Description
Project to be claimed
apache-airflow-providers-edge: https://pypi.org/project/apache-airflow-providers-edge
Your PyPI username
potiuk: https://pypi.org/user/potiuk
Reasons for the request
Apache Airlfow follows a rather strict naming convention for it's "provider" (more than 90 of those): apache-airflow-providers-PROVIDER_ID. This is very important for us to follow the convention for several reasons:
- apache-airfflow indicates to the users who are installing airflow providers, that this provider is managed and relased by the Apache Software Foundation's Airfow PMC - which is a legal act of the Foundation, and is a way for our users to trust that the package has been released and approved by the PMC following the "Apache Way" and the ASF Release Policy.
- our providers are maintained and developed together with airflow, and we have a lot of CI and development tooling build to rely on the naming convention of the packages we release. We release new wave of providers more or less every 2 weeks, sometimes we release up to 90 providers at the same time and we highly rely on the automation of release package preparation and review to make it happen. Our providers are stored in monorepo of our following the same naming convention https://github.com/apache/airflow/tree/main/providers
- we discussed in https://lists.apache.org/thread/br1jfoc8p1wjzk74c09srjgr29spytfy and later agreed in a lazy consensus https://lists.apache.org/thread/fhcz1q323dllzm0q34bblorsp5h0mk17 that
edgeis a perfect name for a provider that would be result of AIP-69 - initilally named "remote", "edge" seemed like a way better name
However we've been made aware in https://lists.apache.org/thread/zs6ymo5yh8sms67wqjvchkt07sootyym that apache-airflow-providers-edge has been apparently reserved by someone (or at least that seems like the only logical explanation why we cannot reserve the name):
None of the other reasons from the list available in https://pypi.org/help/#project-name seems to explain why we cannot reserve the name (we did in the past for a number of our providers - and reserved names). It seems that someone reserved the name but has not released anything - however witht the current API of PyPI we are not even aware who reserved it and why, we do not know whom to contact. We've asked other maintainers and release managers in Apache Airflow, but it seems that no-one reserved it, so the only logical conclusion is that someone else reserved it.
Note, that this is an example of why PEP 752 Implicit namespaces for package repositories is a good idea - it would have prevented similar issues, it would make it possible by organisations to claim namespace prefixes only once, without bothering PyPI team with PEP 541 requests and avoid some typosquatting attacks and confusion among the users, and potential security problems resulting from it. Because of it I discussd ti wiht @ofek and I am applying to become a co-author of the PEP-752 - also explaining the issue that the PEP is going to solve in https://discuss.python.org/t/pep-752-implicit-namespaces-for-package-repositories/63192/82
Maintenance or replacement?
Replacement
Source code repositories URLs
There is no package published yet for "apache-airflow-providers-edge" - so no idea about the previous URL. The future airlfow "edge" provider is prepared in airflow's monorepo in https://github.com/apache/airflow/tree/main/providers/edge
Contact and additional research
Since we have no idea who reserved the package, we do not know whom and how to contact. Unfortunately with PyPI interface, when someone reserved a distribution name, but did not publish it, all the attempts to retrieve information return 404 (not found).
Code of Conduct
- I agree to follow the PSF Code of Conduct
Metadata
Metadata
Assignees
Labels
Projects
Status