VOTE - Accept pip-audit and gh-action-pip-audit into the PyPA
I'd like to propose the transfer of the following projects to the PyPA org: - https://github.com/trailofbits/pip-audit/ - https://github.com/trailofbits/gh-action-pip-audit/ More background for these projects and the long-term plan for them is here: https://discuss.python.org/t/towards-a-pip-audit-subcommand-for-vulnerabilit.... We are still hoping to more closely integrate pip-audit with pip, but for now, the PyPA is a much more appropriate home for these projects, and will join https://github.com/pypa/advisory-database, which they use. This would add two existing maintainers of these projects (William Woodruff and Alex Cameron) as PyPA committers, in addition to myself. Per PEP 609:
The proposal will be put to a vote on the PyPA-Committers mailing list, over a 7-day period. Each PyPA committer can vote once, and can choose one of +1 and -1. If at least two thirds of recorded votes are +1, then the vote succeeds.
+1 On Wed, Aug 24, 2022 at 10:35 PM Dustin Ingram <di@python.org> wrote:
I'd like to propose the transfer of the following projects to the PyPA org:
- https://github.com/trailofbits/pip-audit/ - https://github.com/trailofbits/gh-action-pip-audit/
More background for these projects and the long-term plan for them is here: https://discuss.python.org/t/towards-a-pip-audit-subcommand-for-vulnerabilit.... We are still hoping to more closely integrate pip-audit with pip, but for now, the PyPA is a much more appropriate home for these projects, and will join https://github.com/pypa/advisory-database, which they use.
This would add two existing maintainers of these projects (William Woodruff and Alex Cameron) as PyPA committers, in addition to myself.
Per PEP 609:
The proposal will be put to a vote on the PyPA-Committers mailing list, over a 7-day period. Each PyPA committer can vote once, and can choose one of +1 and -1. If at least two thirds of recorded votes are +1, then the vote succeeds.
PyPA-Committers mailing list -- pypa-committers@python.org To unsubscribe send an email to pypa-committers-leave@python.org https://mail.python.org/mailman3/lists/pypa-committers.python.org/ Member address: n.harris@kabucreative.com
+1, I think PyPA is the most appropriate home, even if not integrated with pip. On Wed, Aug 24, 2022 at 5:35 PM Dustin Ingram <di@python.org> wrote:
I'd like to propose the transfer of the following projects to the PyPA org:
- https://github.com/trailofbits/pip-audit/ - https://github.com/trailofbits/gh-action-pip-audit/
More background for these projects and the long-term plan for them is here: https://discuss.python.org/t/towards-a-pip-audit-subcommand-for-vulnerabilit.... We are still hoping to more closely integrate pip-audit with pip, but for now, the PyPA is a much more appropriate home for these projects, and will join https://github.com/pypa/advisory-database, which they use.
This would add two existing maintainers of these projects (William Woodruff and Alex Cameron) as PyPA committers, in addition to myself.
Per PEP 609:
The proposal will be put to a vote on the PyPA-Committers mailing list, over a 7-day period. Each PyPA committer can vote once, and can choose one of +1 and -1. If at least two thirds of recorded votes are +1, then the vote succeeds.
PyPA-Committers mailing list -- pypa-committers@python.org To unsubscribe send an email to pypa-committers-leave@python.org https://mail.python.org/mailman3/lists/pypa-committers.python.org/ Member address: ofekmeister@gmail.com
+1 On Wed, Aug 24, 2022 at 2:51 PM Nicole Harris <harris.nicolelouise@gmail.com> wrote:
+1
On Wed, Aug 24, 2022 at 10:35 PM Dustin Ingram <di@python.org> wrote:
I'd like to propose the transfer of the following projects to the PyPA org:
- https://github.com/trailofbits/pip-audit/ - https://github.com/trailofbits/gh-action-pip-audit/
More background for these projects and the long-term plan for them is here: https://discuss.python.org/t/towards-a-pip-audit-subcommand-for-vulnerabilit.... We are still hoping to more closely integrate pip-audit with pip, but for now, the PyPA is a much more appropriate home for these projects, and will join https://github.com/pypa/advisory-database, which they use.
