https://t.co/YGs3v1bw6A now enforces that users with 2FA enabled must use an API token or Trusted Publisher configuration in place of their passwords. Read the announcement and details at:

Happy Friday! It has been a busy week on our blog, but we're wrapping it up with an update on some of the work that's been going on in the background lately to ensure the privacy and security of PyPI users: https://t.co/19ObwiSmmG

An important update on our efforts to secure PyPI with multi-factor authentication:

The PSF was subpoenaed for the first time in March/April 2023 for for PyPI user data. Read our transparency blog post here:

New user and new project registrations on PyPI are temporarily suspended. See details at

PEP 658 has finally landed on PyPI! Wheels uploaded as of about 15 minutes ago now have the appropriate information served from the simple APIs, and METADATA files available on https://t.co/hVzzMojVbA.

Thanks to @awscloud, @ThePSF is hiring for a Safety and Security Engineer focused on PyPI! Read about how the role will be funded, what will be worked on, and how to apply at

We’re very glad you’re here. https://t.co/7nIGlHtoQP

Big thanks and a shoutout to @AWSOpen for providing credits to operate our backends on @awscloud since the re-launch on the warehouse codebase in 2018.

The PyPA has voted to accept two new member projects: https://t.co/iX9r0T3oeI & the corresponding GitHub action, https://t.co/RVlB80Qkpx 🎉 pip-audit audits Python environments and dependency trees for known vulnerabilities, and the action lets you easily run these audits in CI.

Incident report on malicious takeover of ctx package on PyPI has been published. Read details, mitigation, analysis, and more at

It's #GivingTuesday Become a Supporting Member of the Python Software Foundation! Donate to the PSF to further the development and adoption of Python. Your donation helps support sprints, meet-ups, and community events. https://t.co/SCpAo46i7p

Get paid to work on PyPI! One week left to submit your proposal!

One week left to respond to this request for proposals to fulfill paid contract work on @pypi!

In total PyPI served 324.1 petabytes in 2021, that's an average bandwidth of 82.2 Gbps for the entire year. We and the entire Python community owe @fastly immense gratitude for providing this CDN service, their support makes PyPI as you know it possible.

We are hiring two contract developers to build organization accounts for @PyPI. This is a unique opportunity to flex your skills and develop next-gen features for PyPI. More details at

Second question! How much bandwidth does it take to serve 126,545,477,066 downloads in a year?

The answer is: One hundred twenty-six billion five hundred forty-five million seven hundred seventy thousand and sixty-six downloads accounted for in 2021. 126,545,477,066 Thanks @googlecloud BigQuery for making it possible for us to track this scale.

Without phoning a friend (or querying the world wide web)... How many downloads do you think PyPI served in 2021?

The PSF conducted three surveys to gather community requirements that would drive future development. The feedback summary is available on @ThePSF's blog: