2026-07-17 –, S1
The world of open source is undergoing numerous seismic changes, and Python is no exception. This keynote will focus on security: we'll extrapolate (and speculate) on the task of securing Python for the next decade of usage by open source maintainers, corporations, tinkerers, vibe coders, and everyone in between. We'll also cover how we expect attacker behaviors to shift, and how those shifts will require us to discard traditional assumptions as defenders.
William Woodruff is a Member of Technical Staff at OpenAI (Astral), where he works on high-performance, secure tooling for the Python ecosystem. Previously he worked on similar tooling at Astral; prior to that he was an Engineering Director at Trail of Bits, where he was responsible for high-impact security contributions to open source ecosystems via the open source ecosystem security group.
Outside of work, William is the primary maintainer of zizmor, a maintainer of Homebrew, Sigstore, and pip-audit, and a long-term contributor to Python cryptography (PyCA) and packaging (PyPI, PyPA). He maintains a website at yossarian.net and a blog at blog.yossarian.net.