PyPI Confusing Names

Confusing Names in PyPI occurs when the name in the setup.py file is not between the exposed packages via the packages property.

If the name is different a developer could add a dependency with one of the package’s exposed name and if the dependency exists in PyPI repository, it could contain malicious code.

If you create a package to use it in other projects, the name should be the principal exposed package name to avoid confusing in the developers that will use this package.