Maintainers can now mark their projects as archived on PyPI, making it easier for downstreams to determine whether or not a potential dependency is active!
Select quotes:
Support for marking projects as archived has landed on PyPI. Maintainers can now archive a project to let users know that the project is not expected to receive any more updates.
This allows users to make better decisions about which packages they depend on, especially regarding supply-chain security, since archived projects clearly signal that no future security fixes or maintenance should be expected.
Project archival is not deletion: archiving a project does not remove it from the index, and does not prevent users from installing it. Archival is purely a user-controlled marker that gives project owners the ability to signal a project’s status; PyPI has no plans to delete or prune archived distributions.
Support for archival is built on top of the project quarantine feature. Read more about that feature in PyPI’s December 2024 blog post. You can also find more details about the project archival’s implementation on the Trail of Bits blog.
More on the PyPI blog: PyPI Now Supports Project Archival - The Python Package Index Blog