From mal at python.org Mon May 1 09:30:26 2017 From: mal at python.org (M.-A. Lemburg) Date: Mon, 1 May 2017 15:30:26 +0200 Subject: [PSF-Community] EuroPython 2017: Talk voting is open Message-ID: <42732a77-973a-9617-155f-a4fd9f144aef@python.org> At EuroPython, we let our attendees have a significant say in the selection of the sessions which are presented at the conference. We call this "talk voting" - attendees can tell us which submitted talks they?d like to see at the conference. To be eligible to vote for talks, you need to be a registered attendee of the current EuroPython, or attendee of the past two EuroPython conferences. How talk voting works --------------------- Please log in and proceed to * https://ep2017.europython.eu/en/speakers/talk-voting/ to vote for talks. The talk voting page lists all submitted proposals, including talks, trainings and posters. At the top of the page you find a few filters you can use to narrow down the list by e.g. selecting tags you?re interested in or only show one type of proposal and also to select the sorting order. For each submission, you can find the talk title with a link to the talk page. In order to vote, have a look at the title/abstract and then indicate your personal interest in attending this session. We have simplified the voting process and you may chose between these four options: - must see - want to see - maybe - not interested If you have questions about the talk, you can go to the talk page and enter a comment. Note that your votes are automatically saved to the backend without the need to click on a save or submit button. Talk selection -------------- After the talk voting phase, the EuroPython Program Workgroup (WG) will use the votes to select the talks and build a schedule. The majority of the talks will be chosen based on the talk voting results. Part of the available slots will be directly assigned by the Program WG based on editorial criteria to e.g. increase diversity or give a chance to less mainstream topics. In general, the Program WG will try to give as many speakers a chance to talk as possible. If speakers have submitted multiple talks, the one with the highest rate will most likely get selected. Enjoy, -- EuroPython 2017 Team http://ep2017.europython.eu/ http://www.europython-society.org/ PS: Please forward or retweet to help us reach all interested parties: https://twitter.com/europython/status/859021545066430464 Thanks. From ewa at python.org Mon May 1 14:06:04 2017 From: ewa at python.org (Ewa Jodlowska) Date: Mon, 1 May 2017 13:06:04 -0500 Subject: [PSF-Community] Open Call for PSF Board Nominations Message-ID: Hi, Are you interested in running for the PSF Board 2017/18 term? Please read through & add your nomination here: https://wiki.python.org/ moin/PythonSoftwareFoundation/BoardCandidates2017. *The deadline to submit a nomination is May 25, 2017 11:59pm AoE*: https://www.timeanddate.com/worldclock/fixedtime.html?msg= Nomination+Deadline&iso=20170525T2359&p1=3926 Thanks, Ewa Jodlowska Director of Operations -------------- next part -------------- An HTML attachment was scrubbed... URL: From ewa at python.org Thu May 4 10:24:59 2017 From: ewa at python.org (Ewa Jodlowska) Date: Thu, 4 May 2017 09:24:59 -0500 Subject: [PSF-Community] Announcement: PSF Members Lunch at PyCon US Message-ID: Dear PSF members, We will host a PSF Members Lunch at PyCon US Portland, OR for those that are registered for the conference. If you are a new or long-time PSF member, it would be great to meet you in person. - Day/time: Saturday May 20, 2017, 12:40pm local time - Location: Oregon Convention Center, Room F150-F151 - Menu: - Salad option for all: Spinach and Curly Endive - strawberries, Briar Rose Creamery goat cheese, black pepper honey Regular: Roasted Breast of Chicken Roulade - local forest mushroom ragout, white cream garlic sauce, garlic chips Portobello Napoleon (GF & LF) - grilled portobello mushrooms, eggplant, roasted pepper, tomato coulis, basil oil - Special dietary meals will be provided for those that request one in the RSVP below. - *RSVP by May 10, 2017: **https://goo.gl/forms/ebuLxsNmMSx3ieIQ2 * - Agenda: - get to know some of the 2017/18 PSF Board candidates - mingling with members Best regards, Ewa Director of Operations Python Software Foundation -------------- next part -------------- An HTML attachment was scrubbed... URL: From rochacbruno at gmail.com Thu May 4 19:41:08 2017 From: rochacbruno at gmail.com (Bruno Rocha) Date: Thu, 4 May 2017 20:41:08 -0300 Subject: [PSF-Community] Dangerous PyPI packages and PSF Message-ID: Hi, I just read this on reddit[0], a thread asking if PyPI packages are audited and somebody pointed the `python-nation`[1] which is a harmful and useless module, installing itself and sending the `/etc/passwd` content to external endpoint. The app receiving the data is hosted at http://python-nation.herokuapp.com and as the PSF mission [2] says The mission of the Python Software Foundation is to promote, protect, and advance the Python programming language I wonder if there are some workgroup at PSF to handle this? and not only the specific case of `python-nation` which should be deleted and the user banned maybe, But also to handle the audit of other packages? [0] https://www.reddit.com/r/Python/comments/697da2/does_ pypi_review_code_thats_uploaded/ [1] https://www.reddit.com/r/Python/comments/697da2/does_ pypi_review_code_thats_uploaded/dh4uyf8/ [2] https://www.python.org/psf/mission/ Cheers, -- *Bruno Rocha - @rochacbruno * http://brunorocha.org -------------- next part -------------- An HTML attachment was scrubbed... URL: From rochacbruno at gmail.com Thu May 4 20:08:15 2017 From: rochacbruno at gmail.com (Bruno Rocha) Date: Thu, 4 May 2017 21:08:15 -0300 Subject: [PSF-Community] Dangerous PyPI packages and PSF In-Reply-To: References: Message-ID: Interesting detail, the mentioned package https://pypi.python.org/pypi/python-nation/1.0.1 was created and uploaded by Jacob Kaplan Moss, so I guess this is intended to be a POC, to show PyPI vulnerabilities or some Infosec experiment. On Thu, May 4, 2017 at 8:41 PM, Bruno Rocha wrote: > Hi, > > I just read this on reddit[0], a thread asking if PyPI packages are > audited and somebody pointed the `python-nation`[1] which is a harmful and > useless module, installing itself and sending the `/etc/passwd` content to > external endpoint. > > The app receiving the data is hosted at http://python-nation.herokuapp.com > > and as the PSF mission [2] says > > The mission of the Python Software Foundation is to promote, protect, and > advance the Python programming language > > I wonder if there are some workgroup at PSF to handle this? and not only > the specific case of `python-nation` which should be deleted and the user > banned maybe, But also to handle the audit of other packages? > > > [0] https://www.reddit.com/r/Python/comments/697da2/does_pyp > i_review_code_thats_uploaded/ > [1] https://www.reddit.com/r/Python/comments/697da2/does_pyp > i_review_code_thats_uploaded/dh4uyf8/ > [2] https://www.python.org/psf/mission/ > > > Cheers, > > -- > > *Bruno Rocha - @rochacbruno * > http://brunorocha.org > > -- *Bruno Rocha - @rochacbruno * http://brunorocha.org -------------- next part -------------- An HTML attachment was scrubbed... URL: From jackiekazil at gmail.com Thu May 4 21:50:06 2017 From: jackiekazil at gmail.com (Jacqueline Kazil) Date: Thu, 4 May 2017 21:50:06 -0400 Subject: [PSF-Community] Dangerous PyPI packages and PSF In-Reply-To: References: Message-ID: That is a great observation Bruno! -Jackie On Thu, May 4, 2017 at 8:08 PM, Bruno Rocha wrote: > Interesting detail, the mentioned package https://pypi.python. > org/pypi/python-nation/1.0.1 was created and uploaded by > Jacob Kaplan Moss, so I guess this is intended to be a POC, to show PyPI > vulnerabilities or some Infosec experiment. > > On Thu, May 4, 2017 at 8:41 PM, Bruno Rocha wrote: > >> Hi, >> >> I just read this on reddit[0], a thread asking if PyPI packages are >> audited and somebody pointed the `python-nation`[1] which is a harmful and >> useless module, installing itself and sending the `/etc/passwd` content to >> external endpoint. >> >> The app receiving the data is hosted at http://python-nation.heroku >> app.com >> >> and as the PSF mission [2] says >> >> The mission of the Python Software Foundation is to promote, protect, and >> advance the Python programming language >> >> I wonder if there are some workgroup at PSF to handle this? and not only >> the specific case of `python-nation` which should be deleted and the user >> banned maybe, But also to handle the audit of other packages? >> >> >> [0] https://www.reddit.com/r/Python/comments/697da2/does_pyp >> i_review_code_thats_uploaded/ >> [1] https://www.reddit.com/r/Python/comments/697da2/does_pyp >> i_review_code_thats_uploaded/dh4uyf8/ >> [2] https://www.python.org/psf/mission/ >> >> >> Cheers, >> >> -- >> >> *Bruno Rocha - @rochacbruno * >> http://brunorocha.org >> >> > > > -- > > *Bruno