Python Software Foundation rejects $1.5M NSF grant over DEI restriction

TL;DR

The Python Software Foundation declined a $1.5 million grant from the National Science Foundation after the award terms would have barred the PSF from operating programs that advance diversity, equity, and inclusion. The board unanimously withdrew the application, citing broad language and a clawback risk that could affect all PSF activity.

What happened

The Python Software Foundation (PSF) turned down a $1.5 million offered by the National Science Foundation to fund security work on Python and the Python Package Index (PyPI). PSF leaders said the grant came with a condition requiring the organization to affirm it would not run programs that advance DEI (diversity, equity, and inclusion) or related concepts for the award's duration. The restriction would have applied to the entire Foundation, not only the specific security project, and included a clause allowing the NSF to reclaim funds if PSF activities were judged to violate the rule. PSF deputy executive director Loren Crary said the broad wording and open-ended financial risk made the grant unacceptable. The PSF board voted unanimously to withdraw the application. The organization had planned to use the funds to harden supply-chain defenses, build an automated proactive review process for new PyPI packages, and make that work reusable for other package managers.

Why it matters

• The rejected grant would have funded work intended to reduce supply-chain vulnerabilities in Python and PyPI, a critical package ecosystem.
• The NSF condition linked funding to limits on DEI activity, creating legal and financial uncertainty for recipients.
• A clawback provision that could apply retroactively raised the prospect of significant financial exposure for a relatively small nonprofit.
• Other nonprofits have also declined similar NSF grants, indicating a broader tension between funders’ terms and open-source community priorities.

Key facts

• Amount involved: $1.5 million offered by the National Science Foundation.
• Recipient: Python Software Foundation (PSF); board voted unanimously to withdraw the application.
• Grant conditions would have required affirming the PSF 'do not, and will not' operate programs that advance DEI during the award term.
• The DEI restriction would have applied to all PSF activities, not just the project funded by the grant.
• The NSF reserved the right to claw back funds if the recipient was found to have violated the restriction.
• PSF annual budget is about $5 million and it employs roughly 14 staff — the grant would have been the largest the Foundation had received.
• Planned use of funds included preventing supply-chain attacks, creating an automated review process for new PyPI packages, and enabling reuse of the process by other package managers.
• The Carpentries, another nonprofit, previously withdrew from an NSF grant for the same reason.

What to watch next

• Whether the NSF revises or clarifies the DEI-related terms in its grant language: not confirmed in the source.
• Whether other open-source or research nonprofits will withdraw from or decline NSF funding for similar reasons: not confirmed in the source.
• How the PSF will proceed with the proposed PyPI security work absent this grant and whether alternative funding is found: not confirmed in the source.

Quick glossary

• DEI: An acronym for diversity, equity, and inclusion, referring to programs or policies intended to increase representation and access for underrepresented groups.
• PyPI: The Python Package Index, a repository of software packages for the Python programming language.
• Supply-chain attack: A security breach that targets software or its distribution process so that compromised components are delivered to end users.
• Clawback provision: A contractual clause that allows a funder to recover money already disbursed if certain conditions are violated.
• National Science Foundation (NSF): A United States government agency that funds scientific research and education across many fields.

Reader FAQ

Why did the PSF reject the NSF grant?
The PSF said the grant terms would have prohibited operating DEI-related programs during the award and included a broad clawback risk that could apply to all PSF activity.

Would the restriction only have affected the security project?
No — the PSF reported the restriction would have applied to the Foundation's activities as a whole.

Did the NSF comment on the PSF decision?
The organization reached out to NSF and received an automated reply noting staff were unavailable due to a government shutdown.

Will the PSF still do the planned security work with other funds?
not confirmed in the source

DEVOPS 73 Python Foundation goes ride or DEI, rejects government grant with strings attached Foundation says it won't compromise policy of inclusivity even if that cash would've really helped Brandon…

Sources

• Python Foundation goes ride or DEI, rejects government grant with strings attached
• Python Foundation rejects $1.5M grant with no-DEI strings
• Python rejects $1.5M grant from U.S. govt. fearing ethical …
• Python Software Foundation withdraws security-related …

Related posts

• Sanders urges nationwide pause on datacenter builds amid AI surge
• Purdue to require incoming undergraduates to meet an AI working competency
• Government asks BBC to revive computer literacy and explain AI to the public