From b12bc7e5bf661a9ce3a306dded7f670caf72ec1a Mon Sep 17 00:00:00 2001 From: Barry Warsaw Date: Wed, 2 Oct 2024 15:58:58 -0700 Subject: [PATCH] Reword the PyPI limits rationale, based on feedback --- peps/pep-0759.rst | 24 ++++++++++-------------- 1 file changed, 10 insertions(+), 14 deletions(-) diff --git a/peps/pep-0759.rst b/peps/pep-0759.rst index 991b923c198..7fea965deb1 100644 --- a/peps/pep-0759.rst +++ b/peps/pep-0759.rst @@ -124,19 +124,15 @@ packages. Addressing PyPI limits ---------------------- -The problem *this* PEP solves is not just reduction or elimination of -dependency confusion attacks. There is another class of problem that a safe -external wheel hosting solution can mitigate: artifact size limits. - -PyPI imposes a `default artifact size limit `__ of -100 MiB and a default overall `project size limit -`__ of 10 GiB. Most packages and artifacts can -easily fit in these limits, even for packages containing binary extension modules for a -variety of platforms. A small, but important class of packages routinely exceed these -limits, requiring them to submit PyPI support tickets `requesting higher limits`_. It's not -necessarily difficult to get resolution on such exceptions, but it is a special process -that can take some time to resolve, and the criteria for granting such exceptions aren't -well documented. +This proposal also addresses the problem of size limits imposed by PyPI, where there is a +`default artifact size limit `__ of 100 MiB and a +default overall `project size limit `__ of 10 +GiB. Most packages and artifacts can easily fit in these limits, even for packages +containing binary extension modules for a variety of platforms. A small, but important +class of packages routinely exceed these limits, requiring them to submit PyPI `exception +request support tickets`_. It's not necessarily difficult to get resolution on such +exceptions, but it is a special process that can take some time to resolve, and the +criteria for granting such exceptions aren't well documented. Reducing operational complexity ------------------------------- @@ -459,7 +455,7 @@ Copyright This document is placed in the public domain or under the CC0-1.0-Universal license, whichever is more permissive. -.. _`requesting higher limits`: https://github.com/pypi/support/issues?q=is%3Aissue+is%3Aclosed+file+limit+request +.. _`exception request support tickets`: https://github.com/pypi/support/issues?q=is%3Aissue+is%3Aclosed+file+limit+request .. _`wheel file naming format`: https://packaging.python.org/en/latest/specifications/binary-distribution-format/#file-format .. _`allowed`: https://packaging.python.org/en/latest/specifications/binary-distribution-format/#the-dist-info-directory .. _`signed wheel file format`: https://packaging.python.org/en/latest/specifications/binary-distribution-format/#signed-wheel-files