This would add two existing maintainers of these projects (William Woodruff and Alex Cameron) as PyPA committers, in addition to myself.
Per PEP 609:
The proposal will be put to a vote on the PyPA-Committers mailing list, over a 7-day period. Each PyPA committer can vote once, and can choose one of +1 and -1. If at least two thirds of recorded votes are +1, then the vote succeeds.
PyPA-Committers mailing list -- pypa-committers@python.org To unsubscribe send an email to pypa-committers-leave@python.org https://mail.python.org/mailman3/lists/pypa-committers.python.org/ Member address: n.harris@kabucreative.com
_______________________________________________ PyPA-Committers mailing list -- pypa-committers@python.org To unsubscribe send an email to pypa-committers-leave@python.org https://mail.python.org/mailman3/lists/pypa-committers.python.org/ Member address: gaborjbernat@gmail.com
+1 On 8/24/2022 5:51:37 PM, Nicole Harris <harris.nicolelouise@gmail.com> wrote: +1 On Wed, Aug 24, 2022 at 10:35 PM Dustin Ingram <di@python.org [mailto:di@python.org]> wrote: I'd like to propose the transfer of the following projects to the PyPA org: - https://github.com/trailofbits/pip-audit/ [https://github.com/trailofbits/pip-audit/] - https://github.com/trailofbits/gh-action-pip-audit/ [https://github.com/trailofbits/gh-action-pip-audit/] More background for these projects and the long-term plan for them is here: https://discuss.python.org/t/towards-a-pip-audit-subcommand-for-vulnerabilit... [https://discuss.python.org/t/towards-a-pip-audit-subcommand-for-vulnerabilit...]. We are still hoping to more closely integrate pip-audit with pip, but for now, the PyPA is a much more appropriate home for these projects, and will join https://github.com/pypa/advisory-database [https://github.com/pypa/advisory-database], which they use. This would add two existing maintainers of these projects (William Woodruff and Alex Cameron) as PyPA committers, in addition to myself. Per PEP 609:
The proposal will be put to a vote on the PyPA-Committers mailing list, over a 7-day period. Each PyPA committer can vote once, and can choose one of +1 and -1. If at least two thirds of recorded votes are +1, then the vote succeeds.
PyPA-Committers mailing list -- pypa-committers@python.org [mailto:pypa-committers@python.org] To unsubscribe send an email to pypa-committers-leave@python.org [mailto:pypa-committers-leave@python.org] https://mail.python.org/mailman3/lists/pypa-committers.python.org/ [https://mail.python.org/mailman3/lists/pypa-committers.python.org/] Member address: n.harris@kabucreative.com [mailto:n.harris@kabucreative.com] _______________________________________________ PyPA-Committers mailing list -- pypa-committers@python.org To unsubscribe send an email to pypa-committers-leave@python.org https://mail.python.org/mailman3/lists/pypa-committers.python.org/ Member address: donald@stufft.io [d734f720-c857-43a2-bc6b-fd1e159156dd]
+1, although the proposal technically needs another PyPA member to sponsor it before the vote can be called. I'll second the proposal, though, so let's not worry too much about that :-) Paul On Wed, 24 Aug 2022 at 23:08, Donald Stufft <donald@stufft.io> wrote:
+1
On 8/24/2022 5:51:37 PM, Nicole Harris <harris.nicolelouise@gmail.com> wrote: +1
On Wed, Aug 24, 2022 at 10:35 PM Dustin Ingram <di@python.org> wrote:
I'd like to propose the transfer of the following projects to the PyPA org:
- https://github.com/trailofbits/pip-audit/ - https://github.com/trailofbits/gh-action-pip-audit/
More background for these projects and the long-term plan for them is here: https://discuss.python.org/t/towards-a-pip-audit-subcommand-for-vulnerabilit.... We are still hoping to more closely integrate pip-audit with pip, but for now, the PyPA is a much more appropriate home for these projects, and will join https://github.com/pypa/advisory-database, which they use.
This would add two existing maintainers of these projects (William Woodruff and Alex Cameron) as PyPA committers, in addition to myself.
Per PEP 609:
The proposal will be put to a vote on the PyPA-Committers mailing list, over a 7-day period. Each PyPA committer can vote once, and can choose one of +1 and -1. If at least two thirds of recorded votes are +1, then the vote succeeds.
