this scale takes many hands. From sponsors to volunteers, organizers to attendees, everyone contributed in their own way. This sprint was a reminder that Python is more than a programming language. It is a community that works together, supports one another, and achieves more as a team than any individual could alone.

Conclusion

The sprint was widely regarded as a success. Attendees described it as productive, well-organized, and an excellent community experience. Even so, some aspects could have been improved, and these are valuable lessons to take forward for future events. 
Sessions such as the Steering Council Q&A, the mentorship discussion led by Tania Allard, and the lightning talks stood out as highlights. They reinforced the value of bringing the community together in person.

Python is undergoing important technical transitions. Sprints like this accelerate evolution, resolve difficult challenges, and align the community. The concentration of expertise enabled focused, collaborative progress. The ripple effects of this sprint will shape code, discussion, and design decisions for months to come. We look forward to coming together again as a community.

Announcing PSF Community Service Award Recipients!

The PSF Community Service Awards (CSA’s) are a formal way for the PSF Board of Directors to offer recognition of work which, in its opinion, significantly improves the Foundation's fulfillment of its mission and benefits the broader Python community. These awards shine a light on the incredible people who are the heart and soul of our community– those whose dedication, creativity, and generosity help the PSF fulfill its mission. The PSF CSAs celebrate individuals who have been truly invaluable, inspiring others through their example, and demonstrates that service to the Python community leads to recognition and reward. If you know of someone in the Python community deserving of a PSF CSA award, please submit them to the PSF Board via psf@python.org at any time. You can read more about PSF CSAs on our website. 

The PSF Board is excited to announce three new CSAs, awarded to Katie McLaughlin, Sarah Kuchinsky, and Rodrigo Girão Serrão, for their contributions to the Python community. Read more about their contributions and impact below. 

Katie McLaughlin

Katie has been a tireless and dedicated member of the Python and Django communities for many years. They have served on the boards of both the DSF and PSF, including as PSF Communications Officer, and was named a PSF Fellow in 2018. Katie has played a big role in the Australian conference community– chairing DjangoCon AU 2017, PyCon AU in 2018 and 2019, and co-chairing PyCon AU 2021– and continues to support PyCon AU as an advisor.

A frequent speaker and keynote presenter at PyCons and DjangoCons around the world, Katie has worked to demystify Python website deployment, highlight the value of all kinds of open source contributions, and call out the impact of contempt culture on developer communities. They are also a regular at sprints, helping new contributors get started and improving onboarding through code and documentation. 

Sarah Kuchinsky

Sarah has been the driving force behind PyCon tutorials for many years, shaping them into the strong program they are today. She has brought skill, care, and consistency to the difficult work of selecting, organizing, and running tutorials, ensuring they provide meaningful learning experiences for attendees.

Beyond logistics, Sarah has a gift for spotting and nurturing talent. She has encouraged new volunteers to grow into leadership roles, building a resilient, collaborative committee that sustains itself year after year. Her outreach has kept reviewers engaged while also welcoming fresh voices, strengthening both the program and the community behind it.

The impact of Sarah’s work is felt by every instructor, attendee, and volunteer who has benefitted from PyCon tutorials, and the community is deeply grateful for her many years of leadership and care. Sarah was also the lead organizer for PyLadies Silicon Valley for over 5 years, is a SoCal Python Co-Organizer, and has contributed to a variety of open source projects.

Rodrigo Girão Serrão

Rodrigo Girão Serrão has made lasting contributions to the international Python community through his leadership, teaching, and generosity. He has helped organize PyCons in Portugal, supported the Python community across Europe, and spoken regularly at PyCons worldwide, making complex topics like descriptors clear and approachable.

Through his website mathspp.com, bootcamps, and self-published books, including the freely available Pydon’ts book, Rodrigo has worked to make Python more accessible and welcoming. His dedication to sharing knowledge and supporting others has had a wide-reaching impact, and the community is grateful for his many contributions.