[python-committers] Re: Please turn on 2FA/MFA support on your GitHub account

[Thomas Wouters]

The SC has decided to move ahead and require 2FA for GitHub. Since the
controls are per org, rather than per repo, this will apply to everything
under the 'python' repo. We've asked Ee (the PSF's Director of
Infrastructure) to start contacting accounts that don't have 2FA enabled,
including bots, in preparation for this. We'll decide on an actual date we
start requiring 2FA once we have a clear picture of what bots still need
updating, but in the meantime I recommend everyone switch on 2FA of some
kind, if you haven't already. (As mentioned before, if you want hardware
tokens, the PSF can supply those.)


On Tue, Feb 8, 2022 at 12:11 AM Brett Cannon  wrote:

> In the SC meeting today we discussed requiring two-factor authentication
> (aka 2FA/MFA) and came away strongly considering it (but no definitive
> plans yet). But we did agree that we should send a quick email encouraging
> everyone to turn on 2FA for their GitHub Accounts regardless of what we
> decide to do.
>
> GitHub's instructions can be found at
> https://docs.github.com/en/authentication/securing-your-account-with-two-factor-authentication-2fa/accessing-github-using-two-factor-authentication
> . You can use various apps on your desktop or phone as well as a physical
> device to manage 2FA. And to be clear, you only need access to your 2FA
> solution when you log in; it's not a day-to-day action at all (I personally
> have not used my 2FA since the last time I logged into a new device for the
> first time or when my GitHub account was attacked and the attackers
> exhausted my password attempts for the day).
>
> For those of you who would prefer to use a hardware device and would like
> help getting one, we can make a request to the PSF to sponsor devices for
> those who want them.
> ___
> python-committers mailing list -- python-committers@python.org
> To unsubscribe send an email to python-committers-le...@python.org
> https://mail.python.org/mailman3/lists/python-committers.python.org/
> Message archived at
> https://mail.python.org/archives/list/python-committers@python.org/message/2UC5H7WWJZDA2K7XM5CLAZIX3KWJ2ASK/
> Code of Conduct: https://www.python.org/psf/codeofconduct/
>


-- 
Thomas Wouters 
___
python-committers mailing list -- python-committers@python.org
To unsubscribe send an email to python-committers-le...@python.org
https://mail.python.org/mailman3/lists/python-committers.python.org/
Message archived at 
https://mail.python.org/archives/list/python-committers@python.org/message/OYOLRDDKO6XLKP42UQ2PGJFCV34JN4PM/
Code of Conduct: https://www.python.org/psf/codeofconduct/

[python-committers] Re: Please turn on 2FA/MFA support on your GitHub account

[Thomas Wouters]

On Mon, Apr 18, 2022 at 6:28 PM Thomas Wouters  wrote:

>
> The SC has decided to move ahead and require 2FA for GitHub. Since the
> controls are per org, rather than per repo, this will apply to everything
> under the 'python' repo.
>

I meant "everything under the 'python' org", of course, sigh.


