For several months, daily downloads have been fairly constant, and have shown slow and steady growth. Throughout January and the end of February, the minimum was 23,383 and the maximum was 38,139. The highest ever was 39,153.
All of a sudden, on 4 March, we got 56, 225 downloads, up 48% on the previous day, and up 43% on the previous highest.
This continued rising. 5 March saw another new record of 60,324. 6 March saw slightly less at 52,879.
Broken down by the hour, you can see each day’s bell curve, and the massive increase during those three days:
Looking at the top 10 most downloaded packages on 3 March, the day before the spike started, you can see pycparser topped the bill with 1,908 downloads, followed by numpy with 896:
Here are the top 10 on 5 March, on the same scale:
Flask-Login is seeing nearly double the other three, which are all about the same.
On 3 March the total number of downloads for these four packages combined was just 130. Then 24,256 on 5 March:
So do these packages account for the spike alone?
It certainly seems so. Subtracting those four packages from the totals levels out the graph.
It’s also notable that all these additional downloads were for Python 2. Since many pure Python packages are “universal” wheels (Python 2 and 3 compatible), these wheels work for Python 2 users, whereas compiled packages like numpy are Python 3 only.
One oddity is that all of these packages are pure Python, so if they have wheels on PyPI, there’s no reason people wouldn’t get them from there. They would have to explicitly set piwheels as the main index, not just the additional index as per the Raspbian default.
Another oddity is that none of the dependency packages show up at all. Flask had just 16 downloads on 5 March.
We don’t know.
It could be that the maintainers of a Raspberry Pi project (perhaps something like OSMC or RetroPiE) just pushed an update to install or update these packages in particular, explicitly from piwheels, but not their dependencies. Sentry indicates it could be something related to monitoring.
Update: it seems the cause is OctoPrint – a web interface controller for 3D printers. They pushed an update recently which included updates to these packages. There are still some unanswered questions like why Flask-Login had double the number of requests, but hey!