@@ -1243,6 +1243,43 @@ A suggested approach:
12431243 compatibility.
12441244
12451245
1246+ .. _security-implications :
1247+
1248+ Security Implications
1249+ =====================
1250+
1251+ Does PEP 694 make it easier to (maliciously) register project names, i.e. to name- or typo-squat? The authors
1252+ do not believe so. With the legacy API, it's trivially easy to create and upload a dummy package to register
1253+ a project name. This PEP does not effectively change that equation either way, nor does it aim to. That
1254+ said, indexes such as PyPI could impose additional limitations on project registration activities, such as
1255+ rate limiting either the legacy API or Upload 2.0 API for empty packages or sessions. An index such as PyPI
1256+ which supports organizations or :pep: `752 `-style implicit namespaces, could implement different rate limiting
1257+ rules for different actors. Such implementations are left as index-specific policy decisions.
1258+
1259+ It's possible for a user with upload permissions at the start of a session to lose such permissions while a
1260+ session is open and before the entire session is published. Indexes should consider re-validating permissions
1261+ at key points during the session lifecycle, such as on artifact uploads, file upload session completion,
1262+ session extension requests, or at publish time.
1263+
1264+ Staged releases, while useful for testing and embargoes, do provide some potential for larger scale hosting of
1265+ malware which isn't detectable by third party, external scanning tools, because staged artifacts are only
1266+ visible to clients which hold the stage token/url. It's not clear how much proactive malware scanning is
1267+ actually going on today with indexes such as PyPI, so it's unclear whether the (optional) staging feature is
1268+ much of an additional malware vector. Indexes should likely do some amount of proactive malware scanning on
1269+ all artifacts, regardless of the protocol used to upload them. Indexes can also mitigate the problem by
1270+ putting limits on session extensions, which might differ between projects depending on the user or (in the
1271+ case of PyPI) organization which owns the project. Indexes can refuse to extend sessions, and they can use
1272+ this to limit the availability of packages with unverified contents.
1273+
1274+ Considering the testing and embargoed use cases may lead to different session expiry choices. Testing a
1275+ release can have a relatively short session lifespan, e.g. on the order of hours. Embargoed sessions may need
1276+ to be extended for several days or a few weeks. An index such as PyPI could use any number of criteria to
1277+ determine the total lifetime of any particular session, such as whether the credentials are a user or an
1278+ organization. An index could even support :ref: `index-specific-metadata ` to decide whether the testing or
1279+ embargoed use case is being employed.
1280+
1281+ .. _faq :
1282+
12461283FAQ
12471284===
12481285
@@ -1376,6 +1413,7 @@ Change History
13761413 * Add non-normative :ref: `Recommendations for Client Implementers <client-recommendations >` section
13771414 with suggested UX patterns for tools like twine, uv, and GitHub Actions.
13781415 * Add FAQ entries explaining why project name and version are required at session creation.
1416+ * Add a :ref: `security-implications ` section.
13791417
13801418* `06-Dec-2025 <https://discuss.python.org/t/pep-694-pypi-upload-api-2-0-round-2/101483/35 >`__
13811419
0 commit comments