Anthropic invests $1.5M in the Python Software Foundation

For anyone who isn’t aware/remembering, this is certainly made with the security of PyPi in mind, python’s main package repository.

NPM is the other major source of issues (congrats for now, `cargo`!), and TIL that NPM is A) a for-profit startup (??) and B) acquired by Microsoft (????). In that light, this gift seems even more important, as it may help ensure that relative funding differences going forward don’t make PyPi an outsized target!

(Also makes me wonder if they still have a Microsoft employee running the PSF… always thought that was odd.)

AFAIU the actual PSF development team is pretty small and focused on CPython (aka language internals), so I’m curious how $750,000/year changes that in the short term…

EDIT: there’s a link below with a ton more info. This gift augments existing gifts from Amazon, Google, Microsoft, and Citi, and they soft-commit to a cause:

  Planned projects include creating new tools for automated proactive review of all packages uploaded to PyPI, improving on the current process of reactive-only review. We intend to create a new dataset of known malware that will allow us to design these novel tools, relying on capability analysis.

Very good for my career too as someone with plenty python experience

You are right, it is. But it would be a mistake for us to use this opportunity to attack them for it.

We should applaud their donation today, and at another time assess the meager contributions of many companies that should be shamed.

All people do here is complain.

that was my first thought too, $1.5M is peanuts for Anthropic, however $1.5M is better than nothing, so it worth some PR too. Good they do, I think we have to encourage companies to do it, shaming will not help.

I mean, it's 1.5M more than the foundation knows what to do with.

Businesses should definitely support the open source projects that they use. I'm still astounded that professional developers seem so adverse to paying for the tools and libraries that they use to make their own money.

Is it so hard to imagine that they do it because the PSF's work is important and they want to support them? All the AI labs depend hugely on the Python ecosystem and infrastructure. Startups burning cash spend on many things that are important to them.

They are heavily focused on code. Claude Code likely generates 100 of millions lines of Python a day, make the language a little bit better with $1.5M is extremely high leverage.

Of course they are. These donations usually come out of the marketing budget. And it's working, we're talking about them.

But also they rely heavily on Python and want to support the ecosystem.

really find a negative in it ey - what type of donation and from who would be acceptable to you to fund the python foundation?

Poor management has played a role. They refused to invest in packaging to the extent that a separate company (astral) had to do it for them. Bugs closed for years with the excuse “we’re only volunteers.” Meanwhile, “outreach” was funded for several million a year. Not confidence inspiring. Maybe would have improved if the funds had been spent more appropriately.

Similar story with Mozilla.

As far as I'm aware, Python was only recently (2020s) taught in most schools, so that's the reason it wasn't and isn't well funded. Schools will stick with legacy languages far beyond their market lifetimes, as that is what the instructors know best. So it's not that it isn't well funded, it's that it's still early in terms of global popularity. As we just witnessed, the funding is just now coming in big drops.

For many of us the language itself has been feature complete for decades.

Wow. Just came to know from your comment. Not sure if it was covered here on HN. I totally missed it.

My wife's previous job was as an accountant with the endowment foundation at a mid-sized public university (San Jose State University). A lot of her time was spent making sure that the spending from the endowments many different funds corresponded to the rules that the donors had given when donating that money. Much of that was working with groups to shift spending around between accounts when they invariably made "mistakes".

One of her biggest projects was shepherding a large group of very old donations through a legal process to remove provisions in the donation agreements that were now illegal. In these cases the donors were long deceased, and the most common rule that needed to be changed was targeting race or ethnicity (e.g.: funds setup to help black people, or Irish, etc...).

The sheer number of different variations on "donor intent", or even just the wording on that legal document was astounding. There was always a tension between my wife's group and the group that was bringing in the money ("stewardship"), her group wanted things to be simpler and the "stewarding" group wanted nothing to get in the way of donations. It was remarkably similar to the tensions between sales and engineering in many software firms.

