Open
Description
PyPI has introduced organizations back in April 2023 - https://blog.pypi.org/posts/2023-04-23-introducing-pypi-organizations, and this is intended to make it easier to handle permissions for 'larger' projects like PyGMT that have multiple maintainers.
This issue is to discuss about whether we should open up a PyPI organization for PyGMT.
- Considering that there's only 1 PyGMT package on PyPI, maybe we don't really need an organization? But if we do decide to publish multiple wheels/packages under different names (xref Distribute PyGMT wheels with libgmt included #1853), then it might make sense to setup a PyPI organization.
- This is similar to Ensure all maintainers can publish PyGMT to Zenodo and make a DOI #601, but for PyPI. Unlike Zenodo though, we've set-up automatic publishing for a while already (most recently with an OIDC token at Publish to TestPyPI and PyPI via OpenID Connect token #2453), so there's almost no need to log in to PyPI ever (to publish wheels), but we might still need to log in to add/remove maintainers.
- There might be other benefits to a PyPI organization over no organization, e.g. more specific roles with fine-grained permissions at a member/manager/owner level, see https://docs.pypi.org/organization-accounts/roles-entities/#project-roles
cc @leouieda, @seisman and @weiji14 who are currently maintainers on PyGMT's PyPI page at https://pypi.org/project/pygmt. Also welcome comments from other PyGMT maintainers.