PyPA-Committers mailing list -- pypa-committers@python.org To unsubscribe send an email to pypa-committers-leave@python.org https://mail.python.org/mailman3/lists/pypa-committers.python.org/ Member address: n.harris@kabucreative.com
_______________________________________________ PyPA-Committers mailing list -- pypa-committers@python.org To unsubscribe send an email to pypa-committers-leave@python.org https://mail.python.org/mailman3/lists/pypa-committers.python.org/ Member address: donald@stufft.io
[image: d734f720-c857-43a2-bc6b-fd1e159156dd] _______________________________________________ PyPA-Committers mailing list -- pypa-committers@python.org To unsubscribe send an email to pypa-committers-leave@python.org https://mail.python.org/mailman3/lists/pypa-committers.python.org/ Member address: p.f.moore@gmail.com
+1 Le jeu. 25 août 2022, 00:30, Paul Moore <p.f.moore@gmail.com> a écrit :
+1, although the proposal technically needs another PyPA member to sponsor it before the vote can be called.
I'll second the proposal, though, so let's not worry too much about that :-)
Paul
On Wed, 24 Aug 2022 at 23:08, Donald Stufft <donald@stufft.io> wrote:
+1
On 8/24/2022 5:51:37 PM, Nicole Harris <harris.nicolelouise@gmail.com> wrote: +1
On Wed, Aug 24, 2022 at 10:35 PM Dustin Ingram <di@python.org> wrote:
I'd like to propose the transfer of the following projects to the PyPA org:
- https://github.com/trailofbits/pip-audit/ - https://github.com/trailofbits/gh-action-pip-audit/
More background for these projects and the long-term plan for them is here: https://discuss.python.org/t/towards-a-pip-audit-subcommand-for-vulnerabilit.... We are still hoping to more closely integrate pip-audit with pip, but for now, the PyPA is a much more appropriate home for these projects, and will join https://github.com/pypa/advisory-database, which they use.
This would add two existing maintainers of these projects (William Woodruff and Alex Cameron) as PyPA committers, in addition to myself.
Per PEP 609:
The proposal will be put to a vote on the PyPA-Committers mailing list, over a 7-day period. Each PyPA committer can vote once, and can choose one of +1 and -1. If at least two thirds of recorded votes are +1, then the vote succeeds.
PyPA-Committers mailing list -- pypa-committers@python.org To unsubscribe send an email to pypa-committers-leave@python.org https://mail.python.org/mailman3/lists/pypa-committers.python.org/ Member address: n.harris@kabucreative.com
_______________________________________________ PyPA-Committers mailing list -- pypa-committers@python.org To unsubscribe send an email to pypa-committers-leave@python.org https://mail.python.org/mailman3/lists/pypa-committers.python.org/ Member address: donald@stufft.io
[image: d734f720-c857-43a2-bc6b-fd1e159156dd] _______________________________________________ PyPA-Committers mailing list -- pypa-committers@python.org To unsubscribe send an email to pypa-committers-leave@python.org https://mail.python.org/mailman3/lists/pypa-committers.python.org/ Member address: p.f.moore@gmail.com
_______________________________________________ PyPA-Committers mailing list -- pypa-committers@python.org To unsubscribe send an email to pypa-committers-leave@python.org https://mail.python.org/mailman3/lists/pypa-committers.python.org/ Member address: xav.fernandez@gmail.com
+1 On Thu, 25 Aug 2022, at 10:47, Xavier Fernandez wrote:
+1
Le jeu. 25 août 2022, 00:30, Paul Moore <p.f.moore@gmail.com> a écrit :
+1, although the proposal technically needs another PyPA member to sponsor it before the vote can be called.
