Skip to content

Acceptable Use Policy

Short version: PyPI is a critical resource for the Python ecosystem, which hosts a variety of projects from a diverse group of users. That resource is only effective when our users are able to work together as part of a community in good faith. While using PyPI, you must comply with our Acceptable Use Policies, which include some restrictions on content and conduct on PyPI related to user safety, intellectual property, privacy, authenticity, and other limitations. In short, be excellent to each other.

We do not allow content or activity on PyPI that:

  • is unlawful or promotes unlawful activities;
  • is sexually obscene or relates to sexual exploitation or abuse, including of minors;
  • is libelous, defamatory, or fraudulent;
  • is discriminatory or abusive toward any individual or group;
  • is false, inaccurate, or intentionally deceptive information and likely to adversely affect the public interest (including health, safety, election integrity, and civic participation);
  • harasses or abuses another individual or group, including our employees, officers, and agents, or other users;
  • threatens or incites violence toward any individual or group, especially on the basis of who they are;
  • gratuitously depicts or glorifies violence, including violent images; or
  • is off-topic, or interacts with platform features in a way that significantly or repeatedly disrupts the experience of other users.
  • infringes any proprietary right of any party, including patent, trademark, trade secret, copyright, right of publicity, or other right;
  • unlawfully shares unauthorized product licensing keys, software for generating unauthorized product licensing keys, or software for bypassing checks for product licensing keys, including extension of a free license beyond its trial period;
  • impersonates any person or entity, including any of our employees or representatives, including through false association with PyPI, or by fraudulently misrepresenting your identity or site's purpose; or
  • violates the privacy of any third party, such as by posting another person's personal information without consent.
  • automated excessive bulk activity and coordinated inauthentic activity, such as
    • spamming
    • cryptocurrency mining;
  • bulk distribution of promotions and advertising prohibited by PyPI terms and policies;
  • inauthentic interactions, such as fake accounts and automated inauthentic activity;
  • uses obfuscation techniques to hide or mask functionality;
  • creation of or participation in secondary markets for the purpose of the proliferation of inauthentic activity;
  • using PyPI as a platform for propagating abuse on other platforms;
  • phishing or attempted phishing; or
  • using our servers for any form of excessive automated bulk activity, to place undue burden on our servers through automated means, or to relay any form of unsolicited advertising or solicitation through our servers, such as get-rich-quick schemes.

You are responsible for using PyPI in compliance with all applicable laws, regulations, and all of our Acceptable Use Policies. These policies may be updated from time to time and are provided below, as well as in our Terms of Use. You must not engage in activity that significantly harms other users. We will interpret our policies and resolve disputes in favor of protecting users as a whole.

Active Malware or Exploits

Being part of a community includes not taking advantage of other members of the community. We do not allow anyone to use our platform in direct support of unlawful attacks that cause technical harms, such as using PyPI as a means to deliver malicious executables or as attack infrastructure, for example by organizing denial of service attacks or managing command and control servers. Technical harms means overconsumption of resources, physical damage, downtime, denial of service, or data loss, with no implicit or explicit dual-use purpose prior to the abuse occurring.

Note that this includes dual-use content, including content that is used for research into vulnerabilities, malware, or exploits, including bug bounties. We consider PyPI to be a platform used primarily for installation and run-time use of code, and not for research.

Advertising

While we understand that you may want to promote your Content by posting supporters' names or logos in your Account, the primary focus of the Content posted in or through your Account to PyPI should not be advertising or promotional marketing. You may include static images, links, and promotional text in the project descriptions associated with your Account, but they must be related to the project you are hosting on PyPI.

You may not promote or distribute content or activity that is illegal or otherwise prohibited by our Terms of Use or Acceptable Use Policies, including excessive automated bulk activity (for example, spamming), get-rich-quick schemes, and misrepresentation or deception related to your promotion.

