[GH Request] Remove edx-recommendations from PyPI

[zainab-amir]

Firm Name

2U

Urgency

Low (2 weeks)

Problem/Request

Remove edx-recommendations package from PyPI: https://pypi.org/project/edx-recommendations/

Reasoning

The package currently contains 2U specific functionality for recommendations and is a replica of the learner_recommendations app in edx-platform. The learner_recommendations is scheduled to be removed from the edx-platform codebase soon.

The original decision was to keep the repo public because even though the code was 2U specific, the community could still use it as an inspiration. However, in light of recent updates, we will be incorporating confidential 2U-edX code and hence have made the decision to transition the edx-recommendations repo to a private status and not publish the package to PyPI. By taking this step, we ensure that the package will not be accessible to the general public, safeguarding the proprietary aspects of our codebase. As a result of these changes, the existing version of the package on PyPI, while still functional, will no longer receive updates or new features.

[openedx-workflow-automation]

Thank you for your report! @openedx/axim-oncall will triage within a business day. Simple requests usually take 2-3 business days to resolve; more complex requests could take longer.

[nedbat]

Why remove the PyPI package? Why not just stop publishing updates?

I'm also curious what new code in that component needs to be kept secret?

[zainab-amir]

Why remove the PyPI package? Why not just stop publishing updates?

Its not a requirement to remove the package from PyPI but because it won't get any new updates I proposed that maybe we should remove that. We have already stopped publishing the package. If axim thinks its okay to keep a package that won't get any new updates that is fine too.

I'm also curious what new code in that component needs to be kept secret?

Vanguards are working on home grown recommendations which the stakeholders have decided should be a confidential.

[hurtstotouchfire]

@zainab-amir I don't see any reason this needs to be removed. Can we discuss with Pieter?

[zainab-amir]

@hurtstotouchfire can you share your reasoning? Happy to discuss this with Pieter too.
Just want to state this again, this is just a suggestion to remove the package considering the current version on PyPI

• is very 2U specific
• it won't get new updates in future

If we think this is not necessary, we can close the issue.

[nedbat]

The reason to leave edx-recommendations is so that you don't break anyone that might have been using it from PyPI. PyPI has a strong recommendation to never remove packages, or versions of packages.

[zainab-amir]

We can leave the package in PyPI.