> We've asked Ee (the PSF's Director of Infrastructure) to start contacting
> accounts that don't have 2FA enabled, including bots, in preparation for
> this. We'll decide on an actual date we start requiring 2FA once we have a
> clear picture of what bots still need updating, but in the meantime I
> recommend everyone switch on 2FA of some kind, if you haven't already. (As
> mentioned before, if you want hardware tokens, the PSF can supply those.)
>
>
> On Tue, Feb 8, 2022 at 12:11 AM Brett Cannon  wrote:
>
>> In the SC meeting today we discussed requiring two-factor authentication
>> (aka 2FA/MFA) and came away strongly considering it (but no definitive
>> plans yet). But we did agree that we should send a quick email encouraging
>> everyone to turn on 2FA for their GitHub Accounts regardless of what we
>> decide to do.
>>
>> GitHub's instructions can be found at
>> https://docs.github.com/en/authentication/securing-your-account-with-two-factor-authentication-2fa/accessing-github-using-two-factor-authentication
>> . You can use various apps on your desktop or phone as well as a physical
>> device to manage 2FA. And to be clear, you only need access to your 2FA
>> solution when you log in; it's not a day-to-day action at all (I personally
>> have not used my 2FA since the last time I logged into a new device for the
>> first time or when my GitHub account was attacked and the attackers
>> exhausted my password attempts for the day).
>>
>> For those of you who would prefer to use a hardware device and would like
>> help getting one, we can make a request to the PSF to sponsor devices for
>> those who want them.
>> ___
>> python-committers mailing list -- python-committers@python.org
>> To unsubscribe send an email to python-committers-le...@python.org
>> https://mail.python.org/mailman3/lists/python-committers.python.org/
>> Message archived at
>> https://mail.python.org/archives/list/python-committers@python.org/message/2UC5H7WWJZDA2K7XM5CLAZIX3KWJ2ASK/
>> Code of Conduct: https://www.python.org/psf/codeofconduct/
>>
>
>
> --
> Thomas Wouters 
>
>

-- 
Thomas Wouters 
___
python-committers mailing list -- python-committers@python.org
To unsubscribe send an email to python-committers-le...@python.org
https://mail.python.org/mailman3/lists/python-committers.python.org/
Message archived at 
https://mail.python.org/archives/list/python-committers@python.org/message/HDBN4XQKRASZZNJVNPDD4IGOVVZP77YS/
Code of Conduct: https://www.python.org/psf/codeofconduct/

[python-committers] Re: Consider adding a Tier 3 to tiered platform support

[Brett Cannon]

And now the PR is merged! https://github.com/python/peps/pull/2442

Thanks to everyone who provided input! When I get a chance I will work to
get tier labels added to the appropriate buildbots and then update the PEP
to link to those queries instead of individual buildbots.

On Mon, Apr 11, 2022 at 1:31 PM Brett Cannon  wrote:

