We have not seen a return of the traffic that caused this incident after removing the temporary block. We will open a new incident if we need to take action again.
Posted 2 months ago. May 27, 2025 - 12:53 UTC
Update
We have removed the temporary block and are continuing to monitor.
Posted 2 months ago. May 25, 2025 - 12:16 UTC
Monitoring
Our block is in place and systems are stable, but we are not satisfied with having to block such a generic user-agent. If you are aware of a system that began a mass crawl of PyPI's JSON release endpoints starting at around 22:05 UTC 2025-05-25, please contact admin@pypi.org.
Posted 2 months ago. May 24, 2025 - 23:54 UTC
Update
We have identified a flood of requests from a cluster using the `python-requests/2.32.3` User-Agent, and attempting to hit all JSON project/releasese en masse.
This causes excessive cache misses, which are overwhelming our backends. A temporary block has been put in place.
Posted 2 months ago. May 24, 2025 - 23:37 UTC
Identified
We have identified a large increase in CDN cache misses causing excess load on our backends. We are working to determine the reason for this increase.
Posted 2 months ago. May 24, 2025 - 23:11 UTC
Investigating
We are working to investigate a partial outage in the PyPI backends.
Posted 2 months ago. May 24, 2025 - 22:57 UTC
This incident affected: PyPI (pypi.org - Backends).