Python Package Index Explained

The Python Package Index, abbreviated as PyPI and also known as the Cheese Shop (a reference to the Monty Python's Flying Circus sketch "Cheese Shop"),^{[2] [3]} is the official third-party software repository for Python. It is analogous to the CPAN repository for Perl^[4] and to the CRAN repository for R. PyPI is run by the Python Software Foundation, a charity. Some package managers, including pip, use PyPI as the default source for packages and their dependencies.

more than 530,000 Python packages are available.

PyPI primarily hosts Python packages in the form of source archives, called "sdists", or of "wheels" that may contain binary modules from a compiled language.

PyPI as an index allows users to search for packages by keywords or by filters against their metadata, such as free software license or compatibility with POSIX. A single entry on PyPI is able to store, aside from just a package and its metadata, previous releases of the package, precompiled wheels (e.g. containing DLLs on Windows), as well as different forms for different operating systems and Python versions.

History

The Python Distribution Utilities () Python module was first added to the Python standard library in the 1.6.1 release, in September 2000, and in the 2.0 release, in October 2000, nine years after first python release in February 1991, with the goal of simplifying the process of installing third-party Python packages.

However, only provided the tools for packaging Python code, and no more. It was able to collect and distribute metadata but did not use it for other purposes. Python still lacked a centralised catalog for packages on the internet. PEP 241, a proposal to standardize metadata for indexes, was finalized in March 2001. A proposal to create a comprehensive centralised catalog, hosted at the python.org domain, was later finalized in November 2002.

On 16 April 2018, all PyPI traffic began being served by a more modern website platform: Warehouse. The legacy website was turned off at the end of that month.^{[5] [6]} All existing packages were migrated to the new platform with their histories preserved.^[7]

In May 2023 the Python Software Foundation reported that the United States Department of Justice had subpoenaed the user data of five PyPI contributors.^{[8] [9]} A representative of the organization further explained that they expect privacy for contributors, but they also comply with the law and court orders, and for this reason turned over the data which the government requested.^[8]

Notes

References

Notes and References

1. Web site: Packaging History . Python Packaging Authority — PyPA documentation.
2. Book: Lutz, Mark. Programming Python. 3. 10. O'Reilly Media, Inc.. 2006. 9780596009250.
3. Book: Ramalho, Luciano. Fluent Python. O'Reilly Media, Inc. 2015. 9781491946268.
4. Book: Barry, Paul. Head First Python. O'Reilly Media, Inc. 2010. 978-1-4493-8267-4.
5. Web site: Welcome to Warehouse's documentation!.
6. Web site: Python Insider: New PyPI launched, legacy PyPI shutting down April 30. 16 April 2018. Python Software Foundation. 1 June 2018.
7. Web site: A new package index for Python. LWN.net. 1 June 2018.
8. Web site: Durbin . Ee . PyPI was subpoenaed - The Python Package Index . blog.pypi.org . en . 24 May 2023.
9. News: Rudra . Sourav . The Python Software Foundation Complies with PyPI Subpoenas to Share Some User Data . It's FOSS News . 25 May 2023 . en.