I'll second the proposal, though, so let's not worry too much about that :-)
Paul
On Wed, 24 Aug 2022 at 23:08, Donald Stufft <donald@stufft.io> wrote:
+1
On 8/24/2022 5:51:37 PM, Nicole Harris <harris.nicolelouise@gmail.com> wrote:
+1
On Wed, Aug 24, 2022 at 10:35 PM Dustin Ingram <di@python.org> wrote:
I'd like to propose the transfer of the following projects to the PyPA org:
- https://github.com/trailofbits/pip-audit/ - https://github.com/trailofbits/gh-action-pip-audit/
More background for these projects and the long-term plan for them is here: https://discuss.python.org/t/towards-a-pip-audit-subcommand-for-vulnerabilit.... We are still hoping to more closely integrate pip-audit with pip, but for now, the PyPA is a much more appropriate home for these projects, and will join https://github.com/pypa/advisory-database, which they use.
This would add two existing maintainers of these projects (William Woodruff and Alex Cameron) as PyPA committers, in addition to myself.
Per PEP 609:
The proposal will be put to a vote on the PyPA-Committers mailing list, over a 7-day period. Each PyPA committer can vote once, and can choose one of +1 and -1. If at least two thirds of recorded votes are +1, then the vote succeeds.
PyPA-Committers mailing list -- pypa-committers@python.org To unsubscribe send an email to pypa-committers-leave@python.org https://mail.python.org/mailman3/lists/pypa-committers.python.org/ Member address: n.harris@kabucreative.com _______________________________________________ PyPA-Committers mailing list -- pypa-committers@python.org To unsubscribe send an email to pypa-committers-leave@python.org https://mail.python.org/mailman3/lists/pypa-committers.python.org/ Member address: donald@stufft.io d734f720-c857-43a2-bc6b-fd1e159156dd _______________________________________________ PyPA-Committers mailing list -- pypa-committers@python.org To unsubscribe send an email to pypa-committers-leave@python.org https://mail.python.org/mailman3/lists/pypa-committers.python.org/ Member address: p.f.moore@gmail.com
PyPA-Committers mailing list -- pypa-committers@python.org To unsubscribe send an email to pypa-committers-leave@python.org https://mail.python.org/mailman3/lists/pypa-committers.python.org/ Member address: xav.fernandez@gmail.com
PyPA-Committers mailing list -- pypa-committers@python.org To unsubscribe send an email to pypa-committers-leave@python.org https://mail.python.org/mailman3/lists/pypa-committers.python.org/ Member address: thomas@kluyver.me.uk
On Wed, Aug 24, 2022 at 11:41 PM Dustin Ingram <di@python.org> wrote:
I'd like to propose the transfer of the following projects to the PyPA org:
- https://github.com/trailofbits/pip-audit/ - https://github.com/trailofbits/gh-action-pip-audit/
More background for these projects and the long-term plan for them is here: https://discuss.python.org/t/towards-a-pip-audit-subcommand-for-vulnerabilit.... We are still hoping to more closely integrate pip-audit with pip, but for now, the PyPA is a much more appropriate home for these projects, and will join https://github.com/pypa/advisory-database, which they use.
This would add two existing maintainers of these projects (William Woodruff and Alex Cameron) as PyPA committers, in addition to myself.
Per PEP 609:
The proposal will be put to a vote on the PyPA-Committers mailing list, over a 7-day period. Each PyPA committer can vote once, and can choose one of +1 and -1. If at least two thirds of recorded votes are +1, then the vote succeeds.
+1 -- Warm regards, Sviatoslav Sydorenko Software Hacker @ Ansible Core --- https://useplaintext.email/ () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments ---
+1 Sviatoslav Sydorenko <webknjaz@redhat.com> 于2022年8月25日周四 19:32写道:
On Wed, Aug 24, 2022 at 11:41 PM Dustin Ingram <di@python.org> wrote:
I'd like to propose the transfer of the following projects to the PyPA
org:
- https://github.com/trailofbits/pip-audit/ - https://github.com/trailofbits/gh-action-pip-audit/
More background for these projects and the long-term plan for them is
here: https://discuss.python.org/t/towards-a-pip-audit-subcommand-for-vulnerabilit.... We are still hoping to more closely integrate pip-audit with pip, but for now, the PyPA is a much more appropriate home for these projects, and will join https://github.com/pypa/advisory-database, which they use.
This would add two existing maintainers of these projects (William
Woodruff and Alex Cameron) as PyPA committers, in addition to myself.
