Same package uploaded in private/public, which is chosen?

[agates4]

From this pip issue, https://github.com/pypa/pip/issues/8606

And this article outlining the security flaws, https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610

I have a few questions to clarify the pypicloud behavior:

• If a package is upload to the private pypicloud, and a malware package with the same name and version is uploaded to the public pip registry, which package would be installed?
• Is there a priority ordering?
• If the public repo has the greater version, and the requirements.txt does not specify a version, will the lower version be installed from the private registry?

Thank you for a great project!

[stevearc]

There are two configuration options that are designed to help with this: pypi.always_show_upstream and pypi.disallow_fallback.

The default behavior for always_show_upstream (false) is if pypicloud has any packages with a specific name, it will not show upstream versions of that package. This means that by default if you are using pypicloud you should not be vulnerable to this type of attack. Of course, if you're passing an additional index into your pip install command that opens it up again, but that has nothing to do with pypicloud.

If you must set pypi.always_show_upstream = true, the second option of pypi.disallow_fallback allows you to manually specify a list of package names that should never be fetched from upstream. As long as you specify your internal packages there, you should be good.