The purpose of this Alpha engagement is to provide security resources to projects owned by the PSF like CPython and PyPI and the broader Python ecosystem in key areas, including:
- Conducting a security audit on PyPI
- Formalize and improve security practices for CPython, PyPI, and the broader Python community.
- Address security issues across PSF projects like CPython and PyPI and improve the ability to identify and resolve future issues.
- Establishing a security metric that allows them to show the sustained and renewable impact.
- Collaboration with the OpenSSF, CPython core developers, and the community.
This engagement started in November 2022.
- Seth Larson (@sethmlarson) - Security Developer-in-Residence (PSF)
- Ee Durbin (@ewdurbin) - Director of Infrastructure (PSF)
- https://openssf.org/blog/2023/06/22/psf-welcomes-new-security-developer-in-residence-with-support-from-alpha-omega/
- https://pyfound.blogspot.com/2023/06/announcing-our-new-security-developer.html
- https://sethmlarson.dev/security-developer-in-residence
- https://pyfound.blogspot.com/2023/01/the-psf-is-hiring-security-developer-in.html