Per PEP 609:
The proposal will be put to a vote on the PyPA-Committers mailing
list, over a 7-day period. Each PyPA committer can vote once, and can choose one of +1 and -1. If at least two thirds of recorded votes are +1, then the vote succeeds.
+1
-- Warm regards, Sviatoslav Sydorenko
Software Hacker @ Ansible Core
--- https://useplaintext.email/ () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments ---
_______________________________________________ PyPA-Committers mailing list -- pypa-committers@python.org To unsubscribe send an email to pypa-committers-leave@python.org https://mail.python.org/mailman3/lists/pypa-committers.python.org/ Member address: mianghong@gmail.com
+1 Sent with [Proton Mail](https://proton.me/) secure email. ------- Original Message ------- On Thursday, August 25th, 2022 at 00:35, Dustin Ingram <di@python.org> wrote:
I'd like to propose the transfer of the following projects to the PyPA org:
- https://github.com/trailofbits/pip-audit/
- https://github.com/trailofbits/gh-action-pip-audit/
More background for these projects and the long-term plan for them is here: https://discuss.python.org/t/towards-a-pip-audit-subcommand-for-vulnerabilit.... We are still hoping to more closely integrate pip-audit with pip, but for now, the PyPA is a much more appropriate home for these projects, and will join https://github.com/pypa/advisory-database, which they use.
This would add two existing maintainers of these projects (William Woodruff and Alex Cameron) as PyPA committers, in addition to myself.
Per PEP 609:
The proposal will be put to a vote on the PyPA-Committers mailing list, over a 7-day period. Each PyPA committer can vote once, and can choose one of +1 and -1. If at least two thirds of recorded votes are +1, then the vote succeeds.
+1 Henry Sent from my iPhone On Aug 25, 2022, at 2:03 PM, layday via PyPA-Committers <pypa-committers@python.org> wrote: +1 Sent with Proton Mail<https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fproton.me%2F&data=05%7C01%7Chenryfs%40princeton.edu%7Cfb3ebdee862045912d6808da86c407be%7C2ff601167431425db5af077d7791bda4%7C0%7C0%7C637970473817369972%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=cjeMdy6k53poND2Pv3xRScBa7zucB52LXRBsM00sp70%3D&reserved=0> secure email. ------- Original Message ------- On Thursday, August 25th, 2022 at 00:35, Dustin Ingram <di@python.org> wrote: I'd like to propose the transfer of the following projects to the PyPA org: - https://github.com/trailofbits/pip-audit/<https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Ftrailofbits%2Fpip-audit%2F&data=05%7C01%7Chenryfs%40princeton.edu%7Cfb3ebdee862045912d6808da86c407be%7C2ff601167431425db5af077d7791bda4%7C0%7C0%7C637970473817369972%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=5fIFbZWBgL55KPQfFXjXszL3q0zr7OpEDxZRwJr5rJs%3D&reserved=0> - https://github.com/trailofbits/gh-action-pip-audit/<https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Ftrailofbits%2Fgh-action-pip-audit%2F&data=05%7C01%7Chenryfs%40princeton.edu%7Cfb3ebdee862045912d6808da86c407be%7C2ff601167431425db5af077d7791bda4%7C0%7C0%7C637970473817369972%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=PxBGOUsyZOPy6zSEP7vGzB2Xpn9CSWh3NDjl57W8KhU%3D&reserved=0> More background for these projects and the long-term plan for them is here: https://discuss.python.org/t/towards-a-pip-audit-subcommand-for-vulnerability-analysis-management/17681<https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdiscuss.python.org%2Ft%2Ftowards-a-pip-audit-subcommand-for-vulnerability-analysis-management%2F17681&data=05%7C01%7Chenryfs%40princeton.edu%7Cfb3ebdee862045912d6808da86c407be%7C2ff601167431425db5af077d7791bda4%7C0%7C0%7C637970473817369972%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=qGd21x9ypwhUtgYRDCB7FMweeaePI0XiNcBWU6SqGCM%3D&reserved=0>. We are still hoping to more closely integrate pip-audit with pip, but for now, the PyPA is a much more appropriate home for these projects, and will join https://github.com/pypa/advisory-database<https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fpypa%2Fadvisory-database&data=05%7C01%7Chenryfs%40princeton.edu%7Cfb3ebdee862045912d6808da86c407be%7C2ff601167431425db5af077d7791bda4%7C0%7C0%7C637970473817369972%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=E2zAfw9WbigzX0LWS6wBnidZY06CiIcDzkvJO2VzaME%3D&reserved=0>, which they use. This would add two existing maintainers of these projects (William Woodruff and Alex Cameron) as PyPA committers, in addition to myself. Per PEP 609:
The proposal will be put to a vote on the PyPA-Committers mailing list, over a 7-day period. Each PyPA committer can vote once, and can choose one of +1 and -1. If at least two thirds of recorded votes are +1, then the vote succeeds.
