PackagingWG/2019-12-11-Warehouse

Legacy Wiki Page

This page was migrated from the old MoinMoin-based wiki. Information may be outdated or no longer applicable. For current documentation, see python.org.

PyPI Project Kickoff - 2019 Q4 RFP Milestone 2 - Automated Detection of Malicious Uploads

Attendees

  • Ernest W. Durbin III - PSF

  • Cristina Muñoz - Independent Contractor

  • William Woodruff - Trail of Bits

  • Mike Myers - Trail of Bits

Introductions

  • Ernest: PSF Dir of Infra. Overseeing project, available for review, design discusisons, and project onboarding.

  • Cristina: Contractor - Proposed for Milestone 2. Will be working on implementation of Milestone 2

  • Trail of Bits: William - Security Engineer at ToB, will be working on design and review of Milestone 2 work. Mike - engineering practice manager, point of contact for administrative concerns.

Logistics and Communications

  • GitHub: https://github.com/pypa/warehouse - Code Review, Design discussion, and Project tracking

  • Slack: https://thepsf.slack.com for synchronous comms related to onboarding/development and higher throughput conversations.

  • William and Mike from ToB already present as single-channel guests, Need invitation email for Cristina.

  • Meetings: Scheduled as needed, or monthly.

Project Timeline and Availability

Known unavailability:

  • Ernest: Firm: December 24-25, January 1. Tentative: December 23, 26-27.

  • Mike: Dec 24 - Jan 1

  • William: Dec 16 - 20

  • Cristina: Generally around :)

Next Steps