NSF DEI terms drive PSF grant withdrawal
Public Sector Action
Summary
Hide ▲
Show ▼
The Python Software Foundation (PSF) withdrew its $1.5 million grant proposal to the U.S. National Science Foundation (NSF) after funding terms conflicted with its DEI commitments. The proposed support was meant to improve Python and PyPI security, including automated malware-detection tools for package uploads. The decision leaves planned open-source security work without the funding it was designed to secure.
Related Happenings
Zc.buildout bootstrap.py domain-takeover risk security flaw
Vulnerability
First: 28.11.2025 18:27
Last: 28.11.2025 18:27
Sources 1
About this happening:
Legacy **zc.buildout** **bootstrap.py** files in multiple **PyPI** packages still reach **python-distribute[.]org**, creating a **supply-chain compromise** risk if the domain is t...
Zc.buildout bootstrap.py domain-takeover risk security flaw
VulnerabilityAbout this happening: Legacy **zc.buildout** **bootstrap.py** files in multiple **PyPI** packages still reach **python-distribute[.]org**, creating a **supply-chain compromise** risk if the domain is t...
Timeline
-
29.10.2025 00:16 1 articles · 7mo ago
PSF withdraws NSF grant over DEI clause
Legal Policy Action UpdateThe Python Software Foundation withdrew its $1.5 million U.S. National Science Foundation grant proposal after approved funding terms required recipients to affirm they would not operate programs that advance or promote diversity, equity, and inclusion (DEI). The proposal, submitted in January 2025, was intended to fund security work for Python and the Python Package Index (PyPI), including automated malware-detection tools for PyPI package uploads, and PSF said the clause would affect all of its activities and create financial risk.
Show sources
- Python rejects $1.5M grant from U.S. govt. fearing ethical compromise — www.bleepingcomputer.com — 29.10.2025 00:16