The project could have pinned the version and downloaded from pypi rather than repackaging.

This isn’t a situation of “can do” it was “is it nice to do.”

And the author mentioned that he’s changing the license to prevent it so it no longer becomes possible legally.

I typically don’t like authors demanding stuff outside their license, but this started as a simple technical/community request to not do something dumb and escalated.