PEP 541 Request: pdbfixer

[peastman]

Project to be claimed

pdbfixer: https://pypi.org/project/pdbfixer

Your PyPI username

peastman: https://pypi.org/user/peastman

Reasons for the request

I am trying to post a wheel for PDBFixer (https://github.com/openmm/pdbfixer). I am the lead developer of this project. The upload fails with the error

ERROR    HTTPError: 400 Bad Request from https://upload.pypi.org/legacy/                                                                                                
         The name 'pdbfixer' isn't allowed. See https://pypi.org/help/#project-name for more information.                                                               

I read the information at the cited URL, but it isn't clear to me what the problem is. There is no existing package at https://pypi.org/project/pdbfixer. It is not a package from the standard library, or any name that ought to be blocked.

Maintenance or replacement?

None

Source code repositories URLs

https://github.com/openmm/pdbfixer

Contact and additional research

So far as I can tell, there is no current package with the same name. I do not know why the upload fails.

Code of Conduct

• I agree to follow the PSF Code of Conduct

[peastman]

Can anyone help with this? As far as I can tell, there is no existing package with that name. But it tells me the name isn't allowed with no explanation of why. I'm at a loss for what to do about it.

[mattwthompson]

The project https://pypi.org/project/black-pdbfixer/ of similar name was uploaded by somebody other than @peastman, tagged with the wrong license (GPLv3, the project is actually MIT) and with dead and incorrect links for its homepage/bugtracker. I don't know how PyPI checks its uploads against existing projects, but something like hashing the tarball might be the cause of this error (or at least that seems more likely than pdbfixer being a forbidden name).

There is an email listed at that project which I can't find associated with any GitHub username: [email protected]

But fighting for that project name shouldn't be needed here, Peter is not trying to upload to black-pdbfixer

[ex-rzr]

@cap-jmk
Hi! Are you an uploader of https://pypi.org/project/black-pdbfixer/ ?
If you are, could you remove it to make possible to upload an official version?

[peastman]

Of course, we don't actually know that black-pdbfixer is what's causing the "name not allowed" error. That's just a guess.

[Thespi-Brain]

Hi @peastman,

The project name that you wanted is unfortunately a name that was marked as prohibited. A name can be deemed prohibited if it had posed a security risk before such as being associated with malware or any other malicious intent. We are working on determining future perceived risk to decide which prohibited names can be released and which ones will continue to stay in that bucket. Thanks for your patience.

[peastman]

Thanks for the reply. Is there anything I can do to help out?

This isn't a new project. We've been developing and distributing it under that name for over ten years (https://github.com/openmm/pdbfixer). We've also had it as a package with that name on conda-forge for over four years (https://anaconda.org/conda-forge/pdbfixer). If someone posted a malicious package on PyPI with that name, it was undoubtedly to catch people who were looking for the real PDBFixer.