home.social

#pypa — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #pypa, aggregated by home.social.

  1. Oh "great", uv does the same thing, referencing the pip code: https://github.com/astral-sh/uv/blob/1723ed00d6e6961abcf05d09abe59aaee005a6af/crates/uv-client/src/linehaul.rs#L61-L63
    Added after someone who seems to be a
    #PyPA member filed an issue requesting it: https://github.com/astral-sh/uv/issues/1958

    This seems to run deep…
    ​:neocat_floof_sad:​ #Python

  2. @stfn I think the #pypa #python GitHub publish action is a good place to start to see what needs to be done.
    github.com/pypa/gh-action-pypi

    You'll need to use tokens instead of Trusted Publishing, as your CI is not integrated into Trusted Publishing. Twine is the usual way.
    twine.readthedocs.io/en/stable/

    You may be able to generate & include attestations.
    docs.pypi.org/attestations/

  3. it seems to either proxy large parts of pypi.org, or is an actual mirror also using fastly #python #pypa

  4. New blog post: A 2024 update on my analysis of build backend popularity in pyproject.toml files: venthur.de/2025-01-12-build-ba
    #python #pypi #PyPA

  5. 📢 PSA: there's an effort by @karo @ github.com/pypa/packaging.pyth to write some PyPUG documents regarding license declaration in #Python dists and #PEP 639. I think additional feedback would be useful.

    #PyPA #packaging

  6. pip 24.3 has been released (*checks watch*) almost three weeks ago, but do you know what changed in this release?

    If not, I have a release write-up for pip 24.3 that can fix that!

    ichard26.github.io/blog/2024/1

    TL;DR: pip 24.3 is a small release with a truststore bugfix, error QoL improvements, and one minor deprecation of noncompliant wheel filenames (which won't affect you).

  7. First blog post after a very long time: Publishing to PyPI with a Trusted Publisher from GitLab CI/CD 🦊

    stefan.sofa-rockers.org/2024/1

    #GitLab #PyPI #PyPA

  8. Jak być dobrym upstreamem dla paczki Pythona:

    1. Przestrzegać własnej polityki zagnieżdżania zależności tylko wtedy, kiedy to nie przeszkadza w niczym.
    2. Kiedy ktoś zwraca uwagę na złamanie polityki, stwierdzić, że to w porządku, bo "opiekuni mają bliski(-awy) kontakt".
    3. Wydać nową, problematyczną wersję, nie wykorzystując "bliski(-awego) kontaktu", by w tym samym czasie wydano nową wersję zależności.
    4. No i nie zapominajmy, by szybko blokować możliwość komentowania na zgłoszeniach.

    No cóż, i tak ich kod "devendoringu" nigdy nie działał (muszę kiedyś w końcu napisać porządne zgłoszenie na ten temat)…

    github.com/pypa/pip/pull/12962

    W międzyczasie, szczerze polecam #uv. Ludzie odpowiedzialni za projekt mają wielkie znaczenie.

    #Gentoo #Python #PyPA #pip

  9. How to be a good #Python upstream:

    1. Follow your vendoring policy only when it's not too inconvenient.
    2. When someone points out the violation, claim it's okay because "maintainers have close(-ish) contact".
    3. Make a problematic release without using the "close(-ish) contact" to make a synchronous release of the dependency.
    4. Oh, and don't forget to lock your issues timely.

    Well, it's not like their devendoring code even works (one day I actually need to make a proper bug report about that)…

    github.com/pypa/pip/pull/12962

    In the meantime, I wholeheartedly recommend #uv instead. People make all the difference.

    #Gentoo #PyPA #pip

  10. cibuildwheel 2.19.0 is out, with full support for free-threaded Python 3.13, a ultra-fast opt-in build-frontend (build[uv]) backed by uv, and support for a brand new platform: pyodide, for building WebAssembly wheels! More info in my release post at iscinumpy.dev/post/cibuildwhee

  11. #PyConUS Sprints for Tuesday:

    Room 308: #RouteE
    Route 309: #GnuMailman
    Room 310/311: #PiecesOS (#GenAI, #LLM tool), Strawberry GraphQL
    Room 315: #PyPA Packaging, Cloud Custodian
    Room 316: @beeware, #PyScript, #PalletsProject
    Room 317: aio-libs, @ppb, @takahe, @micropython, @circuitpython, Robots
    Room 318: Accelerated Python on GPU, Mesa (agent-based modeling + GIS)
    Room 319: #GDSFactory
    Room 320: #Python Core
    Room 321: @pydantic, #LogFire, #PyO3

    #PyCon #PyConUS2024

  12. #PyConUS Sprints for Tuesday:

    Room 308: #RouteE
    Route 309: #GnuMailman
    Room 310/311: #PiecesOS (#GenAI, #LLM tool), Strawberry GraphQL
    Room 315: #PyPA Packaging, Cloud Custodian
    Room 316: @beeware, #PyScript, #PalletsProject
    Room 317: aio-libs, @ppb, @takahe, @micropython, @circuitpython, Robots
    Room 318: Accelerated Python on GPU, Mesa (agent-based modeling + GIS)
    Room 319: #GDSFactory
    Room 320: #Python Core
    Room 321: @pydantic, #LogFire, #PyO3

