This is my first time using an email mailing list so please inform me if this is not the proper channel. I'm packaging a python application which depends on LXML. As you're all aware, installing this library on Windows is not the most straightforward thing due to its laughable lack of pre-installed build tools. This can be circumvented in several ways which are well documented by LXML, however, as noted in the website, asking end users to install these tools to build it from source is usually not feasible. While researching this issue I learned the UCI website maintains Windows specific wheels which allow automating the process of installing them through PIP.

Having these wheel files is great because it completely lifts the burden of fetching and building the dependencies from the user, they can be integrated with the default pyproject.toml format and are installed automatically as any other dependency. However, due to PyPI's stupid requirement of not allowing direct links as stated dependencies, I cannot publish my package there using this method, as the UCI website is not a trusted a source. I was wondering if there was some way you could publish these Windows specific wheels on PyPI so it's easier for other PyPI projects which depend on this library to package for Windows. This also seems beneficial from a security perspective, since many people end up relying on an external source for precompiled binaries which are not necessarily trustworthy. I can't speculate, but there are several StackOverflow answers with hundreds of thousands of views which point to that website as the most reliable way of installing LXML on Windows, and should anyone upload malicious code there, it could be a problem.