Python Package Index's Avatar

Python Package Index

@pypi.org.bsky.social

The Python Package Index (PyPI) is the repository of software for the Python programming language. Pronounced πŸ₯§ πŸ«› πŸ‘οΈ

1,448 Followers  |  0 Following  |  13 Posts  |  Joined: 26.11.2024  |  1.105

Latest posts by pypi.org on Bluesky

Preview
PyPI Users Email Phishing Attack - The Python Package Index Blog PyPI Users are receiving emails detailing them to log in to a fake PyPI site.

Always verify the domain is pypi.org before logging in.

Read more: blog.pypi.org/posts/2025-0...

28.07.2025 14:35 β€” πŸ‘ 9    πŸ” 5    πŸ’¬ 0    πŸ“Œ 1

Heads Up, #Python Developers!

There is an active phishing attack targeting PyPI users.

β€’ Threat: Emails from noreply@pypj.org (with a 'j') link to a fake login page.
β€’ Action: Do not click any links. If you already did, change your PyPI password ASAP.
β€’ Note: PyPI itself has not been breached.

28.07.2025 14:35 β€” πŸ‘ 57    πŸ” 40    πŸ’¬ 3    πŸ“Œ 2
Preview
Making PyPI's test suite 81% faster See how we slashed PyPI’s test suite runtime from 163 to 30 seconds. The techniques we share can help you dramatically improve your own project’s testing performance without sacrificing coverage.

my colleague @darkamaul.bsky.social has a new blog post on the @trailofbits.bsky.social blog about how we worked with @pypi.org's maintainers to slash test times on PyPI by over 80%:

blog.trailofbits.com/2025/05/01/m...

01.05.2025 14:50 β€” πŸ‘ 5    πŸ” 3    πŸ’¬ 0    πŸ“Œ 1

This wasn’t just blather! bsky.app/profile/pypi...

14.04.2025 22:12 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Incident Report: Organizations Team privileges - The Python Package Index Blog We responded to an incident related to privileges persisting via Organization Teams after Members are removed from Organizations.

Incident report! Thanks to our community for reporting, we take security seriously and work to address issues like these to suit.

blog.pypi.org/posts/2025-0...

14.04.2025 22:12 β€” πŸ‘ 3    πŸ” 2    πŸ’¬ 1    πŸ“Œ 0
Preview
Security The Python Package Index (PyPI) is a repository of software for the Python programming language.

#PyPI takes security very seriously. If you ever run into malware or a security issue with PyPI itself, make sure to follow our reporting instructions carefully-- and thank you for your vigilance! pypi.org/security/ #python

21.02.2025 15:51 β€” πŸ‘ 7    πŸ” 0    πŸ’¬ 0    πŸ“Œ 1
Python Infrastructure Status Welcome to Python Infrastructure's home for real-time and historical data on system performance.

Keep up to date and subscribe for updates on #PyPI infrastructure status, including requests, edge requests/errors, and traffic via our public dashboard: status.python.org #python

21.02.2025 12:05 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Statistics The Python Package Index (PyPI) is a repository of software for the Python programming language.

Into stats? Find various first and third party #PyPI statistics on our website: pypi.org/stats/ #python

20.02.2025 19:31 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Packaging Python Projects - Python Packaging User Guide This tutorial walks you through how to package a simple Python project. It will show you how to add the necessary files and structure to create the package, how to build the package, and how to upload it to the Python Package Index (PyPI).

Want to add your #Python package to #PyPI? Check out our 'Packaging Python Projects' guide:

20.02.2025 15:32 β€” πŸ‘ 5    πŸ” 5    πŸ’¬ 1    πŸ“Œ 0
Python Packaging User Guide The Python Packaging User Guide (PyPUG) is a collection of tutorials and guides for packaging Python software.

