A key pillar of Alpha-Omega’s strategy is the support of security work in open source package managers. These systems are the app stores of software development and represent highly leveraged points in the software supply chain. One example of this is PyPI. PyPI serves a critical role as the official package index for the Python ecosystem. That critical role means that PyPI’s longevity, maintainability, and sustainability must not be taken for granted: keeping the index ready for the needs of both the community and future contributors requires careful and continuous engagement. As part of our grant to the Python Software Foundation, Alpha-Omega supports Mike Fiedler’s work on PyPI. His work is directly driving security across the Python community. Just as importantly, his work is also leading the way for the rest of the Python ecosystem. So it is incredibly gratifying to see the follow-on work from the broader Python ecosystem. William Woodruff, a long time contributor to the Python and PyPI ecosystem and Trail of Bits engineer shared a blog post about improvements to the PyPI test suite that dramatically improve test performance. Faster tests make for more productive engineering. William wrote:
PyPI serves a critical role as the official package index for the Python ecosystem. This permeates the entire stack, and makes even oft-forgotten aspects (like developer experience) critical. It’s in this context that we focused on test suite performance: performant tests are a leading indicator for quality testing (i.e. tests that go beyond stubs and mocking), which in turn ensure that PyPI’s surfaces remain robust and that new developers can fearlessly contribute fixes and changes without silently breaking existing behavior.
We thank Mike, Alexis, William, and Trail of Bits for their great work.
Please read all the details here: https://blog.trailofbits.com/2025/05/01/making-pypis-test-suite-81-faster/
