Seth Michael Larson

Microsoft supports urllib3 with FOSS Fund 2024 2024-04-17

CPython release automation, more Windows SBOMs 2024-04-10

Security Developer-in-Residence Weekly Report #32 2024-03-29

Regex character “$” doesn't mean “end-of-string” 2024-03-09

Security Developer-in-Residence Weekly Report #31 2024-02-28

Windows SBOM work and Alpha-Omega 2023 annual report 2024-02-22

★ Websites without servers or networking 2024-02-19

Challenges while building SBOM infrastructure for CPython 2024-02-14

CPython 3.12.2 is SBOM-ified! 2024-02-08

Security Developer-in-Residence Weekly Report #27 2024-01-31

Releases on the Python Package Index are never “done” 2024-01-24

★ Removing maintainers from open source projects 2024-01-23

Defending against the PyTorch supply chain attack PoC 2024-01-17

★ urllib3 is fundraising for HTTP/2 support 2024-01-16

Security Developer-in-Residence Weekly Report #24 2024-01-09

2023 year in review 2023-12-31

Security Developer-in-Residence Weekly Report #23 2023-12-28

AI and Wonder 2023-12-27

Security Developer-in-Residence Weekly Report #22 2023-12-20

Mahjong tiles and Unicode variation selectors 2023-12-18

Python listed as memory-safe language in latest CISA recommendations 2023-12-14

Review of the Security Developer-in-Residence role in 2023 2023-12-06

Proposal for Software Bill-of-Materials for CPython 2023-11-22

★ Querying every file in every release on the Python Package Index 2023-11-14

OSS Security RFI, Guide to become a CNA, and PEP 639 2023-11-07

★ “For You” is not for me 2023-10-31

Patching the libwebp vulnerability across the Python ecosystem 2023-10-25

Quarterly report for Q3 2023 on the PSF Blog 2023-10-17

Reproducible builds for CPython source tarballs 2023-10-10

★ Python 3.12.0 from a supply chain security perspective 2023-10-04

Starting on Software Bill-of-Materials (SBOM) for CPython 2023-09-26

CPython vulnerabilities are now published to the Open Source Vulnerability Database 2023-09-19

Security Developer in Residence Weekly Report #10 2023-09-13

★ Visualizing the CPython Release Process 2023-09-05

Python Security Response Team handling of CVE-2023-40217 2023-08-26

Reconciling elegance and secure-by-design in APIs 2023-08-21

Security Developer-in-Residence – Weekly Report #7 2023-08-18

Security Developer-in-Residence – Weekly Report #6 2023-08-04

★ Quirks of Python package versioning 2023-08-03

Security Developer-in-Residence – Weekly Report #5 2023-07-28

Security Developer-in-Residence – Weekly Report #4 2023-07-21

Security Developer-in-Residence – Weekly Report #3 2023-07-15

Security Developer-in-Residence – Weekly Report #2 2023-07-07

Security Developer-in-Residence – Weekly Report #1 2023-06-30

I am the first PSF Security Developer-in-Residence 2023-06-22

urllib3 v2.0.0 is now generally available 2023-04-26

Google Assured OSS 2023-04-14

Python and SLSA 💃 2023-03-18

Testing multiple Python versions with nox and pyenv 2023-03-04

urllib3 in 2022 2023-01-04

Working on urllib3 full-time for one week 2022-12-27

Ubuntu 22.10 on Dell XPS 15 9520 2022-11-19

Switching git back to GPG signing 2022-08-25

Preparing for the wave of open source funding 2022-08-23

Help us test system trust stores in Python 2022-07-26

Get paid to contribute to urllib3 (Newsletter #7) 2022-06-21

★ People in your software supply chain 2022-05-31

★ Security for package maintainers 2022-03-01

Move or recover your Wordle statistics 2022-02-17

★ How does UTF-8 turn “😂” into “F09F9882”? 2022-02-08

★ Strict Python function parameters 2022-01-23

Problems with testing Python pre-releases and pip caching 2022-01-13

urllib3 raised $15,000 in 2021 (Newsletter #6) 2021-12-29

★ Experimental APIs in Python 3.10 and the future of trust stores 2021-11-27

★ Tests aren’t enough: Case study after adding type hints to urllib3 2021-10-18

The problem with Flask async views and async globals 2021-08-01

Everything to know about Requests v2.26.0 2021-07-13

urllib3 Newsletter #5 2021-06-29

urllib3 Newsletter #4 2021-05-03

urllib3 Newsletter #3 2020-12-28

urllib3 Newsletter #2 2020-11-13

urllib3 Newsletter #1 2020-10-05

★ API Design for Optional Async Context Managed Resources 2020-08-10

TIL: Getting HTTP Status Codes from Flask errorhandler 2020-07-24

Designing Libraries for Async and Sync I/O 2020-06-27

Why URLs are Hard: Path Params & urlparse 2020-04-10

urllib3 in 2020 2020-03-14

Review of 2019 for urllib3 2019-12-28

HTTP Header Compression 2019-12-06

★ Designing for Real-World HTTPS 2019-11-26

Sponsored Work on urllib3 2019-11-11