Some questions I had on the PEP:
- Should indexes be required to provide a list of all reserved namespaces? The PEP mentions a new ‘namespace detail’ endpoint in the JSON API, but I don’t believe I saw anything about a full list of all grants. Knowing which names are reserved can be useful when choosing new project names.
- I’m unclear how project creation works with this PEP. The ‘uploads’ section states that if the proposed name is under a reserved prefix and doesn’t yet exist (i.e. a new project), the upload must fail if “the project is not owned by an organization with an active grant for the namespace”. This seems circular, though, as PyPI to my knowledge doesn’t allow package reservations.
- A recent update stated that there are 9,800 outstanding requests for PyPI organisations. Should this PEP talk to the resource impact of namespace requests? At the very least as an expectation-setting exercise, it would be useful to know as a community project that such requests may take several years, or that PyPI may explicitly prioritise requests from paid subscribers (as a hypothetical).
Further editorial questions:
- Is a better title for the ‘Uploads’ section something like ‘Project creation’? It specifies nothing else about package uploads under reserved prefixes.
- From a specification point of view, please could the PEP provide a better definition of the ‘organisations’ concept than linking to a PyPI blog post? I believe there’s been previous discussion about trying to avoid making interoperability standards too PyPI-specific.
- From memory, the authors chose to reject reserved prefixes for individuals, making them exclusive to organisations. Could this be added as an explicit rejected idea?
A