Packaging improvements that could be funded
This page lists specific things that
- the Python packaging community wants
- are fairly well-scoped
- would happen much faster if the Packaging Working Group got funding to achieve them
finish dependency resolver for pip
We're partway through a next-generation rewrite of the dependency resolver within pip, Python's package download and installation tool. The project ran into massive technical debt, but the refactoring is nearly finished and prototype functionality is in alpha now. (In-depth explanation by Sebastian Awwad of the problem & our approach, lead developer Pradyun Gedam's initial plan and 2017 status updates, GitHub issue #988 tracking progress and issue #6536 for planning rollout.)
Funding would support user experience, communications/publicity, and testing work (including developing robust testing/CI infrastructure) as well as core feature development and review.
We need to finish the resolver because so many other improvements are blocked on it:
and it would fix so many dependency issues for our users:
And in our larger ecology, this causes installation problems for:
Robust interoperability testing
We need funding to ensure core packaging tools work well with each other; currently they aren't seamlessly interoperable. See the integration-test project. This will help us get faster at testing and rolling out bugfixes and features for all Python packaging and distribution tools: well-known projects like pip, virtualenv, and wheel, but also all the downstream projects that depend on them.
System for generic statuses/flags on projects on PyPI
To scale up our anti-abuse moderation and help package maintainers with security response, we need to be able to, for instance, mark a release as deprecated or a project as unsupported. We need support to do the architectural design to implement this. (See notes from this meeting.)
Feature flag system on PyPI
It's difficult to roll out new features gradually to PyPI's test site or to selected test users; a feature flag system would help us deploy more confidently. See this GitHub issue.