Packaging Working Group

The Packaging Working Group is a volunteer work group of the Python Software Foundation.

Agenda

The purpose of this working group is to support the larger efforts of improving and maintaining the packaging ecosystem in Python through fundraising (including a sponsorship program) and disbursement of raised funds. It largely focuses on efforts such as PyPI, pip, packaging.python.org, setuptools, and cross-project efforts.

Resources

Governance

Decisions on what fundraising and projects/efforts to support will be done by a simple majority and in the case of a tie, will escalate to the PSF Board. See the PSF Packaging WG Charter.

Administration and Contact

To contact the Packaging WG, email Ewa Jodlowska.

Members

Meetings

As needed.

Current Projects

Fundraising

The Packaging Working Group is seeking sponsorships and grants to raise funds for fundable packaging improvements.

Sprints

We run PackagingSprints at conventions and as standalone events. We're open to companies and organizations hosting sprints and work weeks to help us move packaging forward; get in contact with a Working Group member.

Warehouse: Facebook gift

The Packaging Working Group applied for and is receiving a gift from Facebook to implement & deploy security features for Warehouse (PyPI's codebase).

Meetings and status updates:

Meeting/update

Type

Date

Python Package Index - Python Software Foundation's TUF key generation and signing ceremonies

Live video stream of ceremony

October 30th, 2020

Scoping Facebook-funded work

Meeting notes

June 20th, 2019

Announcement of Request for Information

Blog post

August 28th, 2019

Announcement of Request for Proposals

Blog post

September 25th, 2019

Kickoff - 2019 Q4 RFP Milestone 2 - Automated Detection of Malicious Uploads

Meeting notes

December 11th, 2019

Contrasting Transparent Logs and The Update Framework

Blog post

February 3rd, 2020

An Update PyPI Funded Work

Blog post

March 4th, 2020

Automatic detection of Malware in PyPi (video)

Online talk

March 14th, 2020

Dependency resolver and user experience improvements for pip

The Packaging Working Group applied for and is receiving funding to work in 2020 on the design, implementation, and rollout of pip's next-generation dependency resolver. The donors funding this work are the Chan Zuckerberg Initiative (USD$200,000) and Mozilla Open Source Support (USD$207,000).

Meetings and status updates:

Meeting/update

Type

Date

Announcement: pip 20.3 release!

Forum post

November 30th, 2020

Releasing pip 20.3, featuring new dependency resolver

Blog post

November 30th, 2020

Team meeting

Meeting notes

November 24th, 2020

Team meeting

Meeting notes

November 23rd, 2020

Team meeting

Meeting notes

November 18th, 2020

Team meeting

Meeting notes

November 17th, 2020

Team meeting

Meeting notes

November 11th, 2020

Full teamwide meeting

Meeting notes

November 10th, 2020

Team meeting

Meeting notes

November 2nd, 2020

Full teamwide meeting

Meeting notes

October 28th, 2020

Full teamwide meeting

Meeting notes

October 27th, 2020

Full teamwide meeting

Meeting notes

October 21st, 2020

Team meeting

Meeting notes

October 20th, 2020

Full teamwide meeting

Meeting notes

October 12th, 2020

Full teamwide meeting

Meeting notes

October 7th, 2020

Mini- meeting

Meeting notes

October 6th, 2020

Real Python podcast interview with Georgia Bullen and Sumana Harihareswara, "Resolving Package Dependencies With the New Version of Pip"

