Removing PGP from PyPI
If you are someone who is currently uploading signatures, your package uploads will continue to succeed, but any PGP signatures will be silently ignored. If you are someone who is currently downloading PGP signatures, existing signatures SHOULD continue to be available 1, but no new signatures will be made available. The related API fields such as
has_sighave all been hardcoded to always be
Source: Removing PGP from PyPI, an article by Donald Stufft.