Make it possible to programmatically yank a release #12708
Labels
Comments
jefftlin123
added
feature request
requires triaging
di
removed
the
requires triaging
|
This would be great for testing purposes! Has there been any consideration of implementing this? Are there major blockers? |
This was referenced Oct 15, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What's the problem this feature will solve?
It doesn't seem possible to yank/unyank a release from outside of the pypi.org website's UI. For instance, it would be nice to do it from command line or from code.
Describe the solution you'd like
I would like to be able to make an http request that is the same as the one pypi makes when I click the yank release option in the dropdown menu on pypi.org's page for my package. Right now, the blockers to that are related to origin, referrer, and CSRF.
Additional context
I wrote this up as a question to find out if it's possible to programmatically yank my release: pypa/packaging-problems#633 A day of trying different options seems to suggest it's not possible. Attempting to curl from the command line gave:
<title>400 Bad CSRF Origin</title>400 Bad CSRF Origin
Access is denied. This server can not verify that the origin or referrer of your request matches the current site. Either your browser supplied the wrong Origin or Referrer or it did not supply one at all.Origin checking failed - missing Origin or Referer. %
This happened no matter the combination of other factors I changed from attempt to attempt, including obtaining the CSRF token using a GET operation and supplying both that and the cookie to the POST operation.
The text was updated successfully, but these errors were encountered: