2023 PSF annual impact report
2023 PSF annual impact report
Posted May 8, 2024 12:18 UTC (Wed) by kleptog (subscriber, #1183)In reply to: 2023 PSF annual impact report by NYKevin
Parent article: 2023 PSF annual impact report
> Why can't PyPI and other endpoints that get called into from GitHub simply implement 429 errors unilaterally? It's not as if Microsoft is just going to tell everyone to stop using pip from their CI flows.
Just today I received an email from Azure that, because Docker Hub is implementing anonymous rate limiting soon, that they've created a new feature that acts as a pull-through cache for external docker registries. So if PyPI announced that they were rate-limiting anonymous downloads per IP on (some date in 2025) you have a good chance that something will be done.
It's not even hard. We just installed devpi as a container and added some pip configuration to the workers. Only slightly more complicated than getting Debian packages cached (which Azure DevOps *does* cache from a local mirror).