Rocha - @rochacbruno * > http://brunorocha.org > > > _______________________________________________ > PSF-Community mailing list > PSF-Community at python.org > https://mail.python.org/mailman/listinfo/psf-community > > -- Jacqueline Kazil | @jackiekazil -------------- next part -------------- An HTML attachment was scrubbed... URL: From rainventions at gmail.com Thu May 4 21:55:58 2017 From: rainventions at gmail.com (Ryan Birmingham) Date: Thu, 4 May 2017 21:55:58 -0400 Subject: [PSF-Community] Dangerous PyPI packages and PSF In-Reply-To: References: Message-ID: I'm not sure what effective package review would look like here. Perhaps we could establish an entity to screen packages on an opt-in basis, but I don't know if we have the resources/people for this. Automated code screening could and probably would miss the python nation example due to the unorthodox use of compressed instructions. Does anyone have any ideas? -Ryan Birmingham On 4 May 2017 at 20:08, Bruno Rocha wrote: > Interesting detail, the mentioned package https://pypi.python. > org/pypi/python-nation/1.0.1 was created and uploaded by > Jacob Kaplan Moss, so I guess this is intended to be a POC, to show PyPI > vulnerabilities or some Infosec experiment. > > On Thu, May 4, 2017 at 8:41 PM, Bruno Rocha wrote: > >> Hi, >> >> I just read this on reddit[0], a thread asking if PyPI packages are >> audited and somebody pointed the `python-nation`[1] which is a harmful and >> useless module, installing itself and sending the `/etc/passwd` content to >> external endpoint. >> >> The app receiving the data is hosted at http://python-nation.heroku >> app.com >> >> and as the PSF mission [2] says >> >> The mission of the Python Software Foundation is to promote, protect, and >> advance the Python programming language >> >> I wonder if there are some workgroup at PSF to handle this? and not only >> the specific case of `python-nation` which should be deleted and the user >> banned maybe, But also to handle the audit of other packages? >> >> >> [0] https://www.reddit.com/r/Python/comments/697da2/does_pyp >> i_review_code_thats_uploaded/ >> [1] https://www.reddit.com/r/Python/comments/697da2/does_pyp >> i_review_code_thats_uploaded/dh4uyf8/ >> [2] https://www.python.org/psf/mission/ >> >> >> Cheers, >> >> -- >> >> *Bruno Rocha - @rochacbruno * >> http://brunorocha.org >> >> > > > -- > > *Bruno Rocha - @rochacbruno * > http://brunorocha.org > > > _______________________________________________ > PSF-Community mailing list > PSF-Community at python.org > https://mail.python.org/mailman/listinfo/psf-community > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From greg at krypto.org Fri May 5 00:10:00 2017 From: greg at krypto.org (Gregory P. Smith) Date: Fri, 05 May 2017 04:10:00 +0000 Subject: [PSF-Community] Dangerous PyPI packages and PSF In-Reply-To: References: Message-ID: This is not a solvable problem. IMNSHO We should never attempt to implement pre screening of packages. It is a good post-package-upload task for someone to try and do as a research project. Automated code scanning can only find already known things and similar signatures (at which point it can have false positives) and we aren't just talking about obfuscated source code. PyPI hosts binary wheels made using unreproduceable build processes on untrusted machines created from unverifiable inputs. Scanning services such as Google's https://www.virustotal.com/en/about/ exist but I'm not sure that'd be of much value to PyPI. -gps On Thu, May 4, 2017 at 7:28 PM Ryan Birmingham wrote: > I'm not sure what effective package review would look like here. Perhaps > we could establish an entity to screen packages on an opt-in basis, but I > don't know if we have the resources/people for this. Automated code > screening could and probably would miss the python nation example due to > the unorthodox use of compressed instructions. > Does anyone have any ideas? > > -Ryan Birmingham > > On 4 May 2017 at 20:08, Bruno Rocha wrote: > >> Interesting detail, the mentioned package >> https://pypi.python.org/pypi/python-nation/1.0.1 was created and >> uploaded by Jacob Kaplan Moss, so I guess this is intended to be a POC, to >> show PyPI vulnerabilities or some Infosec experiment. >> >> On Thu, May 4, 2017 at 8:41 PM, Bruno Rocha >> wrote: >> >>> Hi, >>> >>> I just read this on reddit[0], a thread asking if PyPI packages are >>> audited and somebody pointed the `python-nation`[1] which is a harmful and >>> useless module, installing