_______________________________________________ PyPA-Committers mailing list -- pypa-committers@python.org To unsubscribe send an email to pypa-committers-leave@python.org https://mail.python.org/mailman3/lists/pypa-committers.python.org/ Member address: henryfs@princeton.edu
+1 -- M On Fri, 26 Aug 2022 at 01:59, Henry F. Schreiner <henryfs@princeton.edu> wrote:
+1
Henry
Sent from my iPhone
On Aug 25, 2022, at 2:03 PM, layday via PyPA-Committers <pypa-committers@python.org> wrote:
+1
Sent with Proton Mail secure email.
------- Original Message ------- On Thursday, August 25th, 2022 at 00:35, Dustin Ingram <di@python.org> wrote:
I'd like to propose the transfer of the following projects to the PyPA org:
- https://github.com/trailofbits/pip-audit/ - https://github.com/trailofbits/gh-action-pip-audit/
More background for these projects and the long-term plan for them is here: https://discuss.python.org/t/towards-a-pip-audit-subcommand-for-vulnerabilit.... We are still hoping to more closely integrate pip-audit with pip, but for now, the PyPA is a much more appropriate home for these projects, and will join https://github.com/pypa/advisory-database, which they use.
This would add two existing maintainers of these projects (William Woodruff and Alex Cameron) as PyPA committers, in addition to myself.
Per PEP 609:
The proposal will be put to a vote on the PyPA-Committers mailing list, over a 7-day period. Each PyPA committer can vote once, and can choose one of +1 and -1. If at least two thirds of recorded votes are +1, then the vote succeeds.
_______________________________________________ PyPA-Committers mailing list -- pypa-committers@python.org To unsubscribe send an email to pypa-committers-leave@python.org https://mail.python.org/mailman3/lists/pypa-committers.python.org/ Member address: henryfs@princeton.edu
_______________________________________________ PyPA-Committers mailing list -- pypa-committers@python.org To unsubscribe send an email to pypa-committers-leave@python.org https://mail.python.org/mailman3/lists/pypa-committers.python.org/ Member address: bussonniermatthias@gmail.com
+1
On Wednesday, Aug 24, 2022 at 5:35 PM, Dustin Ingram <di@python.org (mailto:di@python.org)> wrote: I'd like to propose the transfer of the following projects to the PyPA org:
- https://github.com/trailofbits/pip-audit/ - https://github.com/trailofbits/gh-action-pip-audit/
More background for these projects and the long-term plan for them is here: https://discuss.python.org/t/towards-a-pip-audit-subcommand-for-vulnerabilit.... We are still hoping to more closely integrate pip-audit with pip, but for now, the PyPA is a much more appropriate home for these projects, and will join https://github.com/pypa/advisory-database, which they use.
This would add two existing maintainers of these projects (William Woodruff and Alex Cameron) as PyPA committers, in addition to myself.
Per PEP 609:
The proposal will be put to a vote on the PyPA-Committers mailing list, over a 7-day period. Each PyPA committer can vote once, and can choose one of +1 and -1. If at least two thirds of recorded votes are +1, then the vote succeeds. _______________________________________________ PyPA-Committers mailing list -- pypa-committers@python.org To unsubscribe send an email to pypa-committers-leave@python.org https://mail.python.org/mailman3/lists/pypa-committers.python.org/ Member address: ewdurbin@gmail.com
+1 On Fri, Aug 26, 2022, 8:25 AM Ee Durbin <ewdurbin@gmail.com> wrote:
+1
On Wednesday, Aug 24, 2022 at 5:35 PM, Dustin Ingram <di@python.org> wrote: I'd like to propose the transfer of the following projects to the PyPA org:
- https://github.com/trailofbits/pip-audit/ - https://github.com/trailofbits/gh-action-pip-audit/
More background for these projects and the long-term plan for them is here: https://discuss.python.org/t/towards-a-pip-audit-subcommand-for-vulnerabilit.... We are still hoping to more closely integrate pip-audit with pip, but for now, the PyPA is a much more appropriate home for these projects, and will join https://github.com/pypa/advisory-database, which they use.
