This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author ChrisRands
Recipients ChrisRands
Date 2020-04-01.08:56:04
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1585731365.14.0.524521872477.issue40132@roundup.psfhosted.org>
In-reply-to
Content
Not sure if this is the right place to mention this (apologies if not). Naturally, package names are unique so when you run `pip install package-name` there is no ambiguity. However, this means that package names are limited and potentially valuable. Already there were some malicious users typo squatting famous package names (https://www.nbu.gov.sk/skcsirt-sa-20170909-pypi/), now fixed, but I'm more referring to the more general issue.

My guess is, if python continues to grow in popularity, it is only a matter of time before some unhelpful folks decide to reserve generic package names (common words etc.) and there is a market for selling PyPI package names (like the situation with domain names now). Personally, I'm not sure this would be good for the python community, but I don't know if there is (or could be) any solutions?
History
Date User Action Args
2020-04-01 08:56:05ChrisRandssetrecipients: + ChrisRands
2020-04-01 08:56:05ChrisRandssetmessageid: <1585731365.14.0.524521872477.issue40132@roundup.psfhosted.org>
2020-04-01 08:56:05ChrisRandslinkissue40132 messages
2020-04-01 08:56:04ChrisRandscreate