Hacker News new | comments | show | ask | jobs | submit login
Powering the Python Package Index (caremad.io)
65 points by ingve 4 hours ago | past | web | 15 comments





Props to HP Enterprise for basically paying this guy full time to work on PyPI. To anyone with purchasing/hiring power in a major Python shop: Pretty much all Python projects seem to be running on a skeleton crew!

If you are on a hiring spree, maybe slip in a job posting for "Infrastructure Integrator" with duties to maintain some projects full time.


When it comes to the interface, it puzzles me why it cannot have a clear, interactive interface like e.g. https://packagecontrol.io/

For that reason, I almost never directly in https://pypi.python.org.


For what it's worth, the warehouse (https://pypi.io/) is the successor to the current PyPI that Donald is currently working on. Is the UI here closer to something you'd like?

Also, if there are any interested Django developers around, I'm sure they'd love to have some help finishing the project off.


Not quite (yet?).

- no popularity markers (downloads, stars on GitHub or both)

- no "search as you type"

- way too sparse (not a good feature for searching)

I gave link to a a search with I consider "the best" (for Sublime Text Package Manager).

Not much of a Django dev myself (I'm using Python mostly for data science).


The next generation of the package index has been in development for some time now. Have a look at:

https://pypi.io/ https://github.com/pypa/warehouse https://warehouse.readthedocs.io/


I fail to see what's so interactive on that page. Personally, the search box is all the interaction I need.

Search box with search as you type. And listing popularity (and preferably, last update).

I think it's great this person is so dedicated to maintaining such an important part of the ecosystem, but is there seriously just one dude that's taking care of this? If something happens to him, what happens to everything and everyone that depends on the index? Perhaps it's time to think about moving the responsibility to something more fault tollerant, like a non-profit organization -- maybe even python.org?

Sorry to bring it up here, but can you check your email for an email from david@daviddworken.com? I previously sent in an XSS vulnerability that you fixed quickly, but I found a second one that has not been patched yet (despite being reported on March 26th).

Thanks for reposting that comment here (I posted it on /r/python). I'm now in contact with him and I'll update this once it has been fixed.

Richard Jones the creator of pypi is also running PyCon AU in Melbourne this year: https://2016.pycon-au.org/

I love it when people start with the important stuff, quote "(Me)". That shows team spirit and motivates others to participate. (no serious criticism intended, just do as I do, and smile a little)

The current people are very good at self-promotion. Also, no mention of Martin v. Loewis, who put quite a bit of work into PyPI.

Your comment comes across as spiteful.

Also, from the article: "Over the years many different people and services have participated in the maintenance and running of PyPI. I’m not going to attempt to create an exhaustive list of every person or service who has ever helped, but instead focus on those who are currently involved."


This post may or may not have anything to do with the recent PyPI outage.



Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: