On Thu, 2021-02-11 at 23:24 -0500, Terry Reedy wrote:
> ... Releases are not just a push of a button.
On 2021-02-19 15:05, Stestagg wrote:
> > The thing that stood out from this conversation, for me, is: Releases
> > are too hard, and there’s a risk of not having enough volunteers as a
> > result.
> >
> > How hard is it to fix that?
>
> Are there no technical solutions that might help reduce the cost?
Sounds like automating until it is "just a push of a button," should be a goal.
According to Victor there has been progress, but always room for more.
On 2021-02-19 18:36, Brett Cannon wrote:
There is no specific drive to hire someone to target security and/or release
management at the moment. We just got enough funding for the first time to hire
a dev-in-residence for Python itself to try to help tackle our 1.4K PR backlog
in some fashion that they won't be dedicated to security or release management.
Looking at the PSF Annual report from a normal year it also looks like there is
substantial revenue, income, and assets available. There are significant
expenses as well.
(And of course income down for ~two years, but it should return at some point.)
I would argue that security releases are of higher importance than most,
including sponsorship programs and grants, and that a mild change of priorities
is in order. This is not to say (of course) that any other categories are not
important, simply that having machines and networks pwned while being sponsored
or educated is a devil's bargain.
Such a position may not require a hundred-thousand a year salary either. A
skilled contractor could improve automation, while a stipend might be enough to
ensure releases get out within a ~week if they need to.
-Mike
_______________________________________________
Python-Dev mailing list -- python-dev@python.org
To unsubscribe send an email to python-dev-le...@python.org
https://mail.python.org/mailman3/lists/python-dev.python.org/
Message archived at
https://mail.python.org/archives/list/python-dev@python.org/message/MWDLKT3H4CXVPGSSMYSXTRBI33637LWA/
Code of Conduct: http://python.org/psf/codeofconduct/
