PEP 708 - Extending the Repository API to Mitigate Dependency Confusion Attacks

I think a good short summary of this (and I trust @dstufft to correct me and @pelson to say if it’s not good) is that PEP 708 makes all PyPI-like indexes incompatible with each other, such that packages from one are not interchangeable with those from another even if they have the same name, and then provides two mechanisms to explicitly claim compatibility, either for the entire index or particular packages.

It’s definitely one of these cases where the basic fix is so trivial as to get little space in the PEP, and so it appears that the exceptional cases are actually the main ones.

So perhaps the first part of the specification needs a section like this:

Reject incompatible packages

When an installer is :

  • sourcing a package from multiple indexes, and
  • more than one index is able to provide any versions of a particular package, and
  • overriding metadata (specified below) is absent or inconsistent,

the installer MUST refuse to install the package.

For clarity, where only a single index is being used, or where only a single index provides the package, the installer should not reject it.

The remainder of this specification covers the “overriding metadata” that should be used by an installer to decide when a package may be installed from one of multiple indexes.

(Maybe add a point to that list for “and no user overrides” to allow installers to offer command line arguments or something?)

Good luck with your EuroPython session! If I’m free, I’ll try to come along. I covered the issue (briefly) in my session last year, so it’ll be great to see it followed up by an upstream fix.

4 Likes