Python Software Foundation withdraws security-related grant proposal

The Python Software Foundation, earlier this year, successfully obtained a$1.5million grant from the US National Science Foundation "toaddress structural vulnerabilities in Python and PyPI". The actualgrant came with some strings attached though, in the form of a requirementnot to pursue diversity, equity, and inclusion programs. So the Foundationhas withdrawnthe proposal rather than agree to terms that run counter to its ownmission.

We're disappointed to have been put in the position where we had tomake this decision, because we believe our proposed project wouldoffer invaluable advances to the Python and greater open sourcecommunity, protecting millions of PyPI users from attemptedsupply-chain attacks. The proposed project would create new toolsfor automated proactive review of all packages uploaded to PyPI,rather than the current process of reactive-only review.