If you decide to post any promotional materials in your Account, you are solely responsible for complying with all applicable laws and regulations, including without limitation the U.S. Federal Trade Commission's Guidelines on Endorsements and Testimonials. We reserve the right to remove any promotional materials or advertisements that, in our sole discretion, violate any PyPI terms or policies.

Bullying and Harassment

We do not tolerate harassment, bullying, or abuse of any kind, whether directly or by encouraging others to take part in the prohibited conduct. This includes:

  • Targeted personal attacks
  • Piling on to or orchestrating disruptive activity in a way that amounts to abuse
  • Following another user around the platform in a manner that causes intimidation
  • Making sexual advances or comments directed at another individual
  • Disingenuously participating in conversation in a way that instigates conflict or undermines sincere discussion
  • Creating alternative accounts specifically to evade moderation action taken by PyPI staff or users

Please note, not all unwelcome conduct is necessarily considered harassment. For example, disagreeing with another user may not rise to the level of harassment on our platform. In addition, sharing criticism of public figures or projects, or topics of public interest, does not necessarily fall under this policy. However, we encourage you to be mindful in how you engage with other users and the platform, as this activity may still violate our restriction on disrupting the experience of other users.

Disrupting the Experience of Other Users

Being part of a community includes recognizing how your behavior affects others and engaging in meaningful and productive interactions with people and the platform they rely on.

We do not allow behavior that significantly or continually disrupts the experience of other users.

Please note that disruptive conduct may also violate other restrictions in our Acceptable Use Policies. For example, depending on the nature and severity of the activity, it may rise to the level of bullying and harassment.

Doxxing and Invasion of Privacy

Misuse of personal information is prohibited.

Any person, entity, or service collecting data from PyPI must comply with the Python Software Foundation Privacy Policy, particularly in regards to the collection of personal information. If you collect any personal information from PyPI, you agree that you will only use that personal information for the purpose for which that User has authorized it. You agree that you will reasonably secure any personal information you have gathered from PyPI, and you will respond promptly to complaints, removal requests, and "do not contact" requests from us or other users.

Additionally, don't post other people's personal information. This includes:

  • Personal, private email addresses
  • Phone numbers
  • Physical addresses or other private location information
  • Bank account information or credit card numbers
  • Social Security/National Identity numbers
  • Passwords
  • Voter information
  • Medical information and personal biometric data
  • Other private information that may pose a safety or security risk

We may consider other information, such as photos or videos that were taken or distributed without the subject's consent, to be an invasion of privacy, especially when such material presents a safety risk to the subject, such as in the case of intimidation or harassment.

PyPI will take context into account as well as whether the reported content is publicly available elsewhere. Please note, however, that while sharing publicly available content may not be a violation of this policy, if the information is shared with the intent to harass or incite other abusive behavior, it may violate our prohibition against bullying and harassment.

For more information, or to learn how to report a violation, see our Code of Conduct.

Hate Speech and Discrimination

PyPI does not tolerate speech that attacks or promotes hate toward an individual or group of people on the basis of who they are, including age, body size, ability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, sexual identity, or sexual orientation. This includes:

  • Mocking, attacking, or excluding a person or group based on their beliefs or the characteristics listed above
  • Displaying clear affiliation or identification with known terrorist or violent extremist organizations
  • Supporting or promoting hate groups or hate-based conspiracy theories
  • Sharing symbols or images synonymous with hate
  • Using harmful stereotypes, slurs, or dehumanizing speech
  • Attacking an individual based on their perceived gender
  • Dog whistling; or using coded or suggestive language and/or symbols to promote abuse or hate

While PyPI takes all instances of abuse and harassment on the platform seriously, we are especially committed to fighting hate-based abuse where it disproportionately affects communities that have historically been targeted by such abuse. We aim to make PyPI a place where all individuals feel welcome and safe.

