← 返回首页
Get rid of atomicwrites (unmaintained) · Issue #10114 · pytest-dev/pytest · GitHub
Skip to content

Navigation Menu

Toggle navigation
Sign in
Appearance settings
Search or jump to...

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Saved searches

Use saved searches to filter your results more quickly

Appearance settings
Resetting focus

Get rid of atomicwrites (unmaintained) #10114

New issue
New issue

Description

PyPI has started enforcing 2-factor-auth for maintainers of various popular packages: https://twitter.com/pypi/status/1545455297388584960

For context, here is the mail I got:

Congratulations! A project you ('The_Compiler') maintain has been designated as a critical project on PyPI. You can see which project(s) has been designated at http://pypi.org/manage/projects/.

As part of this effort, in the coming months maintainers of projects designated as critical, like yourself, will be required to enable two-factor authentication on their account in order to add new releases or otherwise modify a critical
project.

Since you already have two-factor authentication enabled on your account, there's nothing you need to do at this time.

PS: To make it easier for maintainers like you to enable two-factor authentication, we're also distributing security keys to eligible maintainers. See http://pypi.org/security-key-giveaway/ for more details.

Unfortunately, this has caused the maintainer of atomicwrites to go on what I can only describe as a rampage, first deleting the project from PyPI (and then finding out it's not possible to restore it): untitaker/python-atomicwrites#61

...to then simply declare the project as unmaintained outright: untitaker/python-atomicwrites@d183284

No matter what the outcome of this will be, IMHO, given those actions I do not feel comfortable with trusting this dependency for something as popular as pytest.

The library itself is relatively simple, and we only use it on Windows. It's MIT-licensed. Should we just copy the parts we need into pytest instead?

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions

  • Open in GitHub Copilot app

Footer

© 2026 GitHub, Inc.