Tidelift and JupyterLab

[Carreau]

Just FYI, if the JupyterLab wished to use tidelift and JupyterLab there is probably a decent chunk of money that could be redirected toward NF (what we do with IPython):

https://tidelift.com/lifter/search/pypi/jupyterlab ~$100

https://tidelift.com/lifter/search?q=jupyterlab -> about 20 subpackages on npm @jupyterlab/*, ~25$ each.

As tidelift request a bit of work security wise, If you subscribe and direct the money to NF, I would suggest a small part to be earmarked for security.

[andrii-i]

As discussed during the call, wanted to mention that if we want to proceed with this, next step would be for the security and/or JupyterLab group to write a doc for this and submit it to EC here (https://github.com/jupyter-governance/ec-team-compass) as subprojects (JupyterLab, Security) can’t make decisions about financial matters, contracts, etc.

[Carreau]

It's a bit more complicated than that for multiple reasons:

• While NumFOCUS would receive the money, individual maintainer would sign a contract, so individual maintainer that subscribe for this make their own decision, and individual maintainer could stop maintaining a given project as they would be the contract signatories.
• The only part that I think would need approval from the EC would the the split of funds that we request from NumFOCUS.

If we want to move forward with these packages, I think we need to

1. List who would register for which package.
2. Decide how we wish the funds to be earmarked.

I think both of the above can and should be decided by the JupyterLab team.

3. the security council can cosign & approve.

4. Send the proposal to the EC.

[Carreau]

Closing, non of these packages receives funds now.