urllib3 raised $15,000 in 2021 (Newsletter #6)

Published 2021-12-29 by Seth Larson
Reading time: 3 minutes

Welcome to the 6th urllib3 newsletter, end of 2021 edition! If you'd like to discuss this edition of our newsletter you can join our community Discord.

Thanks to our sponsors!

This year we received so much support from many different places, people, and organizations. We enter the new year with $12,254.95 in OpenCollective available for distribution.

We're so thankful for everyone who contributed. Your support means we can fairly pay for people's time and expertise and ensure that PyPI's most downloaded package continues to be secure, up-to-date, and working towards the future of HTTP in Python.

This large amount of funding means our team is planning on setting up a span of full-time development to focus on closing out v2.0 in addition to continuing to pay contributors both from our team and the community to work on urllib3.

Where we received and spent our funding

All of these amounts shown below are after fees from payment processing, Coinbase, OpenCollective fiscal hosting, and cryptocurrency gas fees. In short it's the value that’s available for our team to pay out to contributors. We funnel all of our funds to OpenCollective in order to make payment processing easy for as many individuals as possible.

Funds were paid out to the following individuals:

¹ Amount from GitCoin is only ETH, DAI, and USDC that were sold for USD. Other currencies that were donated have not been converted to USD yet to avoid paying fees on small amounts.

² Tidelift is paid directly to Seth Larson and Quentin Pradet and isn't subject to OpenCollective fees.

Releases and Contributors

There were 5 new releases of urllib3 over the past year, two of which contained fixes for security issues CVE-2021-28363 and CVE-2021-33503. Hopefully you’re using the latest 1.26.7 release! We received 197 commits from 17 unique committers across the year. Thanks to everyone who contributed.

Progress towards v2.0

The v2.0 milestone on GitHub tracks our progress towards the v2.0 release of urllib3. This year our team closed 25 issues in the v2.0 milestone, leaving only 11 open issues remaining for a v2.0 release. We’re hopeful that the focus on paying for sustained development time in 2022 will mean a v2.0 release next year.

Even after v2.0 is released our team plans on continuing bug fix and security support for the v1.26.x release stream thanks to financial support from Tidelift.

Type hints case study

Hasan Ramenzani spent a ton of time working on type hints for the v2.0 branch. This work spanned multiple months and included so many lessons learned and interesting situations that our team wrote a case study on the entire experience.

Unreasonable effectiveness of investing in open source

Quentin Pradet was paid to work 20 hours on urllib3 and once again proved the incredible return on investment that paid open source contributions can be. Over the course of 20 hours Quentin contributed many PRs to urllib3 which resulted in finding a bug in Python’s ssl module. Quentin submitted a bug report to Python which inspired a usability bug fix to OpenSSL. Not bad!

PyCascades 2021

Seth spoke at PyCascades 2021 back in February about how the urllib3 team plans on shipping breaking changes in v2.0. You can watch the recording on Youtube.

Thanks for reading! ♡ Did you find this article helpful and want more content like it? Get notified of new posts by subscribing to the RSS feed or the email newsletter.

This work is licensed under CC BY-SA 4.0