itself and sending the `/etc/passwd` content to >>> external endpoint. >>> >>> The app receiving the data is hosted at >>> http://python-nation.herokuapp.com >>> >>> and as the PSF mission [2] says >>> >>> The mission of the Python Software Foundation is to promote, protect, >>> and advance the Python programming language >>> >>> I wonder if there are some workgroup at PSF to handle this? and not only >>> the specific case of `python-nation` which should be deleted and the user >>> banned maybe, But also to handle the audit of other packages? >>> >>> >>> [0] >>> https://www.reddit.com/r/Python/comments/697da2/does_pypi_review_code_thats_uploaded/ >>> [1] >>> https://www.reddit.com/r/Python/comments/697da2/does_pypi_review_code_thats_uploaded/dh4uyf8/ >>> [2] https://www.python.org/psf/mission/ >>> >>> >>> Cheers, >>> >>> -- >>> >>> *Bruno Rocha - @rochacbruno * >>> http://brunorocha.org >>> >>> >> >> >> -- >> >> *Bruno Rocha - @rochacbruno * >> http://brunorocha.org >> >> >> _______________________________________________ >> PSF-Community mailing list >> PSF-Community at python.org >> https://mail.python.org/mailman/listinfo/psf-community >> >> > _______________________________________________ > PSF-Community mailing list > PSF-Community at python.org > https://mail.python.org/mailman/listinfo/psf-community > -------------- next part -------------- An HTML attachment was scrubbed... URL: From noah at coderanger.net Fri May 5 00:22:28 2017 From: noah at coderanger.net (Noah Kantrowitz) Date: Thu, 4 May 2017 21:22:28 -0700 Subject: [PSF-Community] Dangerous PyPI packages and PSF In-Reply-To: References: Message-ID: <6CF092F7-8C5B-4656-9151-64E62F423E6E@coderanger.net> > On May 4, 2017, at 4:41 PM, Bruno Rocha wrote: > > Hi, > > I just read this on reddit[0], a thread asking if PyPI packages are audited and somebody pointed the `python-nation`[1] which is a harmful and useless module, installing itself and sending the `/etc/passwd` content to external endpoint. > > The app receiving the data is hosted at http://python-nation.herokuapp.com > > and as the PSF mission [2] says > > The mission of the Python Software Foundation is to promote, protect, and advance the Python programming language > > I wonder if there are some workgroup at PSF to handle this? and not only the specific case of `python-nation` which should be deleted and the user banned maybe, But also to handle the audit of other packages? > > > [0] https://www.reddit.com/r/Python/comments/697da2/does_pypi_review_code_thats_uploaded/ > [1] https://www.reddit.com/r/Python/comments/697da2/does_pypi_review_code_thats_uploaded/dh4uyf8/ > [2] https://www.python.org/psf/mission/ Specifically re: the vector of running code at install time, wheels can help with this though I don't think there is a good way to tell pip to ignore non-wheel builds. But even then, the whole point is that you're downloading code from the internet :) If you want to discuss this further I recommend the distutils-sig mailing list. --Noah -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 801 bytes Desc: Message signed with OpenPGP URL: From ncoghlan at gmail.com Fri May 5 08:10:14 2017 From: ncoghlan at gmail.com (Nick Coghlan) Date: Fri, 5 May 2017 22:10:14 +1000 Subject: [PSF-Community] Dangerous PyPI packages and PSF In-Reply-To: References: Message-ID: On 5 May 2017 at 09:41, Bruno Rocha wrote: > Hi, > > I just read this on reddit[0], a thread asking if PyPI packages are audited > and somebody pointed the `python-nation`[1] which is a harmful and useless > module, installing itself and sending the `/etc/passwd` content to external > endpoint. > > The app receiving the data is hosted at http://python-nation.herokuapp.com This is something that Jacob Kaplan-Moss wrote for a PyCon Australia security lightning talk a few years back: https://www.youtube.com/watch?list=PLs4CJRBY5F1KDIN6pv6daYWN_RnFOYvt0&feature=player_detailpage&v=daVHCUHtOZ4#t=1819s That talk was prompted by a similar social engineering exercise carried out in the Ruby community: http://blog.honeybadger.io/stop-using-rubygemsorg-in-production/ > and as the PSF mission [2] says > > The mission of the Python Software Foundation is to promote, protect, and > advance the Python programming language > > I wonder if there are some workgroup at PSF to handle this? and not only the > specific case of `python-nation` which should be deleted and the user banned > maybe, python-nation does not violate PyPI's Terms of Service. However, it does