Since the register command is deprecated and is no longer supported , you need to follow these steps:
- Create a
setup.py stub with an empty package list, initial version, and metadata filled - Build and Download Package
- Go to PyPI and uninstall the original version of the package you just downloaded
Thus, the package name will be reserved for you, because now you are registered as its owner, but searching for the package will not yield any results, and any direct access will result in 404.
Say you want to reserve the package name foo . Steps:
Create a new setup.py stub. Make sure the packages list is empty, so you don't accidentally download the code:
from setuptools import setup setup( name='foo', version='0.0.1', description='', long_description='', url='https://www.example.com', author='me', author_email=' me@example.com ', packages=[], classifiers=['Development Status :: 1 - Planning'], )
Create and download the package:
$ python setup.py bdist_wheel upload running bdist_wheel running build ... running upload Submitting /tmp/foo/dist/foo-0.0.1-py3-none-any.whl to https://upload.pypi.org/legacy/ Server response (200): OK
Delete a loaded wheel: go to the project page https://pypi.python.org/pypi?%3Aaction=pkg_edit&name=foo , where you will find a list of loaded wheels - select the one you downloaded and click Remove .
Now you have reserved the project name, since no one can download the foo package unless you grant them administrator rights to PyPI:
$ python setup.py bdist_wheel upload running bdist_wheel running build ... running upload Submitting /tmp/foo/dist/foo-0.0.2-py3-none-any.whl to https://upload.pypi.org/legacy/ Upload failed (403): The user 'bar' is not allowed to upload to project 'foo'. See https://pypi.org/help#project-name for more information. error: Upload failed (403): The user 'bar' is not allowed to upload to project 'foo'. See https://pypi.org/help#project-name for more information. $ twine upload dist/foo-0.0.2-py3-none-any.whl Uploading distributions to https://upload.pypi.org/legacy/ Uploading foo-0.0.2-py3-none-any.whl HTTPError: 403 Client Error: The user 'bar' is not allowed to upload to project 'foo'. See https://pypi.org/help#project-name for more information. for url: https://upload.pypi.org/legacy/
Any direct access attempts end at 404:
$ curl -I https://pypi.python.org/pypi/foo HTTP/2 404
Installation via pip will fail:
$ pip install foo Collecting foo Could not find a version that satisfies the requirement foo (from versions: ) No matching distribution found for foo
PEP 541
Note that there is a PEP 541 project that defines unreachable, abandoned, and invalid projects in the package index. The section "Resolution of name conflicts for active projects" states:
None of the following can claim transfer of rights to the package name:
...
User A owns project X outside the package index. User B creates a package called X in the index. After a while, User A wants to publish Project X in the Index, but implements the name. This is true even if the user project X receives a noticeable value, and the project "User B" X is not noticeable.
So, although PEP confirms that no one can take the name of the active project from you, this is not guaranteed in the case of an inactive project, which is a good meeting with the name of the squat. My understanding of this is that if you reserve a name now without developing anything in the future, an open-air project appears under this name and becomes very popular, you can bet that the rights of the owner of the project will be removed from you.
Also note that if PEP 541 is approved, empty packages or packages without any functions will qualify as invalid packages and will be deleted:
A project published in the Package Index Index, ANY of the following is considered invalid and will be removed from the Index:
...
the project is the name of the squat (the package does not have functionality or is empty);
the name, description or content of the project violates the Code of Conduct; or
the project abuses the Package Index for purposes for which it was not intended.