{"id":"pypiserver-pypiserver","name":"pypiserver","homepage":"https://hub.docker.com/r/pypiserver/pypiserver","repo_url":"https://hub.docker.com/r/pypiserver/pypiserver","category":"infrastructure","subcategories":[],"tags":["python","pypi-compatible","package-index","self-hosted","artifact-repository"],"what_it_does":"pypiserver is a self-hosted PyPI-compatible package index/server that allows publishing and serving Python package artifacts (sdists/wheels) over HTTP, typically used for internal/private Python package distribution.","use_cases":["Internal/private Python package repositories for a company or project","Air-gapped or restricted-network environments where PyPI access is limited","Caching/mirroring and controlled distribution of Python packages for CI/CD","Hosting proprietary wheels/sdists for internal consumption"],"not_for":["Public package distribution with strong SaaS-style guarantees and managed security","Use cases requiring advanced multi-tenant authorization and fine-grained per-user package permissions","Workloads needing a fully featured package hosting platform (beyond PyPI compatibility) with comprehensive governance tooling"],"best_when":"You want a lightweight, self-hosted PyPI-compatible endpoint for controlled distribution of Python packages in your own infrastructure.","avoid_when":"You cannot operate and maintain a web service (TLS termination, backups, upgrades, monitoring) or you require enterprise-grade access control auditing out of the box.","alternatives":["devpi","Sonatype Nexus Repository","JFrog Artifactory","Google Cloud Artifact Registry (PyPI support)","AWS CodeArtifact"],"af_score":34.0,"security_score":43.8,"reliability_score":36.2,"package_type":"mcp_server","discovery_source":["docker_mcp"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T15:19:21.904795+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":false,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["HTTP basic authentication (commonly for upload endpoints in PyPI-compatible servers)"],"oauth":false,"scopes":false,"notes":"Authentication, if enabled, is typically configured for publishing/upload operations rather than for all read-only package listing/download traffic."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"Self-hosted open-source software; costs are operational (infrastructure, storage, maintenance)."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":34.0,"security_score":43.8,"reliability_score":36.2,"mcp_server_quality":0.0,"documentation_accuracy":35.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":55.0,"rate_limit_clarity":15.0,"tls_enforcement":60.0,"auth_strength":45.0,"scope_granularity":15.0,"dependency_hygiene":50.0,"secret_handling":50.0,"security_notes":"Security posture depends heavily on deployment: use TLS (HTTPS) via a reverse proxy, store credentials securely, and restrict upload endpoints. Package servers often have coarse auth and may not provide fine-grained scopes by default.","uptime_documented":20.0,"version_stability":55.0,"breaking_changes_history":40.0,"error_recovery":30.0,"idempotency_support":"false","idempotency_notes":null,"pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["No MCP/SDK: agents must interact via HTTP/standard Python tooling (pip) rather than a dedicated agent interface.","Operations for publishing may not be naturally idempotent depending on server configuration (re-upload behavior can vary).","Agent workflows should avoid scraping assumptions about HTML structure for simple index endpoints unless documented, and prefer pip-compatible interactions."]}}