I put in a PEP 541 request request a bit over a week ago, and only after sitting for a week have I now realised that perhaps I’ll never get a response to it. Is the situation was EWDurbin describes above still the same?
I understand that there are some requests that will be difficult and take some time to deal with, but in the very clear cases of name squatting, such as mine (one empty package uploaded six years ago), I’d think it would be a bit easier.
Note that this is not just an “I like this name better than that” thing: if you’re forced to chose a package name different from your executable name, you can no longer tell people to e.g., pipx run dent but instead have to ask them to type pipx run --spec docker-dent dent, which for obvious reasons is not nearly as nice.
The situation is definitely improving. The PSF has recently hired a PyPI Support Specialist and, with assistance from the developers in residence, they’re working through the backlog. However, the backlog was large to begin with, so we need to be patient. I think a lot of issues are also “simple” like yours, but there’s just a lot of them.
I should have replied much earlier to explain my situation was resolved within a few more days; sorry for the delay.
The reason for this post is some hints that may help others. I finally resolved it just by e-mailing the owner of the name, who was happy to hand it over to me, since he’d not been working on that project for years.
The trick was getting his e-mail address. It wasn’t available from his account on pypi.org, nor were there any links to anything that might have it. Eventually, though some web searching I found the source for a package with the same name on GitHub; that repo seemed to have been started at the same time and not been updated for years, and that GitHub account had a similar. By cloning the repo I could see the e-mail address in the Author: lines of the commits, and I tried that one.
It turned out to be the owner of that PyPI name, and, as I mentioned above, he was happy to let me have it.
I think it would be a good thing if we had the ability to contact package owners directly through PyPI, though I also strongly suspect this is not as simple as just, “all package owners’ email addresses will be published on PyPI.” (I suspect we wouldn’t have to think too had to start thinking of problems that could cause.) Nonetheless, I think the general idea of making contacts easier is something that could use some thought, as it might well help to reduce the workload on admin volunteers.
Anyway, this worked out, I closed my ticket, and so that’s one less thing for the overloaded admins to have to deal with.
On September 13th, I opened an issue to claim an abandoned PyPI package following PEP 541. I was able to find contact information for the current owner of the package through the information provided on PyPI and GitHub. However, I’ve yet to receive a response from them, after 5 weeks and several messages sent over email and Twitter DM.
I understand that there’s a backlog of similar PEP 541 requests for similarly abandoned / name-squatted package names, and I appreciate all the work done by staff and volunteers to resolve these issues.
To @EWDurbin’s earlier point, I acknowledge that there’s a self-serve option to choose another name. But I’ve grown fond of this package name, and can’t seem to bring myself to consider alternatives. I’m still holding out hope that the maintainer will finally respond, or an admin will process the request. (So often it goes with matters of the heart).
That’s all to say that this naming issue is now the last remaining blocker to launching my project, so I’m motivated to resolve it as soon as possible. If anyone can help move this along, or suggest things I can do to help, I’d very much appreciate that.
Other than choosing a new name, the best suggestion is to continue to be patient. The next is to help find funding for another Support Specialist, and be (a bit less) patient. The new Support Specialist, with help from the CPython Developers-in-Residence, are doing a great job at working through the backlog. There’s still a lot of support issues being created (~140 per month!) but the steep rise is now decreasing:
Thank you for your response, @hugovk. I’ll continue to wait patiently. I’ve also made a donation to PSF, in the hope that additional funding helps to work through this backlog more quickly.
I have an idea that may help reduce the support burden rather than automate the entire project transfer process. I’m not familiar with uploading to PyPI, so feel free to correct or ignore elements or all of this if it’s already in place, or not possible.
When a PEP 541 request is made via GitHub, could we automate part of the support process? For instance, once the issue is created, an automated task could email the current package owner, asking if they’re willing to transfer the name. If they agree, they can initiate some task that would trigger the transfer and close the issue automatically. If they decline, the issue can be closed without further steps. This could streamline some abandoned project transfers. Similar processes could be used for other cases such as typosquatting.
If a project owner does not respond, we can follow the current process, where a PyPI admin approves a transfer request. Rather than processing this manually, they could label the issue (e.g., transfer-accepted), which triggers a process to automate the transfer and close the issue.
This is just food for thought, but it might be worth exploring.