Learn about how to install and distribute #Python packages with the 'Python Packaging User Guide', a collection of tutorials and references, maintained by the Python Packaging Authority: packaging.python.org/ #pypi

20.02.2025 11:48 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
The Python Package Index Blog The official blog of the Python Package Index

If you want to get in-depth updates on #PyPI news, updates, and incidents, make sure to regularly read up on our blog: blog.pypi.org/ #python

19.02.2025 16:38 β€” πŸ‘ 7    πŸ” 4    πŸ’¬ 0    πŸ“Œ 0
Preview
Help The Python Package Index (PyPI) is a repository of software for the Python programming language.

If you've got questions about the basics of #PyPI, your account, integration, project admin, troubleshooting, or what PyPI is all about, make sure to check our FAQ! pypi.org/help/ #python

19.02.2025 13:13 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
The official home of the Python Programming Language

@python.org raises and distributes funds to improve #Python's packaging ecosystem, including #PyPI. If your company depends on Python or PyPI, send our sponsorship page to those internal decision makers to help sustain Python for all, for free, forever: www.python.org/sponsors/app...

18.02.2025 16:46 β€” πŸ‘ 5    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Installing Packages - Python Packaging User Guide It’s important to note that the term β€œpackage” in this context is being used to describe a bundle of software to be installed (i.e. as a synonym for a distribution). It does not refer to the kind of package that you import in your Python source code (i.e. a container of modules). It is common in the Python community to refer to a distribution using the term β€œpackage”. Using the term β€œdistribution” is often not preferred, because it can easily be confused with a Linux distribution, or another larger software distribution like Python itself.

New to #PyPI? It's the home and central repository for #Python packages 🐍🏑 Use pip install to grab your favorite libraries!

18.02.2025 14:37 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 0    πŸ“Œ 1
Preview
The Python Package Index (PyPI) is a repository of software for the Python programming language.

Welcome to the official #PyPI Bluesky account πŸ¦‹πŸ Your trusted source for discovering, installing, and sharing #Python packages. Follow us for updates, security news, and incident reports!

18.02.2025 11:26 β€” πŸ‘ 15    πŸ” 3    πŸ’¬ 0    πŸ“Œ 0

I just went through and archived every project I'm the sole owner of that hasn't had a release in 4 years (although that date isn't special, it just happens to be the "youngest" release; oldest, latest release was over 14 years ago).

30.01.2025 21:03 β€” πŸ‘ 10    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
PyPI now supports archiving projects By Facundo Tuesca PyPI now supports marking projects as archived. Project owners can now archive their project to let users know that the project is not expected to receive any more updates. Projec…

you can now archive projects on @pypi.org!

this work was done by my teammate Facundo @trailofbits.bsky.social and is part of a larger multi-year arc of work dedicated to landing security and usability improvements on PyPI:

blog.trailofbits.com/2025/01/30/p...

30.01.2025 15:55 β€” πŸ‘ 14    πŸ” 7    πŸ’¬ 0    πŸ“Œ 0
Preview
PyPI Now Supports Project Archival - The Python Package Index Blog Projects on PyPI can now be marked as archived.

PyPI Now Supports Project Archival: blog.pypi.org/posts/2025-0...

30.01.2025 14:46 β€” πŸ‘ 20    πŸ” 7    πŸ’¬ 0    πŸ“Œ 1
Preview
Project Quarantine - The Python Package Index Blog Handling project quarantine lifecycle status for suspected malware

I recently wrote about how I added the ability to quarantine projects under investigation on @pypi.org

Read here: blog.pypi.org/posts/2024-1...

#Python #Packaging #OpenSource #Security #PyPI

02.01.2025 19:36 β€” πŸ‘ 8    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
Supply-chain attack analysis: Ultralytics - The Python Package Index Blog Analysis of a package targeted by a supply-chain attack to the build and release process

Last week the Python package "Ultralytics" suffered a supply-chain attack on its build and release process. This is a review of the attack from @pypi.org's perspective.

There's plenty of advice for how Python projects can increase their #security posture:

blog.pypi.org/posts/2024-1...

11.12.2024 15:22 β€” πŸ‘ 40    πŸ” 18    πŸ’¬ 0    πŸ“Œ 2