provide a useful reminder to end users that mistakenly view PyPI as a restricted app store rather than as an open publication platform akin to the web itself that "pip install " is essentially no safer than "curl | sh" (although it does offer greater assurances that if you pin your dependencies to particular versions, future downloads will either get you the same thing, or else fail outright). > But also to handle the audit of other packages? When people and organisations want security audits of open source software, they either have to do them themselves, pay someone else to do them on their behalf, or else rely on one of the volunteer-driven collaborative software auditing projects more commonly known as "community Linux distributions" (accepting the couple of orders of magnitude reduction in available components that comes from that last choice). Most large organisations will end up relying on some combination of the three (e.g. it's not uncommon for a RHEL-hosted application to include commercially audited packages from Red Hat and certified partners, community audited packages from EPEL, IUS, Fedora COPR, and/or softwarecollection.org, and team audited packages directly from PyPI, and we see the same kinds of layered architectures showing up regardless of which distro or platform people target). Cheers, Nick. -- Nick Coghlan | ncoghlan at gmail.com | Brisbane, Australia From ncoghlan at gmail.com Fri May 5 08:22:31 2017 From: ncoghlan at gmail.com (Nick Coghlan) Date: Fri, 5 May 2017 22:22:31 +1000 Subject: [PSF-Community] Dangerous PyPI packages and PSF In-Reply-To: References: Message-ID: On 5 May 2017 at 14:10, Gregory P. Smith wrote: > This is not a solvable problem. IMNSHO We should never attempt to implement > pre screening of packages. > > It is a good post-package-upload task for someone to try and do as a > research project. > > Automated code scanning can only find already known things and similar > signatures (at which point it can have false positives) and we aren't just > talking about obfuscated source code. PyPI hosts binary wheels made using > unreproduceable build processes on untrusted machines created from > unverifiable inputs. Scanning services such as Google's > https://www.virustotal.com/en/about/ exist but I'm not sure that'd be of > much value to PyPI. Red Hat's approach to this (https://github.com/fabric8-analytics/) relies heavily on "popularity within your cohort" as a proxy for safety. It's far from being a perfect approach (since there's still a risk of the "bystander effect" coming into play, where everyone assumes everyone else is handling the security audits), but it at least gives people a heads up when they're doing something relatively unusual and hence may want to take more care and treat their potential dependencies with a bit more suspicion. Cheers, Nick. P.S. Full disclosure: until I switched teams a few months ago, working on fabric8-analytics (and its precursor projects) was my day job at Red Hat. As far as I'm aware, the current version still doesn't take the raw PyPI Big Query download data into account, but it does track component usage across public GitHub repositories - the benefit of focusing on the latter is that it gives you co-occurence information (i.e. "component X is often used in combination with component Y"), rather than the raw popularity metrics offered by the download numbers (which can also be heavily skewed by artifact caches, and the lack thereof, in automated build and test pipelines). -- Nick Coghlan | ncoghlan at gmail.com | Brisbane, Australia From mal at python.org Wed May 17 06:15:19 2017 From: mal at python.org (M.-A. Lemburg) Date: Wed, 17 May 2017 12:15:19 +0200 Subject: [PSF-Community] EuroPython 2017: First list of accepted sessions available Message-ID: <4146d465-6d25-d3f5-9af2-2297869e560d@python.org> We have received an amazing collection of proposals. Thank you all for your submissions ! Given the overwhelming quality of the proposals, we had some very difficult decisions to make. Nonetheless we are happy to announce we have published the first 140+ sessions. * EuroPython 2017 Sessions * https://ep2017.europython.eu/en/events/sessions/ Here?s what we have on offer so far: 100 talks 19 trainings 10 posters 2 interactive sessions 5 help desks 2 EuroPython sessions for a total of 138 sessions in addition to the 3 keynotes we have already announced. More sessions to come --------------------- More sessions will be announced early next week and the full schedule