Podcast interview

October 2nd, 2020

Teamwide meeting

Meeting notes

September 30th, 2020

Software Developers Journey Podcast interview with Sumana Harihareswara

Podcast interview

September 29th, 2020

"Changes are coming to pip" video

Video on YouTube

September 29th, 2020

Mini-team meeting

Meeting notes

September 29th, 2020

Teamwide meeting

Meeting notes

September 23rd, 2020

Teamwide meeting

Meeting notes

September 16th, 2020

Answer these surveys to improve pip's usability

Blog post

September 15th, 2020

Mini-team meeting

Meeting notes

September 9th, 2020

Teamwide meeting

Meeting notes

September 8th, 2020

FLOSS Weekly #594: Pip and the Python Package Index

Podcast interview

September 2nd, 2020

Teamwide meeting

Meeting notes

September 2nd, 2020

Teamwide meeting

Meeting notes

August 26th, 2020

Teamwide meeting

Meeting notes

August 19th, 2020

Teamwide meeting

Meeting notes

August 12th, 2020

Teamwide meeting

Meeting notes

August 5th, 2020

Test & Code 124: pip dependency resolver changes

Podcast interview

August 3rd, 2020

Upgrade to pip 20.2, plus, changes coming in 20.3

Blog post

July 30th, 2020

Teamwide meeting

Meeting notes

July 29th, 2020

Teamwide meeting

Meeting notes

July 22nd, 2020

Teamwide meeting

Meeting notes

July 15th, 2020

Pip team midyear report

Blog post

July 13th, 2020

Teamwide meeting

Meeting notes

July 8th, 2020

Teamwide meeting

Meeting notes

July 1st, 2020

Teamwide meeting

Meeting notes

June 24th, 2020

Teamwide meeting

Meeting notes

June 17th, 2020

Teamwide meeting

Meeting notes

June 10th, 2020

Developer team syncup, and teamwide meeting

Meeting notes

June 3rd, 2020

Developer team syncup, and teamwide meeting

Meeting notes

May 27th, 2020

Podcast.__init__ episode "Dependency Management Improvements In Pip's Resolver - Episode 264"

Podcast interview

May 25th, 2020

Teamwide meeting

Meeting notes

May 20th, 2020

Developer team meeting

Meeting notes

May 20th, 2020

UX-dev collaboration discussion

Meeting notes

May 18th, 2020

Teamwide syncup

Meeting notes

May 14th, 2020

Nicole-Pradyun discussion

Meeting notes

May 13th, 2020

Developer team syncup

Meeting notes

May 11th, 2020

Teamwide syncup

Meeting notes

May 7th, 2020

Developer team syncup, and pip UX/resolver collaboration notes

Meeting notes

May 5th-7th, 2020

Pip 20.1 has been released

Blog post

April 30th, 2020

Teamwide syncup

Meeting notes

April 30th, 2020

Tzu-Ping and Pradyun discussion

Meeting notes

April 29th, 2020

Developer team syncup

Meeting notes

April 28th, 2020

Resolver planning team syncup

Meeting notes

April 23rd, 2020

Developer team syncup

Meeting notes

April 22nd, 2020

An update on pip and dependency resolution

Forum post

April 20th, 2020

Resolver planning discussion and team syncup

Meeting notes

April 16th, 2020

Resolver planning discussion

Meeting notes

April 14th, 2020

Weekly team syncup

Meeting notes

April 9th, 2020

Resolver planning discussion

Meeting notes

April 8th, 2020

Test-writing planning meeting

Meeting notes

April 4th, 2020

Resolver planning discussion and team syncup

Meeting notes

April 2nd, 2020

Test-writing planning meeting

Meeting notes

March 28th, 2020

Test planning meeting

Meeting notes

March 27th, 2020

Resolver planning discussion and team syncup

Meeting notes

March 26th, 2020

New pip resolver to roll out this year

Blog post

March 23rd, 2020

Resolver planning discussion and team syncup

Meeting notes

March 19th, 2020

Resolver planning discussion

Meeting notes

March 17th, 2020

Resolver planning discussion and team syncup

Meeting notes

March 12th, 2020

Resolver planning discussion

Meeting notes

March 10th, 2020

Sign-up for the pip UX Studies!