>
>
> On Sat, Apr 9, 2022 at 5:04 AM M.-A. Lemburg  wrote:
>
>> On 09.04.2022 02:13, Brett Cannon wrote:
>> >
>> >
>> > On Fri, Apr 8, 2022 at 5:03 AM Marc-Andre Lemburg > > > wrote:
>> >
>> > On 06.04.2022 20:48, Brett Cannon wrote:
>> >  > Last chance on whether my tier 3 proposal make sense! I will take
>> > silence as
>> >  > acceptance and plan to convert any current tier 2 platform with a
>> > single core
>> >  > dev to tier 3 and then ask the SC to approve/reject the list of
>> > platforms. I
>> >  > will also update the PEP about expectations of when things must
>> > be considered
>> >  > stable before b1, else a warning goes out that a platform risks
>> > being dropped in
>> >  > the RC (regardless of tier).
>> >  >
>> >  > I will also be filling out the tiers to include the vendor, but I
>> > will be using
>> >  > `unknown` instead of `*` since I haven't come across the latter
>> > online while I
>> >  > come across the former regularly (e.g.
>> >  > https://doc.rust-lang.org/nightly/rustc/platform-support.html).
>> >
>> > Could you please post the current proposal somewhere to read in
>> > one complete piece ? It's become hard to figure out what is on
>> > the table at the moment and the PR also doesn't appear to be
>> > up to date:
>> >
>> > https://github.com/python/peps/pull/2442/files
>> >
>> >
>> > The PR is now up-to-date! For ease of reference, here's the critical
>> part:
>>
>> Thanks, Brett.
>>
>> > Support tiers
>> > =
>> >
>> > Platform support is broken down into *tiers*. Each tier comes with
>> > different requirements which lead to different promises being made
>> > about support.
>> >
>> > To be promoted to a tier, steering council support is required and is
>> > expected to be driven by team consensus. Demotion to a lower tier
>> > occurs then the requirements of the current tier are no longer met for
>> > a platform for an extended period of time based on the judgment of
>> > the release manager or steering council. For platforms which no longer
>> > meet the requirements of any tier by b1 of a new feature release, an
>> > announcement will be made to warn the community of the pending removal
>> > of support for the platform (e.g. in the b1 announcement). If the
>> > platform is not brought into line for at least one of the tiers by the
>> > first release candidate, it will be listed as unsupported in this PEP.
>> >
>> > Tier 1
>> > --
>> >
>> > - `CI failures
>> > <
>> https://github.com/python/cpython/actions/workflows/build.yml?query=branch%3Amain+is%3Acompleted>`__
>>
>> > block releases.
>> > - Changes which would break the ``main`` branch are not allowed to be
>> > merged;
>> >any breakage should be fixed or reverted immediately.
>> > - All core developers are responsible to keep ``main``, and thus these
>> >platforms, working.
>> > - Failures on these platforms **block a release**.
>> >
>> >  =
>> > Target TripleNotes
>> >  =
>> > i686-pc-windows-msvc
>> > x86_64-pc-windows-msvc
>> > x86_64-apple-darwin  BSD libc, clang
>> > x86_64-unknown-linux-gnu glibc, gcc
>> >  =
>> >
>> >
>> > Tier 2
>> > --
>> >
>> > - Must have a reliable buildbot.
>> > - At least **two** core developers are signed up to support the
>> platform.
>> > - Changes which break any of these platforms are to be **fixed or
>> >reverted within 24 hours**.
>> > - Failures on these platforms **block a release**.
>> >
>> > === ==
>> > == 
>> > Target Triple   Notes  Buildbot
>> >Contacts
>> > === ==
>> > == 
>> > aarch64-apple-darwinclang
>> > https://buildbot.python.org/all/#/builders/725 Ned Deily, Ronald
>> > Oussoren, Dong-he Na
>> > aarch64-unknown-linux-gnu   glibc, gcc
>> > https://buildbot.python.org/all/#/builders/125 Petr Viktorin, Victor
>> Stinner
>> >
>> >  glibc, clang
>> > https://buildbot.python.org/all/#/builders/234 Victor Stinner, Gregory
>> > P. Smith
>> > powerpcle-unknown-linux-gnu glibc, gcc
>> > https://buildbot.python.org/all/#/builders/90  Petr Viktorin, Victor
>> Stinner
>> > x86_64-unknownlinux-gnu glibc, clang
>> > https://buildbot.python.org/all/#/builders/441 Victor Stinner, Gregory
>> > P. Smith
>> > 

[python-committers] Re: Consider adding a Tier 3 to tiered platform support

[Victor Stinner]

On Tue, Apr 19, 2022 at 12:36 AM Brett Cannon  wrote:
> And now the PR is merged! https://github.com/python/peps/pull/2442

Wow! That's huge! Thanks you so much Brett for handling this heavy
task! It has been discussed for like 5 years at least.

It's great to have a way more *practical* definition of platform
support and rules to move platform support between the 3 tiers.

I am happy that Tier 3 was adopted for FreeBSD and the ppc64le arch.

It's also good that Solaris and AIX support is now well defined: they
are not supported by Python, even if there are buildbots. Previously,
a buildbot on python.org was seen as "this platform is supported by
Python". I was confused by that and sometimes I didn't know if I *had
to* fix AIX regressions for example.

Sadly, past experiences showed us that a lack of an *active* core dev
fail to keep a platform supported in the long term. A core dev is
required to fix regressions specific to a platform.

Victor
___
python-committers mailing list -- python-committers@python.org
To unsubscribe send an email to python-committers-le...@python.org
https://mail.python.org/mailman3/lists/python-committers.python.org/
Message archived at 
https://mail.python.org/archives/list/python-committers@python.org/message/EF3HVGRA54DK2M2J64LYBXLGCASHL3OK/
Code of Conduct: https://www.python.org/psf/codeofconduct/