PyPI Package Registry

Publish PyPI packages for your user or organization.

Requirements

To work with the PyPI package registry, you need to use the tools pip to consume and twine to publish packages.

Configuring the package registry

To register the package registry you need to edit your local ~/.pypirc file. Add

[distutils]
  index-servers =
    {server}

[{server}]
repository = https://forgejo.example.com/api/packages/{owner}/pypi
username = {username}
password = {access_token}

Placeholder	Description
`server`	Freely chosen name of the index server, e.g., `forgejo`.
`owner`	The owner of the package.
`username`	Your Forgejo username.
`access_token`	Your personal access token.

Publish a package

Publish a package by running the following command:

python -m twine upload --skip-existing --repository {server} /path/to/dist/*

The package files have the extensions .tar.gz and .whl.

You cannot publish a package if a package of the same name and version already exists. You must delete the existing package first.

Install a package

To install a public PyPI package from the package registry without dependencies, execute the following command:

pip install --index-url https://forgejo.example.com/api/packages/{owner}/pypi/simple --no-deps {package_name}

If the package has dependencies on the official PyPI repository, use:

pip install --index-url https://forgejo.example.com/api/packages/{owner}/pypi/simple --extra-index-url https://pypi.org/simple {package_name}

This will look for the package and its dependencies first in the owner’s PyPI repository and then, if not found, in the official PyPI repository.

A private PyPI package can be installed with:

pip install --index-url https://{username}:{access_token}@forgejo.example.com/api/packages/{owner}/pypi/simple --no-deps {package_name}

Parameter	Description
`username`	Your Forgejo username.
`access_token`	Your personal access token.
`owner`	The owner of the package.
`package_name`	The package name.

For example:

pip install --index-url https://testuser:password123@forgejo.example.com/api/packages/testuser/pypi/simple --no-deps test_package

You can use --extra-index-url instead of --index-url but that makes you vulnerable to dependency confusion attacks because pip checks the official PyPI repository for the package before it checks the specified custom repository. Read the pip docs for more information.