Proposal: Add support for private packages via token-authenticated downloads · Issue #18080 · pypi/warehouse (original) (raw)

Hi everyone! 👋

I’d like to suggest an enhancement to PyPI: supporting private packages, accessible only via authentication using the existing token system.

Currently, PyPI allows token-based upload permissions, but all published packages are public and downloadable by anyone. This proposal aims to expand the existing system to also handle authenticated downloads, enabling teams and organizations to host private/internal packages directly on PyPI.

✅ Key idea:

Add a visibility flag (public or private) to a project. If a project is marked private, only users with a valid scoped token can download its files via pip.

For example:

pip install --extra-index-url https://token:@pypi.org/simple my-private-package

🔒 What would be required:

• Modify Warehouse to respect package/project visibility during download requests
• Extend token scopes to optionally include download permissions
• Return 401/403 errors for unauthenticated download attempts
• Optionally add UI elements to set visibility when managing projects

💡 Benefits:

• Avoids needing third-party hosting (e.g. Artifactory, Nexus)
• Empowers smaller teams to manage internal packages securely
• Fully compatible with PyPI’s current auth infrastructure

I’ve also opened a discussion on discuss.python.org to explore the idea with the packaging community. I’d love to hear what the maintainers think — whether this is something that aligns with PyPI’s long-term goals, and if there are architectural or policy concerns.