Skip to main content

A tool for running a PEP-503 simple Python package repository, including features such as dist metadata (PEP-658) and JSON API (PEP-691)

Project description

simple-repository-server

A tool for running a PEP-503 simple Python package repository, including features such as dist metadata (PEP-658) and JSON API (PEP-691)

Installation

python -m pip install simple-repository-server

Usage

The simple-repository-server is designed to be used as a library, but also includes a convenient command line interface for running a simple repository service:

$ simple-repository-server --help
usage: simple-repository-server [-h] [--port PORT] repository-url [repository-url ...]

Run a Simple Repository Server

positional arguments:
  repository-url

options:
  -h, --help      show this help message and exit
  --port PORT

If multiple repositories are provided, the PrioritySelectedProjectsRepository component will be used to combine them together in a way that mitigates the dependency confusion attack.

The server handles PEP-691 content negotiation to serve either HTML or JSON formats. Per PEP-691, the default (fallback) content type is HTML, but a JSON response can be previewed in the browser by adding the ?format=application/vnd.pypi.simple.v1+json querystring to any of the repository URLs.

The server has been configured to include PEP-658 metadata, even if the upstream repository does not include such metadata. This is done on the fly, and as a result the distribution will be temporarily downloaded to the server in order to extract and serve the metadata.

It is possible to use the resulting repository as input for the simple-repository-browser, which offers a web interface to browse and search packages in any simple package repository (PEP-503), inspired by PyPI / warehouse.

It is expected that as new features appear in the underlying simple-repository library, those which make general sense to enable by default will be introduced into the CLI without providing a mechanism to disable those features. For more control, please see the "Non CLI usage" section.

Non CLI usage

This project provides a number of tools in order to build a repository service using FastAPI. For cases when control of the repository configuration is required, and where details of the ASGI environment need more precise control, it is expected that simple-repository-server is used as a library instead of a CLI.

Currently the API for this functionality is under development, and will certainly change in the future.

License and Support

This code has been released under the MIT license. It is an initial prototype which is developed in-house, and not currently openly developed.

It is hoped that the release of this prototype will trigger interest from other parties that have similar needs. With sufficient collaborative interest there is the potential for the project to be openly developed, and to power Python package repositories across many domains.

Please get in touch at https://github.com/orgs/simple-repository/discussions to share how this project may be useful to you. This will help us to gauge the level of interest and provide valuable insight when deciding whether to commit future resources to the project.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

simple_repository_server-0.6.0.tar.gz (17.4 kB view hashes)

Uploaded Source

Built Distribution

simple_repository_server-0.6.0-py3-none-any.whl (22.0 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page