Python Package Index
The Python Package Index (PyPI) is the repository of software for the Python programming language. Pronounced 🥧 🫛 👁️
- Over the past year (and a half!), our inaugural PyPI Support Specialist, Maria Ashna, helped tackle backlogs, improve support processes, and keep #PyPI running smoothly for the #Python community. Read the full reflection on what that work looked like 👇 blog.pypi.org/posts/2026-0...
- Reposted by Python Package Index[Not loaded yet]
- 2025 was another eventful year for PyPI! Critical security enhancements, powerful new org features, a better overall user experience, and transparent security incident response 🎉👏 Thank you, PyPI team & community! Learn more on our blog: blog.pypi.org/posts/2025-1...
- Reposted by Python Package Index[Not loaded yet]
- Reposted by Python Package IndexPyPI serves billions of requests daily- but sustaining it isn’t free. The PSF joined the OpenSSF & others in calling for organizations to invest in sustainable open infrastructure. Learn what this means for #PyPI, the PSF, & how our community can pitch in:
- A campaign targeted GitHub Actions to steal PyPI tokens—PyPI wasn’t compromised and no PyPI packages were published by the attackers. Stay safe: review your tokens, rotate any exposed ones, and use short-lived, scoped GitHub Actions tokens. Details:
- 🚨 There is a new ongoing phishing campaign against PyPI users. This campaign uses the same tactics as the previous campaign targeting PyPI users, but with a new domain. Read more about what steps we're taking to protect PyPI users from future campaigns:
- Reposted by Python Package IndexThe PSF has adopted pypistats.org, ensuring long-term stability while staying open source and community driven 🎉 Thank you to Christopher Flynn, for operating this awesome community service for 6+ years- and for continuing to maintain the project 💪🐍 pyfound.blogspot.com/2025/08/pypi...
- PyPI now checks for expired domains to prevent domain resurrection attacks, a type of supply-chain attack where someone buys an expired domain and uses it to take over #PyPI accounts through password resets. #Python #OpenSource #SupplyChain #Security
- The Python Package Index is introducing new restrictions to protect Python package installers and inspectors from ZIP confusion attacks. There is no evidence that this vulnerability has been exploited. Read the blog post for more information:
- Reposted by Python Package Index[Not loaded yet]
- Reposted by Python Package Index[Not loaded yet]
- Reposted by Python Package Index[Not loaded yet]
- Incident report! Thanks to our community for reporting, we take security seriously and work to address issues like these to suit. blog.pypi.org/posts/2025-0...
- This wasn’t just blather! bsky.app/profile/pypi...
- #PyPI takes security very seriously. If you ever run into malware or a security issue with PyPI itself, make sure to follow our reporting instructions carefully-- and thank you for your vigilance! pypi.org/security/ #python
- #PyPI takes security very seriously. If you ever run into malware or a security issue with PyPI itself, make sure to follow our reporting instructions carefully-- and thank you for your vigilance! pypi.org/security/ #python
- Keep up to date and subscribe for updates on #PyPI infrastructure status, including requests, edge requests/errors, and traffic via our public dashboard: status.python.org #python
- Into stats? Find various first and third party #PyPI statistics on our website: pypi.org/stats/ #python
- Learn about how to install and distribute #Python packages with the 'Python Packaging User Guide', a collection of tutorials and references, maintained by the Python Packaging Authority: packaging.python.org/ #pypi
- If you want to get in-depth updates on #PyPI news, updates, and incidents, make sure to regularly read up on our blog: blog.pypi.org/ #python
- If you've got questions about the basics of #PyPI, your account, integration, project admin, troubleshooting, or what PyPI is all about, make sure to check our FAQ! pypi.org/help/ #python
- @python.org raises and distributes funds to improve #Python's packaging ecosystem, including #PyPI. If your company depends on Python or PyPI, send our sponsorship page to those internal decision makers to help sustain Python for all, for free, forever: www.python.org/sponsors/app...
- New to #PyPI? It's the home and central repository for #Python packages 🐍🏡 Use pip install to grab your favorite libraries!
- Welcome to the official #PyPI Bluesky account 🦋🐍 Your trusted source for discovering, installing, and sharing #Python packages. Follow us for updates, security news, and incident reports!
- Reposted by Python Package Index[Not loaded yet]
- Reposted by Python Package Index[Not loaded yet]
- PyPI Now Supports Project Archival: blog.pypi.org/posts/2025-0...
