Skip to content

Allow project owners to set status markers ("deprecated", "archived", etc) to their PyPI projects #16844

New issue
New issue
Open
Open
Allow project owners to set status markers ("deprecated", "archived", etc) to their PyPI projects#16844
Labels
feature request
@facutuesca

Description

@facutuesca
facutuesca
opened on Oct 7, 2024

What's the problem this feature will solve?

Currently, PyPI does not have a standard way of indicating that a project has been deprecated, archived, etc by the maintainers.
This information is (sometimes) included in the project's description, but there's no standard way of setting (or getting) it, other than manually checking.

If owners can mark a project as deprecated, archived, etc. on PyPI and this information is exposed through the web UI and the index APIs, downstream consumers can monitor this information to make better decisions about their supply chain.

Describe the solution you'd like

Recently warehouse added support for marking a project as quarantined: #16179.
This involved adding a new field to the Project model:

class LifecycleStatus(enum.StrEnum):
    QuarantineEnter = "quarantine-enter"
    QuarantineExit = "quarantine-exit"

We could model the new project statuses as lifecycle statuses. For example:

class LifecycleStatus(enum.StrEnum):
    QuarantineEnter = "quarantine-enter"
    QuarantineExit = "quarantine-exit"
    Deprecated = "deprecated"
    Archived = "archived"
    Finished = "finished"

The project owner should only be able to set the new statuses (not the quarantine related ones), and only if the project is not quarantined. Something like:

stateDiagram-v2
    direction LR
    [*] --> UserStates
    state UserStates {
        None
        Archived
        Deprecated
        Finished
    }
    UserStates --> UserStates
    UserStates --> QuarantineEnter : 
    QuarantineEnter --> QuarantineExit
    QuarantineExit --> QuarantineEnter
    QuarantineExit --> UserStates
Loading

The UI for setting the status can be a simple drop down:
image image

And the UI for the project's main page can be similar to the quarantined one:
image

Additional context

  • There have been previous requests for adding an "archived" status: Add option to archive project #4021, Feature - archive a project #15950. Also for unsupported/deprecated: Ability to mark a version of a package as deprecated or unsupported #345.
  • In this issue I suggested 3 new statuses, here's a more complete description of each:
    • “Finished”: the project is “complete” and not receiving active feature development;
    • “Archived”: the project is inactive and not receiving further updates of any kind;
    • “Deprecated”: the project has been obsoleted or replaced in functionality by another project.
  • Initially, we can make the project status only affect the web UI and the metadata included in the index APIs. We could later add restrictions to the project actions depending on the status (e.g.: disallowing uploads for deprecated projects), but this is optional and will probably need more discussion.
  • The changes required in the backend for this feature are pretty simple since the LifecycleStatus field already exists. Most of the work should be UI-related.

cc @miketheman @woodruffw

Metadata

Metadata

Assignees

No one assigned

    Labels

    feature request

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions