Skip to content

Milestones

List view

  • Package signing & detection/verification

    Security work funded by a gift from Facebook https://pyfound.blogspot.com/2018/12/upcoming-pypi-improvements-for-2019.html .... (1) Cryptographic signing and verification of artifacts (PEP 458/TUF or similar) (2) Automated detection of malicious uploads (3) Further work on API tokens + multi-factor authentication, should the need arise (4) UI design around new features mentioned above (5) User adoption planning/design (6) Documentation. PSF plans to do this work in the second half of 2019.

    Overdue by 5 year(s)
    Due by January 31, 2020
    21/23 issues closed
    91% complete2 open21 closed

  • OTF localisation work

    Localisation and internationalization work funded by Open Technology Fund https://pyfound.blogspot.com/2019/03/commencing-security-accessibility-and.html .

    Overdue by 5 year(s)
    Due by October 31, 2019
    14/15 issues closed
    93% complete1 open14 closed

  • Post Legacy Shutdown priorities

    Important issues that have gotten unblocked now that legacy PyPI is dead (RIP). See https://lwn.net/Articles/751458/ for more info.

    No due date
    78/119 issues closed
    65% complete41 open78 closed

  • Cool but not urgent

    Wishlist; not part of the critical path for shutting down legacy PyPI.

    No due date
    47/77 issues closed
    61% complete30 open47 closed