By the Alpha-Omega Team
Through funding by the OpenSSF’s Alpha-Omega Project, the Python Software Foundation (PSF) has hired a new security developer in residence as part of a year-long security enhancement initiative. PSF announced their intention to fill this role back in January, and after a thorough search, they have chosen Seth Michael Larson! He joins the PSF for the next year as their first ever Security Developer-in-Residence. Seth is already well-known to the Python community – he was named a PSF Fellow last year and has already written a lot about Python and security on his blog.
OpenSSF’s Alpha-Omega Project is proud to sponsor this key developer role. “At Alpha-Omega, we are excited to support the Python Software Foundation as they improve the security of PyPI, and more generally the Python ecosystem as a whole.” Alpha Omega Representative – Bob Callaway, Google
Seth begins his work with Python and the Python Package Index (PyPI) this week. He says, “The Python community is such a positive part of my life so I’m grateful for this incredible opportunity to contribute back. I’m looking forward to partnering with all of you to build a more secure Python ecosystem for everyone!” We hope that everyone in the community will welcome Seth and help him succeed in his audit and subsequent plans for key security improvements.
The Python Software Foundation (PSF) is a non-profit whose mission is to promote, protect, and advance the Python programming language, and to support and facilitate the growth of a diverse and international community of Python programmers. The PSF supports the Python community using corporate sponsorships, grants, and donations. If you are interested in sponsoring or donating to the PSF so it can continue supporting Python and its community, check out their sponsorship program, donate directly here, or contact the team!
Alpha-Omega is an OpenSSF project, established in February 2022, with a mission to protect society by improving the security of open source software through direct maintainer engagement and expert analysis, trying to build a world where critical open source projects are secure and that security vulnerabilities are found and fixed quickly.