This would add two existing maintainers of these projects (William Woodruff and Alex Cameron) as PyPA committers, in addition to myself.
Per PEP 609:
The proposal will be put to a vote on the PyPA-Committers mailing list, over a 7-day period. Each PyPA committer can vote once, and can choose one of +1 and -1. If at least two thirds of recorded votes are +1, then the vote succeeds.
PyPA-Committers mailing list -- pypa-committers@python.org To unsubscribe send an email to pypa-committers-leave@python.org https://mail.python.org/mailman3/lists/pypa-committers.python.org/ Member address: ewdurbin@gmail.com
_______________________________________________ PyPA-Committers mailing list -- pypa-committers@python.org To unsubscribe send an email to pypa-committers-leave@python.org https://mail.python.org/mailman3/lists/pypa-committers.python.org/ Member address: me@thea.codes
+1 Le mer. 24 août 2022 à 23:35, Dustin Ingram <di@python.org> a écrit :
I'd like to propose the transfer of the following projects to the PyPA org:
- https://github.com/trailofbits/pip-audit/ - https://github.com/trailofbits/gh-action-pip-audit/
More background for these projects and the long-term plan for them is here: https://discuss.python.org/t/towards-a-pip-audit-subcommand-for-vulnerabilit.... We are still hoping to more closely integrate pip-audit with pip, but for now, the PyPA is a much more appropriate home for these projects, and will join https://github.com/pypa/advisory-database, which they use.
This would add two existing maintainers of these projects (William Woodruff and Alex Cameron) as PyPA committers, in addition to myself.
Per PEP 609:
The proposal will be put to a vote on the PyPA-Committers mailing list, over a 7-day period. Each PyPA committer can vote once, and can choose one of +1 and -1. If at least two thirds of recorded votes are +1, then the vote succeeds.
PyPA-Committers mailing list -- pypa-committers@python.org To unsubscribe send an email to pypa-committers-leave@python.org https://mail.python.org/mailman3/lists/pypa-committers.python.org/ Member address: stephane.bidoul@acsone.eu
+1 On 2022-08-26 06:37, Thea Flowers wrote:
+1
On Fri, Aug 26, 2022, 8:25 AM Ee Durbin <ewdurbin@gmail.com> wrote:
+1
On Wednesday, Aug 24, 2022 at 5:35 PM, Dustin Ingram <di@python.org> wrote:
I'd like to propose the transfer of the following projects to the PyPA org:
- https://github.com/trailofbits/pip-audit/ - https://github.com/trailofbits/gh-action-pip-audit/
More background for these projects and the long-term plan for them is here: https://discuss.python.org/t/towards-a-pip-audit-subcommand-for-vulnerabilit.... We are still hoping to more closely integrate pip-audit with pip, but for now, the PyPA is a much more appropriate home for these projects, and will join https://github.com/pypa/advisory-database, which they use.
This would add two existing maintainers of these projects (William Woodruff and Alex Cameron) as PyPA committers, in addition to myself.
