⚠️⚠️⚠️ The sklearn PyPI package is deprecated use scikit-learn instead ⚠️⚠️⚠️
pip install scikit-learn rather than pip install sklearnsklearn by scikit-learn in your pip requirements files
(requirements.txt, setup.py, setup.cfg, Pipfile, etc ...)sklearn package is used by one of your dependencies
it would be great if you take some time to track which package uses
sklearn instead of scikit-learn and report it to their issue trackerSKLEARN_ALLOW_DEPRECATED_SKLEARN_PACKAGE_INSTALL=True to avoid this errorsklearn package on PyPI exists to prevent malicious actors from using the
sklearn package, since sklearn (the import name) and scikit-learn (the
project name) are sometimes used interchangeably. scikit-learn is the actual
package name and should be used with pip, e.g. for:
pip install scikit-learnrequirements.txt, setup.py, setup.cfg,
Pipfile, etc ...)At the time of writing (October 2022) sklearn downloads is about 1/5 of the
scikit-learn downloads on PyPI so a lot of people are using it.
There are some edge cases with the way the PyPI sklearn package is
implemented:
pip install sklearn==1.1.3 will say that the 1.1.3 version does not exist,
which is confusing. The only available version at the time of writing of
sklearn is 0.0.pip uninstall sklearn will actually not uninstall scikit-learn, you can
still do import sklearn afterwardssklearn and scikit-learn in the pip list output, prompting questions like "why do I have scikit-learn 1.1.3 and
sklearn 0.0, and what does it even mean"?Starting 2023 December 1st, trying to install the sklearn PyPI package will
raise an error.
The following table shows the historical brownout schedule that was used between 2022 December 1st and 2023 December 1st, in order to get more people aware of the deprecation.
| Dates | Window(s) |
|---|---|
| 2022 December 1st - 2023 January 31st | :00-:05 every hour |
| 2023 February 1st - March 31st | :00-:10 every hour |
| 2023 April 1st - May 31st | :00-:15 every hour |
| 2023 June 1st - July 31st | :00-:10 and :30-:40 every hour |
| 2023 August 1st - September 30th | :00-:15 and :30-:45 every hour |
| 2023 October 1st - November 30th | :00-:20 and :30-:50 every hour |
| 2023 December 1st onwards | always raise an exception |
FAQs
deprecated sklearn package, use scikit-learn instead
We found that sklearn demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.