My Apply
My Apply

PyPI Improvements


Helping increase the security and reach of the Python Package Index (PyPI)

PyPI is the official software repository for the Python programming language. Many internet freedom projects rely upon the third-party packages hosted on PyPi, and as a result, it is a high value target for bad actors who want to inject malware into popular applications that run on Python. This threat has been documented in the wild, such as this case in which developers unknowingly downloaded malicious code packages via PyPi.

Through this project, PyPi will look to improve both its security and outreach efforts, implementing security-enhancing mechanisms for PyPi users while also helping spread the use of of PyPi into new languages thorough localization efforts.

Get the word out

Current project status

Just an idea (Pre-alpha)
It exists! (Alpha/Beta)
It's basically done (Release)
People use it (Production)

Funding to date

2019 $80,000 5 months
Core Infrastructure Fund

Total Funding: $80,000

Addressed problems

  • Technical attacks against government critics, journalists, and/or human rights organizations (Cyberattacks)
  • Localized or nationwide communications shut down or throttling (Blackouts)


  • Security from danger or threat online


  • Technology development
  • Deploying technology
  • Software or hardware development
  • Testing


  • Technologists
  • Advocacy groups/NGOs
  • Academia
  • Entrepreneurs
  • Government

Region(s) archive

  • Global

Project status

  • People Use It. (Production)

Technology attributes

  • Dependency integration
  • User interface/experience
  • Web application
  • Software as a Service (SaaS)
  • Application deployment

We wrote about it

Your cookie settings

This website deploys cookies for basic functionality and to keep it secure. These cookies are strictly necessary. Optional analysis cookies which provide us with statistical information about the use of the website may also be deployed, but only with your consent. Please review our Privacy & Data Policy for more information.