will follow. In total, we will again have more than 200 sessions waiting for you. Please see the session list for details and abstracts. In case you wonder what poster, interactive and help desk sessions are, please check the call for proposals: https://ep2017.europython.eu/en/call-for-proposals/#Presenting-at-EuroPython Aside: If you haven?t done yet, please get your EuroPython 2017 ticket soon. We will switch to on-desk rates in June, which will cost around 30% more than the regular rates. Enjoy, -- EuroPython 2017 Team http://ep2017.europython.eu/ http://www.europython-society.org/ PS: Please forward or retweet to help us reach all interested parties: https://twitter.com/europython/status/864785185098936320 Thanks. From matt at mondoinfo.com Fri May 19 19:12:20 2017 From: matt at mondoinfo.com (Matthew Dixon Cowles) Date: Fri, 19 May 2017 18:12:20 -0500 (CDT) Subject: [PSF-Community] Where is the PSF's budget posted? Message-ID: <1495235053.26.992@mint-julep.mondoinfo.com> Can someone remind me where the PSF's budget is posted? Some Googling doesn't seem to find it for me. Regards, Matt From betsy at python.org Wed May 24 14:02:10 2017 From: betsy at python.org (Betsy Waliszewski) Date: Wed, 24 May 2017 11:02:10 -0700 Subject: [PSF-Community] =?utf-8?q?Sponsored_Tickets_to_PyCon_CZ_2017_Pra?= =?utf-8?b?Z3VlIDjigJExMCBKdW5l?= Message-ID: Hi, As a part of the PSF's sponsorship of PyCon CZ, we have (4) free tickets available. Please contact me if you are interested in attending. https://cz.pycon.org/2017/ Best, Betsy -- Betsy Waliszewski Python Software Foundation Event Coordinator / Administrator @betswaliszewski -------------- next part -------------- An HTML attachment was scrubbed... URL: From mal at python.org Fri May 26 07:26:16 2017 From: mal at python.org (M.-A. Lemburg) Date: Fri, 26 May 2017 13:26:16 +0200 Subject: [PSF-Community] EuroPython 2017: Full session list online Message-ID: <58b475e7-3df8-95ee-1948-2d3746e6d7e3@python.org> After the final review round, we are now happy to announce the complete list of more than 200 accepted sessions. * EuroPython 2017 Session List * https://ep2017.europython.eu/en/events/sessions/ Here?s what we have on offer: - 5 keynotes - 157 talks - 20 trainings - 10 posters - 4 interactive sessions - 5 help desks - 2 EuroPython sessions for a total of 203 sessions, arranged in 5 tracks from Monday, July 10, thru Friday, July 14, in addition to the Beginners? Day and Django Girls workshops on Sunday, July 9, and the Sprints on the weekend July 15-16. Please see the session list for details and abstracts. In case you wonder what poster, interactive and help desk sessions are, please check the call for proposals: https://ep2017.europython.eu/en/call-for-proposals/#Presenting-at-EuroPython Additional help desk slots available ------------------------------------ We have 5 additional help desk slots available. If you are interested in arranging one, please see our Call for Proposals for details and contact program at europython.eu to submit your proposal. Organizers of help desks are eligible for a 25% ticket discount. Schedule to be announced next week ---------------------------------- Our program work group is now working hard on scheduling all these sessions. We expect to announce the final schedule by the end of next week. We will use the same conference schedule layout as in previous years: * Sunday, July 9: Beginners? Day and Django Girls workshops; registration desk opens * Monday - Friday, July 10-14: Conference talks, trainings, keynotes, help desks, interactive sessions, etc. * Saturday - Sunday, July 15-16: Sprints A typical conference day will open the venue at 08:30, have the first session around 09:00 and end at 18:30. Lunch breaks are scheduled for around 13:15. Please note that we don?t serve breakfast. Aside: If you haven?t done yet, please get your EuroPython 2017 ticket soon. We will switch to on-desk rates in June, which will cost around 30% more than the regular rates. https://ep2017.europython.eu/en/registration/buy-tickets/ Enjoy, -- EuroPython 2017 Team http://ep2017.europython.eu/ http://www.europython-society.org/ PS: Please forward or retweet to help us reach all interested parties: https://twitter.com/europython/status/868063669019697153 Thanks. From jackiekazil at gmail.com Fri May 26 21:17:01 2017 From: jackiekazil at gmail.com (Jacqueline Kazil) Date: Fri, 26 May 2017 21:17:01 -0400 Subject: [PSF-Community] EuroPython 2017: Full session list online In-Reply-To: <58b475e7-3df8-95ee-1948-2d3746e6d7e3@python.org> References: <58b475e7-3df8-95ee-1948-2d3746e6d7e3@python.org> Message-ID: Looks like a great line up! On Fri, May 26, 2017 at 7:26 AM, M.