What happened to 0.3.27 and 0.3.26?

[zoltan-fedor]

Hey, I came here from PyPI after one of our deployments complained about croniter 0.3.27 is no longer being available on PyPI. What happened? Why that earlier recent 8 days old version was pulled suddenly? Thanks

[artem-panchenko]

Same question about 0.3.26.

[gerardo-orozco]

and 0.3.21... what is the reasoning behind removing older releases from pypi?

[DiggidyDave]

Removing releases is a no-no. Can we depend on this library going forward?

[ellieayla]

Also had builds fail today, with 0.3.27 pinned. https://github.com/taichino/croniter/issues/119 is where https://pypi.org/project/croniter/0.3.27/ was stated released, and that issue is also explicitly in the 0.3.29 release notes. @kiorky what happened here?

[efokschaner]

This line of this commit (https://github.com/kiorky/croniter/commit/b57519eba539ac296d64fc7d16ce6ee88f0d28ff#diff-b6190f052518a40f7418a056047abbd3R8) makes me wonder if there was some kind of intentional history re-write / unpublish which raises more questions than it answers.

[ellieayla]

I haven't found any mention of 0.3.27 in commit history; was there also a force push?

[fbpcchen]

Plz tell me what happened to 0.3.27 ！！！

[ojhilt]

Deleting old versions can have serious consequences on deployments and while this thankfully hasn't caused us any downtime it could have over a long weekend or something like that. PLEASE respect the community and DO NOT delete old releases, this is one of the major causes of problems in Python in general and ideally should be prevented at the PyPi level.

[kiorky]

security pb in readme, you have to upgrade to new release.

[kiorky]

I tried to reupload fixed tarballs to pypi but its can't be done anymore (see their tracker, it's "on purpose") ...

[kiorky]

You can find fixed artefacts for both versions:

• 0.3.27
• 0.3.26

[kiorky]

@gerardo-orozco 0.3.21 never existed.

[surbas]

Sorry having trouble finding the "security pb". What was the security issue? Also amazing library!

[kiorky]

information leak; no problem in the library itself.

[kiorky]

Repost of my previous comment to be very clear:

• 0.3.29 has only a rewrotten README, no code change in the library from what was in 0.3.27.
• I though that was clear by the changelog entry
• Pypi lets you delete artefacts, but the problem is that it was a time you could reupload artefacts, it's impossible for now. What's funny is that i was trapped becaused the delete was already done. I dont understand their reasonning, release must not be touched at any cost, at 99%, but there are still legit use cases to do it. For further details, you can search for the issue 74 in "github/pypa/packaging-problems" (not putting a direct link on purpose).

You can find fixed artefacts for both versions:

• 0.3.27
• 0.3.26

[DiggidyDave]

Thanks for the info!