Thursday, September 05, 2024

Pallets projects added to scope of PSF CVE Numbering Authority

Last year the Python Software Foundation wasannounced as a CVE Numbering Authority(CNA) to manage and assign CVE IDs for CPython and pip. Becoming a CVE Numbering Authority allows the PSF to provide expertise about Python in the CVE ecosystem, ensuring that users have accurate and up-to-date information about vulnerabilities affecting key projects.

Today, the PSF isexpanding our CNA scopeto also include Pallets projects, such asFlask,Jinja,Click,andQuart.For a complete list, seethe Pallets organization on GitHub.Please report any security vulnerabilities for these projects followingthe Pallets security policy.
This work is being done to learn how the PSF can better serve Python's large ecosystem of projects in the context of the CVE ecosystem. The PSF previouslypublished a guideon how open source projects can become their own CVE Numbering Authorities. You can learn more about theCVE CNA programon the CVE website.

Pallets is a fiscal sponsoree of the Python Software Foundation. Fiscal sponsorship is a key plank of the PSF’s mission in supporting the Python community. The PSF supports20 fiscal sponsoreesincluding regional PyCons, Python Meetup and User Groups, and Python projects. Learn more about our Fiscal Sponsorees onour websiteand considersupporting the groups with a US-tax deductible donation.

Thursday, August 29, 2024

Python Developers Survey 2023 Results

We are excited to sharethe results of the seventh official annual Python Developers Survey.This survey is done yearly as a collaborative effort between the Python Software Foundation andJetBrains.Responses were collected from November 2023 through February 2024. This year, we kept the response period open longer to facilitate as much global representation as possible. More than 25,000 Python developers and enthusiasts from almost 200 countries and regions participated in the survey to reveal the current state of the language and the ecosystem around it.

Check out thesurvey results!

The survey aims to map the Python landscape and covers the following topics:

  • General Python usage
  • Purpose for using Python
  • Python versions
  • Frameworks and Libraries
  • Cloud Platforms
  • Data science
  • Development tools
  • Python packaging
  • Demographics

We encourage you to check out themethodologyand theraw datafor this year's Python Developers Survey, as well as those from past years (2022,2021,2020,2019,2018,and2017). We would love to hear about what you learn by digging into the numbers! Share your results and comments with us on social media by mentioning JetBrains (LinkedIn,X) and the PSF (Mastodon,LinkedIn,X) using the # Python devsurvey hashtag. Based on the feedback we received last year, we made adjustments to the 2023 survey- so we welcome suggestions and feedback that could help us improve again for next year!