Feat: Support restricting package installation by datetime upper bound
notatallshaw opened this issue · comments
Since PEP 700 simple index index API 1.1 and above has supported the field upload-time
. It would be useful for many use cases to support restricting what packages are installed by specifying an upper limit on this upload-time
.
Particularly because:
- Libraries are strongly discouraged from providing upper bounds
- Metadata can not be changed once uploaded to PyPI
- Leading to the problem: If library A depends on library B and B releases a version that is incompatible with A, then a new version of A can get released that excludes the incompatible version of B, but this can mean that package installer might just backtrack on A and install functionality incompatible versions of A and B even though their metadata doesn't describe it
Therefore installing older requirements can sometimes be significantly helped by adding an upper limit on upload-time.
Is this also how the pypi timemachine
works? Would definitely be a cool feature! (https://pypi.org/project/pypi-timemachine/)
No, pypi timemachine was created before and hasn't been updated since PEP 700.
It uses the PyPI JSON API, which is a non-standard API: https://warehouse.pypa.io/api-reference/json.html. e.g. https://pypi.org/pypi/requests/json