Open sarahwooders opened 11 months ago
Hi - I would like to follow up on this. The "creators" of the the memgpt
pypi project emailed me back, asking for compensation in exchange for the pypi project name. I am disappointed that my support request has been ignored, enabling supposed web3 scam artists to try to extort money from us in exchange for not misleading our users to download whatever software they might hight be distributing through memgpt
.
Their "project" continues to get downloads by people being mislead to think they are downloading MemGPT, exposing developers to potential malware.
Project to be claimed
memgpt
: https://pypi.org/project/memgpt/Your PyPI username
swooders
: https://pypi.org/user/swooders/Reasons for the request
We released a project around October 16th, 2023 (HN Post, Github). A few days later, we decided to create a pip package, however found that someone else had already registered the name "memgpt" (link) on October 16th, 2023. We emailed the owner of the PyPI project, however did not receive a response. We instead created a package called
pymemgpt
, however many of our users are still accidentally downloadingmemgpt
package (~50 per day, as seen on PyPI stats).We are concerned about our users potentially being exposed to malware when they download the
memgpt
package, thinking it is a package released by us when it is actually not. Furthermore, it has been quite inconvenient to have to redirect users to downloading the correct package name "pymemgpt", just because the "memgpt" was registered on the day of our release. It would be create if we could use the "memgpt" package name both for our users' safety and for our own convenience.Maintenance or replacement?
Replacement
Source code repositories URLs
The current project at "mempt" has no associated project repo (https://pypi.org/project/memgpt/#description)
Our project repo: https://github.com/cpacker/MemGPT/tree/main/memgpt
Contact and additional research
contact memgpt.pdf
Code of Conduct