AboutBlogNewsletterLinks

Articles

Security Developer-in-Residence Weekly Report #31 2024-02-28
Windows SBOM work and Alpha-Omega 2023 annual report 2024-02-22
Websites without servers or networking 2024-02-19
Challenges while building SBOM infrastructure for CPython 2024-02-14
CPython 3.12.2 is SBOM-ified! 2024-02-08
Security Developer-in-Residence Weekly Report #27 2024-01-31
Releases on the Python Package Index are never “done” 2024-01-24
Removing maintainers from open source projects 2024-01-23
Defending against the PyTorch supply chain attack PoC 2024-01-17
urllib3 is fundraising for HTTP/2 support 2024-01-16
Security Developer-in-Residence Weekly Report #24 2024-01-09
2023 year in review 2023-12-31
Security Developer-in-Residence Weekly Report #23 2023-12-28
AI and Wonder 2023-12-27
Security Developer-in-Residence Weekly Report #22 2023-12-20
Mahjong tiles and Unicode variation selectors 2023-12-18
Python listed as memory-safe language in latest CISA recommendations 2023-12-14
Review of the Security Developer-in-Residence role in 2023 2023-12-06
Proposal for Software Bill-of-Materials for CPython 2023-11-22
Querying every file in every release on the Python Package Index 2023-11-14
OSS Security RFI, Guide to become a CNA, and PEP 639 2023-11-07
“For You” is not for me 2023-10-31
Patching the libwebp vulnerability across the Python ecosystem 2023-10-25
Quarterly report for Q3 2023 on the PSF Blog 2023-10-17
Reproducible builds for CPython source tarballs 2023-10-10
Python 3.12.0 from a supply chain security perspective 2023-10-04
Starting on Software Bill-of-Materials (SBOM) for CPython 2023-09-26
CPython vulnerabilities are now published to the Open Source Vulnerability Database 2023-09-19
Security Developer in Residence Weekly Report #10 2023-09-13
Visualizing the CPython Release Process 2023-09-05
Python Security Response Team handling of CVE-2023-40217 2023-08-26
Reconciling elegance and secure-by-design in APIs 2023-08-21
Security Developer-in-Residence – Weekly Report #7 2023-08-18
Security Developer-in-Residence – Weekly Report #6 2023-08-04
Quirks of Python package versioning 2023-08-03
Security Developer-in-Residence – Weekly Report #5 2023-07-28
Security Developer-in-Residence – Weekly Report #4 2023-07-21
Security Developer-in-Residence – Weekly Report #3 2023-07-15
Security Developer-in-Residence – Weekly Report #2 2023-07-07
Security Developer-in-Residence – Weekly Report #1 2023-06-30
I am the first PSF Security Developer-in-Residence 2023-06-22
urllib3 v2.0.0 is now generally available 2023-04-26
Google Assured OSS 2023-04-14
Python and SLSA 💃 2023-03-18
Testing multiple Python versions with nox and pyenv 2023-03-04
urllib3 in 2022 2023-01-04
Working on urllib3 full-time for one week 2022-12-27
Ubuntu 22.10 on Dell XPS 15 9520 2022-11-19
Switching git back to GPG signing 2022-08-25
Preparing for the wave of open source funding 2022-08-23
Help us test system trust stores in Python 2022-07-26
Get paid to contribute to urllib3 (Newsletter #7) 2022-06-21
People in your software supply chain 2022-05-31
Security for package maintainers 2022-03-01
Move or recover your Wordle statistics 2022-02-17
How does UTF-8 turn “😂” into “F09F9882”? 2022-02-08
Strict Python function parameters 2022-01-23
Problems with testing Python pre-releases and pip caching 2022-01-13
urllib3 raised $15,000 in 2021 (Newsletter #6) 2021-12-29
Experimental APIs in Python 3.10 and the future of trust stores 2021-11-27
Tests aren’t enough: Case study after adding type hints to urllib3 2021-10-18
The problem with Flask async views and async globals 2021-08-01
Everything to know about Requests v2.26.0 2021-07-13
urllib3 Newsletter #5 2021-06-29
urllib3 Newsletter #4 2021-05-03
urllib3 Newsletter #3 2020-12-28
urllib3 Newsletter #2 2020-11-13
urllib3 Newsletter #1 2020-10-05
API Design for Optional Async Context Managed Resources 2020-08-10
TIL: Getting HTTP Status Codes from Flask errorhandler 2020-07-24
Designing Libraries for Async and Sync I/O 2020-06-27
Why URLs are Hard: Path Params & urlparse 2020-04-10
urllib3 in 2020 2020-03-14
Review of 2019 for urllib3 2019-12-28
HTTP Header Compression 2019-12-06
Designing for Real-World HTTPS 2019-11-26
Sponsored Work on urllib3 2019-11-11