PSF Declines Significant Government Funding
The Python Software Foundation (PSF), the non-profit organization behind the Python programming language, has officially rejected a $1.5 million grant from the United States government. The decision stems from fundamental concerns that the grant’s terms could ethically compromise the foundation’s mission and its obligations to a global open-source community. This move highlights the complex relationship between major open-source projects and government funding initiatives aimed at improving cybersecurity.
Grant Terms and Security Attestation Conflicts
The proposed funding originated from the U.S. Department of Commerce’s National Telecommunications and Information Administration (NTIA). It was part of a broader effort to bolster software supply chain security, specifically linked to the implementation of the “Secure Software Development Attestation Form.” While the PSF supports enhancing software security, it found the specific, non-negotiable terms attached to the grant to be problematic. A primary concern was that the NTIA’s broad definition of “critical software” could potentially encompass the Python language itself, creating unforeseen and complex legal obligations for the foundation.
Protecting Community and Mission Integrity
The PSF board concluded that accepting the funds would create a conflict between new obligations to the U.S. government and its existing duty to the worldwide Python community. The foundation feared this could force it to take actions not aligned with the community’s best interests or its own core mission. In a public statement, PSF Executive Director Deb Nicholson emphasized that the rejection was about protecting the foundation’s ability to “serve our community transparently and without encumbrance.” The board ultimately viewed turning down the substantial grant as a “difficult but necessary choice” to preserve its independence and uphold its commitment to its global user base.
Concise Cyber 