Cross-platform port management, major Python packaging speedups, and AI-driven impacts on developer companies exemplified by Tailwind's deep revenue and staff losses.
Improving security and integrity of Python package archives
ZIP and tar features can be abused to cause inconsistent package contents, threatening Python packaging integrity and requiring coordinated remediation and protections.
Poetry is an all-in-one Python project manager providing deterministic dependencies, virtual environment handling, and simplified building, packaging, and publishing to PyPI.
pyx - the other side of the uv coin (announcing pyx)
Pyx is a Python-native package registry that mirrors PyPI, works with pip and uv, and enables faster, more predictable installs via smart client-server cooperation.
Use uv via its project model to manage environments, Python versions, and dependencies rather than substituting it for pip or installing packages globally.