About
•
Blog
•
Newsletter
•
Links
Articles
Microsoft supports urllib3 with FOSS Fund 2024
2024-04-17
CPython release automation, more Windows SBOMs
2024-04-10
Security Developer-in-Residence Weekly Report #32
2024-03-29
Regex character “$” doesn't mean “end-of-string”
2024-03-09
Security Developer-in-Residence Weekly Report #31
2024-02-28
Windows SBOM work and Alpha-Omega 2023 annual report
2024-02-22
★
Websites without servers or networking
2024-02-19
Challenges while building SBOM infrastructure for CPython
2024-02-14
CPython 3.12.2 is SBOM-ified!
2024-02-08
Security Developer-in-Residence Weekly Report #27
2024-01-31
Releases on the Python Package Index are never “done”
2024-01-24
★
Removing maintainers from open source projects
2024-01-23
Defending against the PyTorch supply chain attack PoC
2024-01-17
★
urllib3 is fundraising for HTTP/2 support
2024-01-16
Security Developer-in-Residence Weekly Report #24
2024-01-09
2023 year in review
2023-12-31
Security Developer-in-Residence Weekly Report #23
2023-12-28
AI and Wonder
2023-12-27
Security Developer-in-Residence Weekly Report #22
2023-12-20
Mahjong tiles and Unicode variation selectors
2023-12-18
Python listed as memory-safe language in latest CISA recommendations
2023-12-14
Review of the Security Developer-in-Residence role in 2023
2023-12-06
Proposal for Software Bill-of-Materials for CPython
2023-11-22
★
Querying every file in every release on the Python Package Index
2023-11-14
OSS Security RFI, Guide to become a CNA, and PEP 639
2023-11-07
★
“For You” is not for me
2023-10-31
Patching the libwebp vulnerability across the Python ecosystem
2023-10-25
Quarterly report for Q3 2023 on the PSF Blog
2023-10-17
Reproducible builds for CPython source tarballs
2023-10-10
★
Python 3.12.0 from a supply chain security perspective
2023-10-04
Starting on Software Bill-of-Materials (SBOM) for CPython
2023-09-26
CPython vulnerabilities are now published to the Open Source Vulnerability Database
2023-09-19
Security Developer in Residence Weekly Report #10
2023-09-13
★
Visualizing the CPython Release Process
2023-09-05
Python Security Response Team handling of CVE-2023-40217
2023-08-26
Reconciling elegance and secure-by-design in APIs
2023-08-21
Security Developer-in-Residence – Weekly Report #7
2023-08-18
Security Developer-in-Residence – Weekly Report #6
2023-08-04
★
Quirks of Python package versioning
2023-08-03
Security Developer-in-Residence – Weekly Report #5
2023-07-28
Security Developer-in-Residence – Weekly Report #4
2023-07-21
Security Developer-in-Residence – Weekly Report #3
2023-07-15
Security Developer-in-Residence – Weekly Report #2
2023-07-07
Security Developer-in-Residence – Weekly Report #1
2023-06-30
I am the first PSF Security Developer-in-Residence
2023-06-22
urllib3 v2.0.0 is now generally available
2023-04-26
Google Assured OSS
2023-04-14
Python and SLSA 💃
2023-03-18
Testing multiple Python versions with nox and pyenv
2023-03-04
urllib3 in 2022
2023-01-04
Working on urllib3 full-time for one week
2022-12-27
Ubuntu 22.10 on Dell XPS 15 9520
2022-11-19
Switching git back to GPG signing
2022-08-25
Preparing for the wave of open source funding
2022-08-23
Help us test system trust stores in Python
2022-07-26
Get paid to contribute to urllib3 (Newsletter #7)
2022-06-21
★
People in your software supply chain
2022-05-31
★
Security for package maintainers
2022-03-01
Move or recover your Wordle statistics
2022-02-17
★
How does UTF-8 turn “😂” into “F09F9882”?
2022-02-08
★
Strict Python function parameters
2022-01-23
Problems with testing Python pre-releases and pip caching
2022-01-13
urllib3 raised $15,000 in 2021 (Newsletter #6)
2021-12-29
★
Experimental APIs in Python 3.10 and the future of trust stores
2021-11-27
★
Tests aren’t enough: Case study after adding type hints to urllib3
2021-10-18
The problem with Flask async views and async globals
2021-08-01
Everything to know about Requests v2.26.0
2021-07-13
urllib3 Newsletter #5
2021-06-29
urllib3 Newsletter #4
2021-05-03
urllib3 Newsletter #3
2020-12-28
urllib3 Newsletter #2
2020-11-13
urllib3 Newsletter #1
2020-10-05
★
API Design for Optional Async Context Managed Resources
2020-08-10
TIL: Getting HTTP Status Codes from Flask errorhandler
2020-07-24
Designing Libraries for Async and Sync I/O
2020-06-27
Why URLs are Hard: Path Params & urlparse
2020-04-10
urllib3 in 2020
2020-03-14
Review of 2019 for urllib3
2019-12-28
HTTP Header Compression
2019-12-06
★
Designing for Real-World HTTPS
2019-11-26
Sponsored Work on urllib3
2019-11-11