by Alex Becker

Announcing PyDist—NPM for Python

I love Python. It lets me focus on what I need to get done and makes me a more productive software engineer. A large part of that is because of its package ecosystem. Pretty much anything I need to do has a package for it—usually a good one! One at a time these have made their way into my dependencies, and it's let me get a lot done very quickly.

That being said, Python's story for managing dependencies leaves a lot to be desired. I have my fair share of gripes about Javascript, but I have to grant NPM does a much better job than PyPI and pip. Frustrated, I ended up on a year-long deep-dive into the world of Python packaging, which has culminated in the launch of PyDist, my answer to NPM.

Python, it turns out, has a much more complicated packaging ecosystem than NPM for a couple of reasons:

Before PyDist, I created a package management client called dotlock. It locks down to the level of distributions instead of just releases, and it uses dependency information instead of executing setup.py when it is available through PyPI. But using a new client is a lot of friction, and there are still so many problems it can't solve:

That's why I created PyDist. It mirrors the public PyPI index, and keeps packages and releases that have been deleted from PyPI. It allows organizations to upload their own private dependencies, and seamlessly create private forks of public packages. And it integrates with standard Python tools almost as well as PyPI does.

But closing the gap with NPM is just the beginning. By controlling the index, I can do so much more for users:

So far I've only implemented the first of these features, which is PyDist's Insights page. I'm sure this list will grow and get re-ordered as I talk to users. I'm excited to see where it goes, and I hope you will be too.