-A. Lemburg wrote: > After the final review round, we are now happy to announce the > complete list of more than 200 accepted sessions. > > > * EuroPython 2017 Session List * > > https://ep2017.europython.eu/en/events/sessions/ > > > Here?s what we have on offer: > > - 5 keynotes > - 157 talks > - 20 trainings > - 10 posters > - 4 interactive sessions > - 5 help desks > - 2 EuroPython sessions > > for a total of 203 sessions, arranged in 5 tracks from Monday, July > 10, thru Friday, July 14, in addition to the Beginners? Day and Django > Girls workshops on Sunday, July 9, and the Sprints on the weekend July > 15-16. > > Please see the session list for details and abstracts. In case you > wonder what poster, interactive and help desk sessions are, please > check the call for proposals: > > > https://ep2017.europython.eu/en/call-for-proposals/# > Presenting-at-EuroPython > > > Additional help desk slots available > ------------------------------------ > > We have 5 additional help desk slots available. If you are interested > in arranging one, please see our Call for Proposals for details and > contact program at europython.eu to submit your proposal. Organizers of > help desks are eligible for a 25% ticket discount. > > Schedule to be announced next week > ---------------------------------- > > Our program work group is now working hard on scheduling all these > sessions. We expect to announce the final schedule by the end of next > week. > > We will use the same conference schedule layout as in previous years: > > * Sunday, July 9: Beginners? Day and Django Girls workshops; > registration desk opens > > * Monday - Friday, July 10-14: Conference talks, trainings, keynotes, > help desks, interactive sessions, etc. > > * Saturday - Sunday, July 15-16: Sprints > > A typical conference day will open the venue at 08:30, have the first > session around 09:00 and end at 18:30. Lunch breaks are scheduled for > around 13:15. Please note that we don?t serve breakfast. > > Aside: If you haven?t done yet, please get your EuroPython 2017 ticket > soon. We will switch to on-desk rates in June, which will cost around > 30% more than the regular rates. > > https://ep2017.europython.eu/en/registration/buy-tickets/ > > > Enjoy, > -- > EuroPython 2017 Team > http://ep2017.europython.eu/ > http://www.europython-society.org/ > > PS: Please forward or retweet to help us reach all interested parties: > https://twitter.com/europython/status/868063669019697153 > Thanks. > _______________________________________________ > PSF-Community mailing list > PSF-Community at python.org > https://mail.python.org/mailman/listinfo/psf-community > -- Jacqueline Kazil | @jackiekazil -------------- next part -------------- An HTML attachment was scrubbed... URL: From mal at python.org Sat May 27 06:15:20 2017 From: mal at python.org (M.-A. Lemburg) Date: Sat, 27 May 2017 12:15:20 +0200 Subject: [PSF-Community] EuroPython 2017: Full session list online In-Reply-To: References: <58b475e7-3df8-95ee-1948-2d3746e6d7e3@python.org> Message-ID: <40cd1d60-f550-e6d0-a424-2d840add15b0@python.org> On 27.05.2017 03:17, Jacqueline Kazil wrote: > Looks like a great line up! Thanks, Jacqueline. There's plenty to see and we'll have many different topics covered. > On Fri, May 26, 2017 at 7:26 AM, M.-A. Lemburg wrote: > >> After the final review round, we are now happy to announce the >> complete list of more than 200 accepted sessions. >> >> >> * EuroPython 2017 Session List * >> >> https://ep2017.europython.eu/en/events/sessions/ >> >> >> Here?s what we have on offer: >> >> - 5 keynotes >> - 157 talks >> - 20 trainings >> - 10 posters >> - 4 interactive sessions >> - 5 help desks >> - 2 EuroPython sessions >> >> for a total of 203 sessions, arranged in 5 tracks from Monday, July >> 10, thru Friday, July 14, in addition to the Beginners? Day and Django >> Girls workshops on Sunday, July 9, and the Sprints on the weekend July >> 15-16. >> >> Please see the session list for details and abstracts. In case you >> wonder what poster, interactive and help desk sessions are, please >> check the call for proposals: >> >> >> https://ep2017.europython.eu/en/call-for-proposals/# >> Presenting-at-EuroPython >> >> >> Additional help desk slots available >> ------------------------------------ >> >> We have 5 additional help