Hello! PSF staffer/author of the linked post here. To be explicit, the Anthropic donation is actually "no strings attached," or in non-profit parlance "unrestricted," but with a handshake agreement that they hope to improve security with this sponsorship. So the gift will enable us to do security work we've wanted to do and it is our intention to do that, but Anthropic didn't formally earmark the money, which gives us a great deal more flexibility plus a lower accounting burden, and I'm personally very grateful for that.

Of course you can. The vast majority of donations of this magnitude come with strings attached, be it how the money is spent, access to leadership/events, etc

It's super common with non-profits. Obviously they would prefer no strings attached but some light strings are usually not a problem for most non-profits.

The vast majority of donations to, say, universities are made with a specific purpose, and that happens with a lot of non-profits too. The recipient doesn't have to accept the donation, of course, but if they do they track exactly how it was spent.

Yes, and at least the strings they attached are productive palatable unlike some other organizations: https://pyfound.blogspot.com/2025/10/NSF-funding-statement.h...

It does seem small at Anthropic scale. But instead of faulting them for contributing "so little", maybe we can point to the thousands of large companies that are doing nothing.

Maybe I'm the only one realizing it's exactly the same amount they were due to receive from the US Govt until the Trump administration said they were too woke.

Well the funds are earmarked for security matters, so it should be spent regarding that.

Google sponsors the python foundation as per this page: https://www.python.org/psf/sponsors/

Big Tech should really be footing the bill here as well as large established VC firms.

*by Nadia Eghbal

EDIT: or are you rather thinking about the book Working in Public: The Making and Maintenance of Open Source Software?

Link added above. Thanks!

Just to clarify: the NSF grant was refused because it required the PSF to abandon all DEI efforts, not just that the grant itself couldn't be used for DEI. Accepting the NSF grant would have required the PSF to forgo one of its core principles. It was the right decision, not bad management.

Perhaps you should do some research before judging the decision making of the PSF.

I don't agree that it was a "bad management decision". The Trump administration has demonstrated that it will play dirty with grants if they perceive that the receiving organization is not towing their political line as closely as they want.

Not only will they not grant future funds, but they have shown that they will not pay out previously agreed monies, and will even try (with government layers) to pull back funds from groups they have decided "do not align with the governments interests", for however they define that at that moment. There are a long list of court findings that these have been arbitrary and capricious, but every one of those findings (wins) cost the grant receivers a lot of money in court and later fees.

So any money taken from them is incurring a risk. You can disagree with the Python Foundation's calculus on this (saying it was not that large a risk), but please don't pretend that it was not an actual risk.

> I believe a condition of the money was it couldn't be used for DEI

This is a morally depraved condition, kudos on them for turning it down

If you think the Trump administration wouldn't make up "DEI efforts" and then sue them for much more than $1.5m to exert pressure in other areas then I have a bridge to sell you.

Just recently I heard that they can donate to “typed languages” too, a donation to one language does’t preclude other donations, and given their cash injections they have a few $1.5m’s to spare.

For any programming really, but I think Python got big due to

  a) the huge influx of beginners into IT,
  b) lots of intro material available in Python and 
  c) having a simple way to run your script and get feedback (same as PHP)

I say that as someone urging people to look beyond Python when they master the basics of programming.

Python is a typed language. Perhaps you were trying to say something different?

Types are best, period. Whether they are native or hints doesn't really matter for the agent, what matters is the interface contract they provide.

So add mypy to your pre-commit

For vibe code, since it's not important whether the output works, JavaScript is even better.

Why is this getting downvoted... it is true. Also it is true that dynamic languages (like Ruby ;) and Python) are more efficient with tokens, like significantly then types like C, C++ or such. But Javascript and Typescript are using twice the tokens of Ruby for example and Clojure is even more efficient, obviosly I would add.

AFAICT Python basically is a [statically-]typed language nowadays. Most people are using MyPy or an alternative typechecker, and the community frowns on those who aren’t.