Impersonation

You may not misrepresent your identity or your association with another person or organization. This includes doing any of the following in a way that misleads or deceives others:

  • Copying another user's avatar or other personal profile information
  • Posting content under another user's email address
  • Using a deceptively similar username, organization name, or project name
  • Otherwise posing as another individual or organization

Impersonation is a form of harassment and violation of this policy may lead to loss of access to your account.

Please note, having a username similar to another is not necessarily impersonation. PyPI will take context into account.

Misinformation and Disinformation

You may not post content that presents a distorted view of reality, whether it is inaccurate or false (misinformation) or is intentionally deceptive (disinformation), where such content is likely to result in harm to the public or to interfere with fair and equal opportunities for all to take part in a free and open society. This may include:

  • Inaccurate or scientifically unsupported medical claims that endanger public health or safety
  • Manipulated media, whether audio or visual, likely to mislead or deceive in a way that may harm the public interest
  • False or misleading content likely to interfere with an individual's ability to participate in civic activities
  • Unsubstantiated claims that could promote hate or targeted harassment of specific groups of people

We encourage active participation in the expression of ideas, perspectives, and experiences and may not be in a position to dispute personal accounts or observations. When reviewing content under this policy, PyPI will consider the impact of various factors that may help to orient the viewer, such as whether the content has been provided with clear disclaimers, citations to credible sources, or includes other details that clarify the accuracy of the information being shared.

Sexually Obscene Content

We do not tolerate content associated with sexual exploitation or abuse of another individual, including where minors are concerned. We do not allow sexually themed or suggestive content that serves little or no purpose other than to solicit an erotic or shocking response, particularly where that content is amplified by its placement in profiles or other social contexts. This includes:

  • Pornographic content
  • Non-consensual intimate imagery
  • Graphic depictions of sexual acts including photographs, video, animation, drawings, computer-generated images, or text-based content

We recognize that not all nudity or content related to sexuality is obscene. We may allow visual and/or textual depictions in artistic, educational, historical or journalistic contexts, or as it relates to victim advocacy. In some cases a disclaimer can help communicate the context of the project. However, please understand that we may choose to limit the content by giving users the option to opt in before viewing.

Threats of Violence and Gratuitously Violent Content

You may not use PyPI to organize, promote, encourage, threaten, or incite acts of violence. You may not post content that depicts or glorifies violence or physical harm against human beings or animals. This includes:

  • Threatening another individual or group with abuse, harm, sexual violence, or death
  • Posting text, imagery, or audio content glorifying or containing a graphic depiction of violence toward oneself, another individual, group, or animal
  • Encouraging another individual to engage in self harm

Usage Limits

PyPI generally does not impose resource limitations on any features. If we determine your usage of PyPI to be significantly excessive in relation to other users of similar features, we reserve the right to suspend your Account, throttle your requests, or otherwise limit your activity until you can reduce your usage.

You may not use our servers to disrupt or to attempt to disrupt, or to gain or to attempt to gain unauthorized access to, any service, device, data, account or network.

You may not use information from PyPI (whether scraped, collected through our API, or obtained otherwise) for spamming purposes, including for the purposes of sending unsolicited emails to users or selling personal information, such as to recruiters, headhunters, and job boards.

Scraping refers to extracting information from PyPI via an automated process, such as a bot or webcrawler. Scraping does not refer to the collection of information through our API.

Your use of information from PyPI must comply with the Python Software Foundation Privacy Policy.

Violations and Enforcement

PyPI retains full discretion to take action in response to a violation of these policies, including account suspension, account termination, or removal of content.

While the majority of interactions between individuals in PyPI’s community fall within our Acceptable Use Policies and Community Guidelines, violations of those policies do occur at times. When they do, PyPI staff may need to take enforcement action to address the violations. In all cases, these actions are permanent and there is no basis to reverse a moderation action taken by PyPI Staff.

Credits & License

This policy is based on GitHub’s Acceptable Use Policies and modified from its original form.

Licensed under the Creative Commons Attribution 4.0 International license.