I have had at least two good reasons to delete files or releases in the past:
- Pip & co can still pick up yanked files/releases if there’s no better match. For PyTorch we had a very concrete problem with that: the only sdist left on PyPI was a very old 0.1.2 one, and
pip install torchpicked that up even after yanking for platforms without wheels like 32-bit Windows (PEP 592 explicitly allows this). This gave a steady stream of bug reports. It could of course be worked around by handcrafting a dummy sdist with a newer version number that errors out quickly - but deleting seems better. - Space constraints: for NumPy and SciPy we’ve put old beta/rc versions on PyPI and then cleaned them up after the discussions on PyPI size constraints. I’d find it strange if on the one hand we deem file sizes so critical that uploading very large files is disallowed (xref (What to do about GPUs? (and the built distributions that support them)) and cumulative size for a package is capped fairly strictly, but on the other hand we do allow uploading nightlies and experimental/temporary releases but then forbid deleting them.
And of course there are other reasons one can think of for deleting files/releases, like accidentally including credentials in a file or a missing license which breaks GPL redistribution requirements.
This sounds reasonable. There may still be an incidental case where developers would like to remove a package, like package name being a copyright infringement, but those can be handled via filing a support issue requesting removal.