desk slots available. If you are interested >> in arranging one, please see our Call for Proposals for details and >> contact program at europython.eu to submit your proposal. Organizers of >> help desks are eligible for a 25% ticket discount. >> >> Schedule to be announced next week >> ---------------------------------- >> >> Our program work group is now working hard on scheduling all these >> sessions. We expect to announce the final schedule by the end of next >> week. >> >> We will use the same conference schedule layout as in previous years: >> >> * Sunday, July 9: Beginners? Day and Django Girls workshops; >> registration desk opens >> >> * Monday - Friday, July 10-14: Conference talks, trainings, keynotes, >> help desks, interactive sessions, etc. >> >> * Saturday - Sunday, July 15-16: Sprints >> >> A typical conference day will open the venue at 08:30, have the first >> session around 09:00 and end at 18:30. Lunch breaks are scheduled for >> around 13:15. Please note that we don?t serve breakfast. >> >> Aside: If you haven?t done yet, please get your EuroPython 2017 ticket >> soon. We will switch to on-desk rates in June, which will cost around >> 30% more than the regular rates. >> >> https://ep2017.europython.eu/en/registration/buy-tickets/ >> >> >> Enjoy, >> -- >> EuroPython 2017 Team >> http://ep2017.europython.eu/ >> http://www.europython-society.org/ >> >> PS: Please forward or retweet to help us reach all interested parties: >> https://twitter.com/europython/status/868063669019697153 >> Thanks. >> _______________________________________________ >> PSF-Community mailing list >> PSF-Community at python.org >> https://mail.python.org/mailman/listinfo/psf-community >> > > > -- Marc-Andre Lemburg Python Software Foundation http://www.python.org/psf/ http://www.malemburg.com/ From kushaldas at gmail.com Tue May 30 22:57:31 2017 From: kushaldas at gmail.com (Kushal Das) Date: Wed, 31 May 2017 08:27:31 +0530 Subject: [PSF-Community] [X-POST] PSF Board Meeting Minutes 2017-04-03 Message-ID: Hi everyone, The PSF board meeting minutes from 3rd April are available online at [1]. There were 9 directors present in the meeting. Ewa Jodlowksa (Director of Operations), Kurt Kaiser (Treasurer), Betsy Waliszewski (Event Planner and Administrator), Phyllis Dobbs (Controller/Assistant Treasurer Accountant), (Mark Mangoba (IT Manager) were also in attendance. The sponsor working group approved UK Web Host Review and Accelebrate as Iron level sponsors of PSF. The Python Software Foundation also awarded the 2017 Frank Willison Award to Katie Cunningham and Barbara Shaurette in recognition of their continuing work to create and run their Young Coders classes, along with freely distributing their teaching materials. The following grants were also approved from our last meeting, totaling $32087.46 * PyLadies Toronto meetup fee $179.88 * PuPPy User Group $269.82 * PyLadies London $359.76 * Django Girls Jos, Nigeria workshop. $750 * Django Girls S?o Jos? dos Campos, Brazil May 20, 2017 $750 * Django Girls Porto Alegre, Brazil March 17, 2017 $1000 * Django Girls Accra, Ghana June 16-17, 2017 $700 * Django Girls Faridabad $400 * Django Girls Niter?i $500 * PyCode Czech Republic April 7-9, 2017 $600 * Django Girls Macei?, Brazil May 12-13, 2017 $500 * Django Girls Florence, Italy April 2, 2017 $538 * Django Girls Gurgaon, India April 9, 2017 $400 * PyCon APAC 2017 $3000 * Django Girls Warri, Nigeria April 29, 2017 $600 * Python Programming Society of Namibia for lab equipment to be used at the Windhoek Technical High School $1000 * Django Girls Arapiraca, Brazil August 26th, 2017 $500 * Django Girls Belo Horizonte, Brazil May 27th, 2017 $500 * Django Girls Enugu State, Nigeria April 27-28, 2017 $800 * Django Girls Sokoto, Nigeria April 6, 2017 $740 * PyData San Luis, Argentina November 16-18, 2017 $750 * PyConWEB 2017, Berlin May 27-28, 2017 $2000 * PyLadies Taiwan Line Bot Workshop May 13, 2017 $800 * PyCon CZ June 9-11, 2017 2000? ($2240 in today's value) * SciPy Austin, TX July 10-13, 2017 $2000 * Hapa Foundation Training Program in Kumasi, Ghana $1250 * EuroPython 2017 July 9-16, Rimini, Italy 8000? ($8960 in today's value) For more updates from the PSF, please visit our blog[2] and follow us on Twitter[3]. [1] https://www.python.org/psf/records/board/minutes/2017-04-03/ [2] https://pyfound.blogspot.com/ [3] https://twitter.com/ThePSF Kushal -- Director, Python Software Foundation Fedora Cloud Engineer CPython Core Developer http://kushaldas.in