    #PyCon #PyConUS2024

  13. #PyConUS Sprints for Tuesday:

    Room 308: #RouteE
    Route 309: #GnuMailman
    Room 310/311: #PiecesOS (#GenAI, #LLM tool), Strawberry GraphQL
    Room 315: #PyPA Packaging, Cloud Custodian
    Room 316: @beeware, #PyScript, #PalletsProject
    Room 317: aio-libs, @ppb, @takahe, @micropython, @circuitpython, Robots
    Room 318: Accelerated Python on GPU, Mesa (agent-based modeling + GIS)
    Room 319: #GDSFactory
    Room 320: #Python Core
    Room 321: @pydantic, #LogFire, #PyO3

    #PyCon #PyConUS2024

  14. #PyConUS Sprints for Tuesday:

    Room 308: #RouteE
    Route 309: #GnuMailman
    Room 310/311: #PiecesOS (#GenAI, #LLM tool), Strawberry GraphQL
    Room 315: #PyPA Packaging, Cloud Custodian
    Room 316: @beeware, #PyScript, #PalletsProject
    Room 317: aio-libs, @ppb, @takahe, @micropython, @circuitpython, Robots
    Room 318: Accelerated Python on GPU, Mesa (agent-based modeling + GIS)
    Room 319: #GDSFactory
    Room 320: #Python Core
    Room 321: @pydantic, #LogFire, #PyO3

    #PyCon #PyConUS2024

  15. #PyConUS Sprints for Tuesday:

    Room 308: #RouteE
    Route 309: #GnuMailman
    Room 310/311: #PiecesOS (#GenAI, #LLM tool), Strawberry GraphQL
    Room 315: #PyPA Packaging, Cloud Custodian
    Room 316: @beeware, #PyScript, #PalletsProject
    Room 317: aio-libs, @ppb, @takahe, @micropython, @circuitpython, Robots
    Room 318: Accelerated Python on GPU, Mesa (agent-based modeling + GIS)
    Room 319: #GDSFactory
    Room 320: #Python Core
    Room 321: @pydantic, #LogFire, #PyO3

    #PyCon #PyConUS2024

  16. Very interesting to hear how much Hatch from #PyPA has changed over the years. It looks like it's slated to become the app release tool to replace them all, taking on the responsibilities of Twine, Virtualenv, SetupTools, etc. All with a flexible plugin system for future extensibility.

    hatch.pypa.io/latest/

    #PyConUS #PyConUS2024

  17. @SnoopJ The #PyPA doesn't really have a big plan or strategy, it's more a loose group of project maintainers.

    Hatch already had a channel on the Discord, then when 1.0.0 was released, Bernát asked Ofek if he planned to propose it, a vote was opened with:

    "I think this would be beneficial to
    the Python community, and the PyPA would likely make heavy use of the
    plugin system for trying PoCs of new PEPs"

    The vote passed without much discussion and no objections.
    mail.python.org/archives/list/ #Python

  18. is yet another project that "optimizes" its test suite by using time-machine. Since time-machine works on CPython only, it also keeps supporting but you are allowed to use it on PyPy only now.

    I really do wonder if this "optimization" actually makes anything faster, and if it outweighs the added complexity. The complexity also falls on downstreams ().

    But that's modern development for you! "Shiny! Must have it!"

    github.com/pypa/virtualenv/com

  19. @mitsuhiko Just remember that with great power comes great responsibility. It would be great if the current mess of #Python #packaging tools would be unified, preferably by a single tool provided by Python or #PyPA. For now, you just used your popularity to boost yet another tool in that jungle, maybe even making the problem slightly worse. Hopefully you can use your skills to contribute to the solution, good luck!

  20. Ok, it seems that github3.py is the first victim that I know of, of the war PyPI maintainers are waging against PyPA standards. Big sigh.

    github.com/sigmavirus24/github

  21. TIL that `wheel` is not needed as build requirement when using `setuptools`! setuptools.pypa.io/en/latest/u

    > Historically this documentation has unnecessarily listed `wheel` in the `requires` list, and many projects still do that. This is not recommended.

    #setuptools #python #packaging #pypa

  22. —and that's how we ended up with a giant wave of eager newcomers before the installation scripts were dialed in.

    Self-contained installers for personal computers have never been Python's strong spot. Requiring GPU-specific versions of machine learning libraries for multiple platforms is extra challenging.

    If you have any #python application distribution expertise to spare for cool image generation software, please send it our way! #PyPA

    invoke-ai.github.io/InvokeAI/

  23. "Let's face it, the "PyPA’s stance" is just an opinion of a small number of community members which clearly contradicts the process actually happening in the community and the request for that being highly spread."

    github.com/python/mypy/issues/