Introducing our new Terms of Service
We're introducing a new Terms of Service to formalize our relationship to users and enable us to move forward with providing new features and services, specifically Organization Accounts.
The PyPI Blog
PyPI Now Supports Project Archival
Support for marking projects as archived has landed on PyPI. Maintainers can now archive a project to let users know that the project is not expected to receive any more updates.
This allows users to make better decisions about which packages they depend on, especially regarding supply-chain security, since archived projects clearly signal that no future security fixes or maintenance should be expected.
Project Quarantine
Earlier this year, I wrote briefly about new functionality added to PyPI, the ability to quarantine projects. This feature allows PyPI administrators to mark a project as potentially harmful, and prevent it from being easily installed by users to prevent further harm.
In this post I'll discuss the implementation, and further improvements to come.
Supply-chain attack analysis: Ultralytics
Last week, the Python project “ultralytics” suffered a supply-chain attack through a compromise of the projects’ GitHub Actions workflows and subsequently its PyPI API token. No security flaw in PyPI was used to execute this attack. Versions 8.3.41, 8.3.42, 8.3.45, and 8.3.46 were affected and have been removed from PyPI.
Malware Package Analysis: aiocpa
On 2024-11-21, PyPI was notified about a malware attack with few details. Upon further investigation, we found that the maintainer was injecting obfuscated code that will exfiltrate credentials to a specific Telegram bot. The credentials include tokens, API servers, and other Crypto Pay-related data, and it is unknown to PyPI Security whether these have been used in any manner.
The project has been removed from PyPI.
If you have installed any versions of aiocpa,
audit your usage of the library and consider alternatives.
This may also appear as cryptopay on disk,
as that's the internal name of this particular module --
which is not the same as the PyPI package cryptopay
-- a completely different package.
PyPI now supports digital attestations
PyPI package maintainers can now publish signed digital attestations when publishing, in order to further increase trust in the supply-chain security of their projects. Additionally, a new API is available for consumers and installers to verify published attestations.
Many projects have already begun publishing attestations, with more than 20,000 attestations already published.
This finalizes PyPI's support for PEP 740, and follows directly from previous work to add support for Trusted Publishing, as well as the deprecation and removal of PGP signatures.
Safety & Security Engineer: First Year in Review
Hello reader! It's me, Mike, and it's been just over a year since I posted about joining the PSF as the Safety & Security Engineer for the Python Package Index (PyPI).
I wanted to take a moment to reflect on the past year, and share some of the things I've been working on.
Incident Report: Leaked GitHub Personal Access Token
On June 28, 2024 security@pypi.org and I (Ee Durbin) were notified of
a leaked GitHub Personal Access Token for my GitHub user account, ewdurbin.
This token was immediately revoked,
and a review of my GitHub account and activity was performed.
No indicators of malicious activity were found.
Prohibiting Outlook email domains
In response to ongoing mass bot account registrations, Outlook domains
outlook.com and hotmail.com have been prohibited from
new associations with PyPI accounts.
This includes new registrations as well as adding as additional addresses.
Expanding Trusted Publisher Support
Starting today, PyPI package maintainers can publish via Trusted Publishing from three additional providers:
- GitLab CI/CD
- Google Cloud
- ActiveState
These providers join existing support for publishing from GitHub Actions without long-lived passwords or API tokens, which we announced last year, and bring support for Trusted Publishing to even more hosted providers.