Hi all, Sorry if this has come up before--I don't remember if it has. A recent question on StackOverflow [1] alerted to me to the fact that there is a package named "os" on PyPI: https://pypi.python.org/pypi/os
*Thankfully* it is: a) Malformed--the package tarball isn't built correctly and it doesn't install with pip b) Not (currently!) evil: It just raises a RuntimeError telling you not to "pip install os" That said, I think such packages should be prevented from being uploaded at all. Naturally, the list of stdlib modules is a moving target, but not *that* fast-moving. Conversely, I don't think new modules added to the stdlib should use the name of a package on PyPI, or at least should be prevented from being uploaded for Python versions equal to or later than the version in which that module was added to the stdlib. Thanks, Erik [1] https://stackoverflow.com/questions/46853112/python-pip-install-os-windows-errno-2
