I wondered if there is some tracking for differences between packages published on pypi, something that stores this information in a format similar to debdiff..

I failed to find something on the web, so created a little utility which watches the pypi changelog for new releaes and fetches the new and old version.

It uses diffoscope to create reports on the published releases and automatically pushes them to a github repository:

https://github.com/pypi-diff

Is it useful? I dont know, it may be handy for code review or maybe running different security scanners on it, to identify accidentaly pushed keys or other sensitive data.

Currently its pushing the changes for every released package every 10 minutes, lets see how far this can go just for fun :-)