
Show HN: PyDist – Private Python Package Hosting - alexbecker
https://pydist.com
======
mariocesar
Charging for uploads and downloads? isn't that making the whole service
inconvenient

It says 2000 monthly downloads. I will consume that in a single day with my
automated CI pipeline. Is hard to take this into consideration.

Uploads and downloads makes sense to be unlimited. At least having bandwidth
limits like any basic hosting service.

~~~
hic
Wouldn't be enough to get unlimited downloads? Upper cap on the uploads often
does not affect CI pipelines, unless CI includes packaging (which I would
rather push toward CD).

------
whitehouse3
> Helpful

> Browse your packages and read their documentation just like on the public
> Python Package Index.

I don't remember the last time I read package information from pypi. It's all
on Github or readthedocs or similar. And given that it isn't especially
difficult to host your own index [0] or make docker images with all the
dependencies pre-installed, I don't see how this justifies the price.

If it were available as an extension on Github or a self-hosted git server
solution like GitLab, Gitea or Bitbucket, then that would be more interesting
to me.

[0]: [https://packaging.python.org/guides/hosting-your-own-
index/](https://packaging.python.org/guides/hosting-your-own-index/)

------
FluffyKitty
For those looking to secure their systems from external source failures, I'd
recommend taking a look at Sonatype's Nexus Repository [1]. It supports a wide
range of package sources and has the option to self-host.

I almost didn't know that Github was down the other day because all the
packages I was using were already cached on Nexus.

[1] [https://www.sonatype.com/nexus-repository-software-
component...](https://www.sonatype.com/nexus-repository-software-component-
management)

~~~
toomuchtodo
It’ll also host Docker containers.

------
somada141
I've used DevPi [1] in my previous job while my current team uses Artifactory
[2] and both are pretty decent solutions while the latter of course is rather
expensive.

Personally I've found DevPi to be more than sufficient for a small-medium team
that can spare a little time to set it up and maintain it but PyDist's pricing
plans would make it an attractive alternative (except for that download limit,
that won't fly).

That being said I wonder how a service like this will fare once the GitHub
Package Registry [3] becomes mainstream and introduces Python support.

[1] [https://github.com/devpi/devpi](https://github.com/devpi/devpi) [2]
[https://jfrog.com/artifactory/](https://jfrog.com/artifactory/) [3]
[https://github.com/features/package-
registry](https://github.com/features/package-registry)

------
bb88
No offense, but I'm getting to the point of hating free trials.

Why?

1\. Because you're fixed in an arbitrary point of time, which means you have
to focus on the free trial above other things, many of which might deliver
higher value.

2\. If you decide to not use it, it's wasted time. Like a design decision that
you don't discover that's a showstopper 40 hours into the trial.

3\. 14 days really isn't a good metric to decide if it's worth using your
service or not. You may not see real issues until you get at least a month
into the service.

4\. Anyone who is seriously considering purchasing the service isn't going to
bat an eye at the actual cost.

------
luhn
It says it mirrors PyPI. Does that mean I can use --index-url rather than
--extra-index-url? The latter has some properties that make it less than ideal
for private packages.

~~~
alexbecker
Yes, you can use --index-url.

I assume you're referring to how --extra-index-url means that pip will
randomly choose which index to try to install from, potentially installing a
public package by the same name instead of your private package?

------
philipov
I 'like' how instead of _Pricing_ , the link to the pricing is ambiguously
titled _Plans_ , as if it were a link to their project roadmap instead of a
payed service.

~~~
jsty
Perhaps I'm unusual in this regard, but in the context of software I'd
interpret 'plans' as shorthand for 'pricing plans'. I certainly can't recall
having regularly seen 'plan' substituted for 'roadmap' with regards software
development.

~~~
philipov
Project Plan, Testing Plan, Upgrade Plan

"A plan is typically any diagram or list of steps with details of timing and
resources, used to achieve an objective to do something. See also strategy. It
is commonly understood as a temporal set of intended actions through which one
expects to achieve a goal."

~~~
hnarn
I'd argue that you're playing dumb when you're saying that it's equally likely
to interpret "Plans" in this context as any of the examples you mention rather
than "Pricing Plans". Come on. Do you see a lot of similar pages that link you
to their "Plans" and you end up in their public roadmap(s!) because they meant
project plan(s!)? Or their testing procedures? No. Because landing pages are
customer-centric.

~~~
philipov
Call me dumb if you want, but I was genuinely expecting to see a roadmap,
because I would have never expected someone to try to charge for something
like this.

~~~
alexbecker
Why would you not expect someone to charge for this? There are many services
that charge for hosting private packages (rather than making them public to
the world); I'm not aware of _any_ service that does so for free.

~~~
philipov
I read private, and didn't notice the word hosting, so I thought it was an on-
prem package indexing. Uploading their proprietary code to some random hosting
provider isn't something that would fly with any of my clients, so I didn't
expect that. Whenever I see a product landing page with pricing, they title it
Pricing, so calling it something else sounds like someone playing coy with the
fact they're a payed product. Compare with Artifactory, which is up-front
about it, and offers much more than just a package index.

------
JulianWasTaken
Nice work.

Obligatory question: how does it compare to DevPI?

~~~
alexbecker
DevPi is a good solution if you want to self-host a Python package index.
PyDist has some additional features like API keys and download statistics
which I think are nice, but the main selling point is that you don't have to
set up and maintain it yourself.

