What's the problem this feature will solve?

It doesn't seem possible to yank/unyank a release from outside of the pypi.org website's UI. For instance, it would be nice to do it from command line or from code.

Describe the solution you'd like

I would like to be able to make an http request that is the same as the one pypi makes when I click the yank release option in the dropdown menu on pypi.org's page for my package. Right now, the blockers to that are related to origin, referrer, and CSRF.

Additional context

I wrote this up as a question to find out if it's possible to programmatically yank my release: pypa/packaging-problems#633 A day of trying different options seems to suggest it's not possible. Attempting to curl from the command line gave:

<title>400 Bad CSRF Origin</title>

400 Bad CSRF Origin

Access is denied. This server can not verify that the origin or referrer of your request matches the current site. Either your browser supplied the wrong Origin or Referrer or it did not supply one at all.

Origin checking failed - missing Origin or Referer. %

This happened no matter the combination of other factors I changed from attempt to attempt, including obtaining the CSRF token using a GET operation and supplying both that and the cookie to the POST operation.