Per PEP 609:
The proposal will be put to a vote on the PyPA-Committers mailing list, over a 7-day period. Each PyPA committer can vote once, and can choose one of +1 and -1. If at least two thirds of recorded votes are +1, then the vote succeeds. _______________________________________________ PyPA-Committers mailing list -- pypa-committers@python.org To unsubscribe send an email to pypa-committers-leave@python.org https://mail.python.org/mailman3/lists/pypa-committers.python.org/ Member address: ewdurbin@gmail.com _______________________________________________ PyPA-Committers mailing list -- pypa-committers@python.org To unsubscribe send an email to pypa-committers-leave@python.org https://mail.python.org/mailman3/lists/pypa-committers.python.org/ Member address: me@thea.codes
_______________________________________________ PyPA-Committers mailing list -- pypa-committers@python.org To unsubscribe send an email to pypa-committers-leave@python.org https://mail.python.org/mailman3/lists/pypa-committers.python.org/ Member address: ehashman@debian.org
This vote has concluded with all +1 votes and succeeds. Thanks folks! On Sat, Aug 27, 2022 at 5:37 PM Elana Hashman <ehashman@debian.org> wrote:
+1
On 2022-08-26 06:37, Thea Flowers wrote:
+1
On Fri, Aug 26, 2022, 8:25 AM Ee Durbin <ewdurbin@gmail.com> wrote:
+1
On Wednesday, Aug 24, 2022 at 5:35 PM, Dustin Ingram <di@python.org> wrote: I'd like to propose the transfer of the following projects to the PyPA org:
- https://github.com/trailofbits/pip-audit/ - https://github.com/trailofbits/gh-action-pip-audit/
More background for these projects and the long-term plan for them is here: https://discuss.python.org/t/towards-a-pip-audit-subcommand-for-vulnerabilit.... We are still hoping to more closely integrate pip-audit with pip, but for now, the PyPA is a much more appropriate home for these projects, and will join https://github.com/pypa/advisory-database, which they use.
This would add two existing maintainers of these projects (William Woodruff and Alex Cameron) as PyPA committers, in addition to myself.
Per PEP 609:
The proposal will be put to a vote on the PyPA-Committers mailing list, over a 7-day period. Each PyPA committer can vote once, and can choose one of +1 and -1. If at least two thirds of recorded votes are +1, then the vote succeeds.
PyPA-Committers mailing list -- pypa-committers@python.org To unsubscribe send an email to pypa-committers-leave@python.org https://mail.python.org/mailman3/lists/pypa-committers.python.org/ Member address: ewdurbin@gmail.com
_______________________________________________ PyPA-Committers mailing list -- pypa-committers@python.org To unsubscribe send an email to pypa-committers-leave@python.org https://mail.python.org/mailman3/lists/pypa-committers.python.org/ Member address: me@thea.codes
_______________________________________________ PyPA-Committers mailing list -- pypa-committers@python.org To unsubscribe send an email to pypa-committers-leave@python.org https://mail.python.org/mailman3/lists/pypa-committers.python.org/ Member address: ehashman@debian.org
+1 Dustin Ingram kirjoitti 25.8.2022 klo 0.35:
I'd like to propose the transfer of the following projects to the PyPA org:
- https://github.com/trailofbits/pip-audit/ - https://github.com/trailofbits/gh-action-pip-audit/
More background for these projects and the long-term plan for them is here: https://discuss.python.org/t/towards-a-pip-audit-subcommand-for-vulnerabilit.... We are still hoping to more closely integrate pip-audit with pip, but for now, the PyPA is a much more appropriate home for these projects, and will join https://github.com/pypa/advisory-database, which they use.
This would add two existing maintainers of these projects (William Woodruff and Alex Cameron) as PyPA committers, in addition to myself.
Per PEP 609:
The proposal will be put to a vote on the PyPA-Committers mailing list, over a 7-day period. Each PyPA committer can vote once, and can choose one of +1 and -1. If at least two thirds of recorded votes are +1, then the vote succeeds.
_______________________________________________ PyPA-Committers mailing list -- pypa-committers@python.org To unsubscribe send an email to pypa-committers-leave@python.org https://mail.python.org/mailman3/lists/pypa-committers.python.org/ Member address: alex.gronholm@nextday.fi
participants (19)
-
Alex Grönholm -
Bernat Gabor -
Donald Stufft -
Dustin Ingram -
Ee Durbin -
Elana Hashman -
Frost Ming -
Henry F. Schreiner -
layday -
Matthias Bussonnier -
Nicole Harris -
Ofek Lev -
Paul Moore -
Stéphane Bidoul -
Sviatoslav Sydorenko -
Thea Flowers -
Thomas Kluyver -
Trishank Kuppusamy -
Xavier Fernandez