Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PEP 541 Request: kodiak-rure #2060

Closed
1 task done
davidblewett opened this issue Jul 5, 2022 · 4 comments
Closed
1 task done

PEP 541 Request: kodiak-rure #2060

davidblewett opened this issue Jul 5, 2022 · 4 comments
Assignees
@yeraydiazdiaz
Labels
PEP 541 Package name support requests

Comments

@davidblewett
Copy link

Project to be claimed

kodiak-rure: https://pypi.org/project/kodiak-rure

Your PyPI username

davidblewett: https://pypi.org/user/davidblewett

Reasons for the request

The kodiak-rure package is a direct copy of my rure package: https://pypi.org/project/rure/ . It stems from this issue on my github repo: davidblewett/rure-python#24 . The new package was uploaded solely for the purposes of distributing a binary wheel for M1 Macs. The folks that uploaded it didn't wait for my response on providing a binary wheel. Since this wheel contains a binary (originally intended for wrapping the Rust regex crate), it is possible that the uploaded wheels have malicious content in them. I asked them to remove the package to avoid confusion with the canonical repo almost a week ago, but haven't had a response since.

I have not had time to maintain the original rure package, but I would prefer an orderly transfer of it to someone rather than it being hijacked.

Maintenance or replacement?

Replacement

Source code repositories URLs

https://github.com/davidblewett/rure-python

Contact and additional research

I asked for the package to be removed on June 29, 2022: davidblewett/rure-python#24 (comment) .

Code of Conduct

  • I agree to follow the PSF Code of Conduct
@davidblewett davidblewett added the PEP 541 Package name support requests label Jul 5, 2022
@yeraydiazdiaz
Copy link

Hi @davidblewett, I don't think PEP 541 covers this scenario as its primary use case is the transfer of abandoned projects.

That being said I will try to communicate with @chdsbd to see if he'd be willing to remove the project and/or contribute to rure to include the extra binary wheels.

@yeraydiazdiaz yeraydiazdiaz self-assigned this Jul 25, 2022
@davidblewett
Copy link
Author

@yeraydiazdiaz I asked him to take the wheels down on June 29 and haven't heard anything back since.

@sbdchd
Copy link

sbdchd commented Mar 12, 2023

I've updated the readme on the PyPi listing to prevent any confusion:

https://pypi.org/project/kodiak-rure/

@yeraydiazdiaz
Copy link

I'll close this as contact has been made and action was taken.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@yeraydiazdiaz yeraydiazdiaz

Labels
PEP 541 Package name support requests
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@davidblewett @yeraydiazdiaz @sbdchd