Search for abandoned and deprecated python packages
Project description
pip-abandoned
Installation
pip install pip-abandoned
Introduction
Some package registries like NPM and Packagist allow a user to mark a package as abandoned or deprecated. This means it is relatively easy to tell if you are relying on a package abandoned by its author. It also allows package managers to consume this metadata to provide a warning at install time. PyPI does not have a mechanism to abandon or deprecate a package. There are some signals we can look at though.
- Many packages are linked to a GitHub repository. If that GitHub repository is archived, this is a strong signal that the package itself is abandoned
- Some packages may use the
Development Status :: 7 - Inactive
trove classifier to indicate the package is not maintained
pip-abandoned
uses these signals to identify potentially abandoned packages in your environment.
Usage
An example invocation of pip-abandoned
looks like:
GH_TOKEN=ghp_abc123 pip-abandoned /home/alice/.virtualenvs/myproject/lib/python3.10/site-packages
There are two things we need to supply:
- A path to a python (virtual) environment to search. This is passed as a positional parameter.
- A GitHub API token. This is set using an environment variable called
GH_TOKEN
. We need to provide this becausepip-abandoned
used the GitHub GraphQL API to efficiently query many repos at once. The advantage of this is that it is fast. The tradeoff is that authentication is required. A PAT with read-only access to public repos will be sufficient for most cases.
Other Projects
pip-abandoned
takes inspiration from pip-audit, another great project.
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for pip_abandoned-0.1.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 012f91f439b611d20e9abdd408d35d6b2b21599d2636854fa87324296116df0c |
|
MD5 | c26526d6ee10c267cd1fdb6fe5454a1c |
|
BLAKE2b-256 | 0b2f490756b3df842cb6c0032ea6c654e6974004543e198f62937e2280e11503 |