-
Notifications
You must be signed in to change notification settings - Fork 1k
Description
Describe the bug
If you delete the most recent release of a project on test.pypi.org (and presumably also on pypi.org, I just don't want to spam that with useless packages) and then upload releases with larger version numbers, PyPI remains "stuck" on the now-deleted release forever: The project's public page keeps showing the deleted release as the most recent one and the newer ones can't be found in the release history either. They are only accessible for the package owner under "Manage project" and under their URLs with explicitly specified version numbers.
Most troublingly however, they're not listed in the index used by pip and it doesn't find the more recent releases even if you specify them explicitly (as in pip install pkg==most.recent.version
).
I created a demo project showing this behavior here. Version 0.1.1 was deleted, after which 0.1.2 was uploaded. It still shows 0.1.1 on the project's main page and 0.1.2 is missing in the release history.
Expected behavior
The project's main page, release history and index used by pip should list the releases uploaded after the deleted one.
To Reproduce
- Upload a dummy project to test.pypi.org at version 0.1.0.
- Upload another version of it, e.g. 0.1.1.
- In the PyPI web interface, delete this second version (if you delete the first version, the whole project will become inaccessible - probably a variant of this bug so I won't open another ticket for this).
- Upload another more recent release, e.g. 0.1.2.
- Notice that this latter release isn't anywhere to be found on the public-facing pages and index.
My Platform
Probably not relevant. Releases were uploaded with twine 4.0.1.
Additional context
This defeats the purpose of deletion, which is meant for (usually urgent) legal complaints and the like. Not only does the release not get deleted, it also becomes impossible to at least "hide it" behind more recent releases. Presumably the only recourse in such cases would be deleting the whole project.
Activity
di commentedon Sep 28, 2022
This is likely a duplicate of #12214
di commentedon Sep 28, 2022
Closing as a duplicate of #12214.