UI to communicate with authors #933
Comments
|
If you want to open a PR for this, I certainly won't object, but only in the case where a package author has 'opted in' to be contacted via PyPI. We would also need to allow users to specify an email address specifically for public contact (if they wanted to use a different address for this). We can't simply open up the user base to receiving unsolicited email. ping @dstufft on this. |
|
@nlhkabu Thanks for the feedback. On the one hand, I totally understand the concern about unsolicited mail. There would definitely have to be a lot of controls and protections around actually sending email; CAPTCHAs and such. On the other, I don't believe that someone should necessarily be allowed to maintain packages on PyPI if there is legit no way to get in touch with them; if you have uploaded packages, you should be responsible for them in some sense. That's not to say that you absolutely have to receive email from PyPI, but I would very much like it if specifying some project-contact mechanism (issue tracker, etc) were mandatory for each package; email here is the measure of absolute last resort (and I would expect it would only be sendable from a logged-in PyPI user who had passed a captcha and their own email verification and you could submit at most 3 per day, via a web form which doesn't expose the email address of the recipient). |
|
I'm not opposed to the idea in general. It'd probably cut down on the amount of support work we need to do since a large part of that is basically just acting as a go between for abandoned projects and people who want to take over that project. It'd definitely have to be done in a way that preserves privacy. |
|
I think there is a difference between opening up the user base to receiving emails from others users vs sending official emails from PyPI itself. For privacy reasons I don't like the idea of letting any PyPI user email another (even with the protections @glyph describes), but I think we can send 'platform' emails where we can control the content. For example, we could have a mechanism where project maintainers receive an email if their project has been flagged by users (or perhaps by algorithm) to be 'inactive'. This email could ask the maintainer if they want to put the package 'up for adoption', or if they want to hand over to someone specific. I recall @nedbat discussing this same problem on twitter. He may be able to contribute to this discussion? This, however, does not solve the initial problem @glyph describes (connecting two project owners). |
|
@nlhkabu - ultimately this does address my fundamental use-case. I was viewing this as the first step in a bigger eventual plan to get to "flag as inactive" / "request name" type functionality. |
|
PyPI has the information necessary to do this. In fact, anyone can get the information: I downloaded the source kit and found the author's email address in the setup.py. I think if a package author puts their email address in setup.py, it's fair game to make it possible for people to email them. Why else is the email address there? |
|
Well, there are two places emails can be placed. One is in the |
|
I have something to add from my personal experience - the package author and uploader to PyPI could be different persons. It would be great to have way to contact the person uploading to PyPI in order to be able to transfer ownership or to have some way to resolve such situations. I was thinking about contact form accessible only to authenticated users. The PEP 541 sort of addressed this situation (see #1506), but if there would be way for users to do this, I believe at least some situations could be resolved without involving PyPI maintainers (which are apparently overloaded and I can understand that). Off topic, but I think it might help to understand my request: I have this problem with https://pypi.org/project/uTidylib/, which had last release more than 10 years ago, but there are still some quite projects using that. I happened to be Debian package maintainer and the package consisted of several patches bringing fixes for newer Python or tidy versions. After some time, I've collected all the patches in single source code, contacted original author and got his permission to take over the library. Unfortunately nobody knows who is "cntrlr" who has uploaded the package to PyPI and thus it is nearly impossible to take over the maintainership there as the support requests are really not handled for past few years... |
|
I think this is a good feature idea, and I've only moved it to the post-legacy-shutdown milestone on our roadmap because I'm noting that it's a new feature that is not available on legacy PyPI. @nijel sorry for the long wait. PEP 541 will help with the backlog of package transfer requests. This month the community changed the approval authority on that PEP in python/peps#566 which provides a clearer way forward for it, so there is forward progress on that. |
I recently discovered the package https://warehouse.python.org/project/gtwisted/ which appears to be somewhat redundant with https://pypi.python.org/pypi/geventreactor/. I'd love to tell the person who uploaded that package that they should collaborate.
However, there's no way (on PyPI or in Warehouse) to contact the author of the package. I'd really like it if there were some built-in way to do that. If the package itself has an issue tracker then that kind of feedback should go there, but if not I'd like to be able to at least send an email to the package maintainers via a form on warehouse.
The text was updated successfully, but these errors were encountered: