#238 Missing files from PyPI

Donald Stufft

Currently docutils seems to be missing some versions from being hosted on PyPi, this presents security and performance challenges. If you could upload the releases to PyPi and then follow the instructions at pypi-externals.caremad.io/help/what/ it'd be great!

There are a few releases hosted on PyPI which are 0.6, 0.7, 0.8, 0.8.1, 0.9, 0.9.1, 0.10 however 0.3, 0.3.5, 0.3.7, 0.3.9, 0.4, 0.5, 0.6, 0.7, and 0.11 are not.


  • sorry missed to upload 0.11 to pypi

    what security/performance risk is in not having an ancient package on pypi ?

  • Donald Stufft
    Donald Stufft

    If nobody is installing them? Nothing. But if anyone has those older versions pinned and are still installing them then the same as for a newer package. However you still have external urls and such turned on in your PyPI page so the packaging tools will crawl the source forge etc pages looking for those versions. So you should still follow the instructions at pypi-externals.caremad.io/help/what/ to solve the general security/performance problems of external urls. There's also a more detailed description on that page.

    I mostly care about the newer ones though and just included the older ones for completeness sake.

  • i turned "Hosting Mode" to "Do not extract URL ..."
    and upload all version and remove all download urls.
    although i assume this problem originates in a change in pypi.

  • Donald Stufft
    Donald Stufft

    PyPI's always had this problem :) Just recently there's been a push to get rid of it.

    Thanks a lot! You're awesome!

  • did not remove download urls, unnecessary as i understand the description.

    • status: open --> closed-fixed