Blog post

March 5th, 2020

Resolver planning discussion and weekly team syncup

Meeting notes

March 5th, 2020

Resolver planning discussion

Meeting notes

March 3rd, 2020

Weekly team syncup

Meeting notes

February 27th, 2020

Weekly team syncup

Meeting notes

February 20th, 2020

PyCon UX research planning discussion

Meeting notes

February 19th, 2020

Resolver planning discussion

Meeting notes

February 17th, 2020

Weekly team syncup

Meeting notes

February 13th, 2020

Explanation of pip's moving parts

Meeting notes

February 7th, 2020

Weekly team syncup

Meeting notes

February 6th, 2020

Planning UX research work

Meeting notes

January 29th, 2020

Planning test infrastructure work

Meeting notes

January 23rd, 2020

Beginning to plan resolver work

Meeting notes

January 8th, 2020

Mozilla and Chan Zuckerberg Initiative to support pip

Blog post

December 4th, 2019

Seeking Developers for Paid Contract Improving pip

Blog post

November 11th, 2019

Past projects

Warehouse: OTF grant

The Packaging Working Group applied for and received a performance-based contract (like a grant) from the Open Technology Fund to implement & deploy security, localization, and accessibility improvements for Warehouse (PyPI's codebase).

Meetings and status updates from the OTF grant-funded project:

Meeting/update

Type

Date

Start using 2FA and API Tokens on PyPI

Blog post

January 17th, 2020

API tokens and all 2FA methods are out of beta

Forum post

January 17th, 2020

Concluding report on localisation and accessibility work

Forum post

October 8th, 2019

Early Sept. update on accessibility & localisation work

Forum post

September 8th, 2019

Early September update on security work

Forum post

September 8th, 2019

FLOSS Weekly 545, PyPI Security

Podcast interview

September 4th, 2019

Prioritizing and estimating security, l10n and a11y work

Meeting notes

August 29th, 2019

Podcast.__init__ Episode 225: Security, UX, and Sustainability For The Python Package Index

Podcast interview

August 19th, 2019

Inspect PyPI event logs to audit your account's and project's security

Blog post

August 15th, 2019

Early Aug. update on 2FA, API keys, audit log, & a11y work

Forum post

August 6th, 2019

Prioritizing API token and 2FA issues

Meeting notes

August 2nd, 2019

Audit log design planning

Meeting notes

July 31st, 2019

PyPI now supports uploading via API token

Blog post

July 31st, 2019

preliminary announcement of API token beta

Forum post

July 25th, 2019

Mid-July update on 2FA, API keys, and a11y work

Forum post

July 17th, 2019

Early July update on 2FA, API keys, and a11y work

Forum post

July 3rd, 2019

API key design planning

Meeting notes

June 24th, 2019

PyPI Now Supports Two-Factor Login via WebAuthn

Blog post

June 18th, 2019

Early June update on WebAuthn and accessibility work

Forum post

June 8th, 2019

Initial a11y and i18n planning

Meeting notes

June 7th, 2019

Use two-factor auth to improve your PyPI account's security

Blog post

May 30th, 2019

Late May update on TOTP and WebAuthN work

Forum post

May 22nd, 2019

PyPI two-factor auth (2FA) trial May 3-20

Mailing list post

May 2nd, 2019

(cross-post) PyPI two-factor auth (2FA) trial May 3-20

Forum post

May 2nd, 2019

Early April update on work and request for advice

Forum post

April 3rd, 2019

PyPI security work: multifactor auth progress & help needed

Forum post

March 22nd, 2019

Prioritizing extant security issues

Meeting notes

March 22nd, 2019

Commencing security, a11y, & i18n improvements to PyPI for 2019

Blog post

March 13th, 2019

Kickoff planning meeting with grant-funded team

Meeting notes

March 11th, 2019

Upcoming PyPI Improvements for 2019

Blog post

December 20th, 2018

PyPI Security and Accessibility Q1 2019 Request for Proposals Update

Blog post

December 19th, 2018

PyPI Security and Accessibility Q1 2019 Request for Proposals period opens

Blog post

November 19th, 2018

PyPI Security and Accessibility Q1 2019 Request for Information period opens

Blog post

October 30th, 2018

Warehouse rollout

The Packaging Working Group supported the implementation & deployment of Warehouse (PyPI 2.0) to replace the legacy code base that powered legacy PyPI. Announced on PSF blog in January 2016; see its history in this April 2018 LWN article.

Meetings and status updates from the MOSS-funded project:

Meeting/update

Type

Date

PSF announcement of $170,000 MOSS award to improve sustainability of PyPI

Blog post

November 27, 2017

Kickoff meeting

Meeting notes

Monday, Dec. 4, 2017

Kickoff/milestone update

Mailing list post

Thursday, Dec. 7, 2017

Developer experience audit walkthrough

in-person meeting

Tuesday, December 12, 2017

Maintainer MVP milestone bug triage

Meeting notes

Tuesday, Dec. 19, 2017

Maintainer MVP milestone schedule discussion

Meeting notes

January 10, 2018

Mid-January progress

Mailing list post

Jan. 15, 2018

Role management and welcoming first-time contributors

Mailing list post

Jan. 23, 2018

Standup, bug triage, and milestone schedule discussion

Meeting notes

January 29, 2018

Late January progress

Mailing list post

Jan. 30, 2018

Standup, bug triage, milestone schedule discussion

Meeting notes

February 5, 2018

Warehouse update: still on track, new features

Mailing list post

Feb. 6, 2018

Standup/bug triage/milestone schedule update meeting

Meeting notes

Feb. 12th, 2018

Warehouse: package manager features & question about advertising

Mailing list post

Feb. 13, 2018

Standup, bug triage, & milestone schedule update meeting

Meeting notes

Feb. 20th, 2018

Warehouse: essential maintainer features & next steps

Mailing list post

Feb. 21st, 2018

Standup, bug triage, and milestone schedule update meeting

Meeting notes

Feb. 26th, 2018

Python package maintainers, help test the new PyPI!

Blog post

Feb. 26th, 2018

Warehouse update: a week of testing, polish, & infrastructure

Mailing list post

Feb. 27th, 2018

Planning meeting

Meeting notes

March 6th, 2018

PyPI & Warehouse update: redirecting & shutting down legacy by end of April

Mailing list post

March 7th, 2018

Core Warehouse developers' planning meeting

Meeting notes

March 12th, 2018

new stuff overview, beta next week, user tests, & other Warehouse updates

Mailing list post

March 14th, 2018

Planning meeting with core Warehouse developers

Meeting notes

March 19th, 2018

PyPI/Warehouse: infrastructure hardening & the CAPTCHA conundrum

Mailing list post

March 20th, 2018

Weekly planning meeting with core Warehouse developers

Meeting notes

March 20th, 2018

Warehouse: All New PyPI is now in beta

Blog post

March 26th, 2018

The all new Python Package Index is now in beta at pypi.org

Blog post

March 26th, 2018

beta, pythonhosted docs, PEP 541

Mailing list post

March 28th, 2018

Early April planning meeting with core Warehouse developers

Meeting notes

April 2nd, 2018

PyPI/Warehouse update: new advice & launch, shutdown dates

Mailing list post

April 3rd, 2018

Mid-April planning meeting with core Warehouse developers

Meeting notes

April 10th, 2018

PyPI/Warehouse (short) weekly report: Progress towards launch milestone

Mailing list post

April 10th, 2018

Summary of PyPI overhaul in new LWN article

Mailing list post

April 11th, 2018

Next Generation PyPI rollout incident report

Statuspage report

April 16th, 2018

New PyPI launched, legacy PyPI shutting down April 30

Blog post

April 16th, 2018

Post-launch planning with core Warehouse developers

Meeting notes

April 17th, 2018

Warehouse/PyPI update: launch, project wrapup approaching

Mailing list post

April 18th, 2018

Pre-legacy-shutdown planning with core Warehouse developers

Meeting notes

April 23rd, 2018

PyPI update: legacy shutdown 30 April, new classifiers page, seeking funding

Mailing list post

April 24th, 2018

Talk Python Episode #159: Inside the new PyPI launch

Podcast interview

April 27, 2018

Python legacy sunsetting

Statuspage report

April 30th, 2018

legacy.pypi.org shutdown notice

Mailing list post

April 30th, 2018

End-of-project conference call

Meeting notes

April 30th, 2018

Final weekly report: legacy is shut down

Mailing list post

May 1, 2018

FLOSS Weekly #482, PyPI

Podcast interview

May 2, 2018

PackagingWG (last edited 2020-11-30 13:12:46 by SumanaHarihareswara)

Unable to view page? See the FrontPage for instructions.