warehouse
warehouse copied to clipboard
pypi
The Python Package Index
`warehouse` test suite currently executes 246 Alembic migrations sequentially during database setup, adding significant overhead to test execution times. I investigated squashing these migrations into a single migration that represents...
**What's the problem this feature will solve?** Right now, PyPI has a [way to report a security issue](https://pypi.org/security/), but no clear description of what a "security issue" might be. Efforts...
There are a11y issues that are hard to catch using the current generation of static analyzers, and then there are ones we could probably catch via tests in CI. Some...
The only documentation about the predictable URLs I found is [here](https://warehouse.pypa.io/api-reference/integration-guide/#if-you-so-choose), combined with the PEP 0491 section about the [wheel file name convention](https://www.python.org/dev/peps/pep-0491/#file-name-convention). Predictable wheel URLs can therefore be constructed...
# **What's the problem this feature will solve?** Reduce the total harm typosquatting causes to PyPI users. # **Describe the solution you'd like** Block users from uploading new packages with...
**Describe the bug** #10498 introduced "ultranormalization" to prevent name squatting of package names similar to ones already registered: > requests.exceptions.HTTPError: 400 Client Error: The name 'l10n' is too similar to...
**What's the problem this feature will solve?** Prevent malicious packages being published with typo'ish names **Describe the solution you'd like** I'd like to propose an algorithm that blocks malicious packages...
Quick background: [typeshed](https://github.com/python/typeshed) is a collection of PEP 484 type hint files for Python's standard library as well as third-party libraries that don't ship their own type hints. Currently, type...
**Describe the bug** `/simple/`, `list_packages` and `list_packages_with_serials` all return removed packages. **Expected behavior** Only packages listed on pypi.org should be returned. **To Reproduce** Go to https://pypi.org/simple/ and search for package...
