On 19/02/2021 23.22, Stestagg wrote:
> The thing that stood out from this conversation, for me, is: Releases
> are too hard, and there’s a risk of not having enough volunteers as a
> result.
>
> How hard is it to fix that?
Actually it's easy to fix!
The PSF needs needs sufficient money to hire a couple of people, so the
PSF can turn release management and security maintenance from unpaid
volunteers into paid fulltime jobs.
That’s certainly one option. I’d be super surprised if that were the only one.
What were the budget requirements for this? How far from the target is the PSF? Is there a plan to hit it?
There is no specific drive to hire someone to target security and/or release management at the moment. We just got enough funding for the first time to hire a dev-in-residence for Python itself to try to help tackle our 1.4K PR backlog in some fashion that they won't be dedicated to security or release management.
Are there no technical solutions that might help reduce the cost?
If you would like to help out, you can speak with the release managers to see if they could use help in some way; same goes for the security team.