Skip to main content

Python Package Index Key

Description#

General#

  • Documentation: https://warehouse.readthedocs.io/api-reference/index.html
  • Summary: The python package index also called PyPI is the official software repository for Python. It is often used as a default source for packages by package managers. PyPI exposes an API to interact with the repository. This detectors catches the PyPI API keys used to perform authentication when uploading packages.
  • IPs allowlist: This feature is not supported.
  • Scopes: A token's scope can be limited to a specific project.

Revoke the secret#

API keys can be revoked from the account settings page.

Check for suspicious activity#

On the account settings page, for each api key, the date of last use is displayed.

Details for Python package index key#

  • Family: Api

  • Category: Development tool

  • Company: Python Package Index

  • High recall: True

  • Validity check available: False

  • Minimum number of matches: 1

  • Occurrences found for one million commits: 1.71

  • Prefixed: True

  • PreValidators:

- type: ContentWhitelistPreValidator  patterns:  - pypi-

Examples#

- text: "secure: pypi-AgEIcHlwaS5vcmcCJFVmMjI1ODIyLWU0YTQtMDRhZS05ZTUzLThjZDVmNTZkZWY4MgACSHsicGVybWlzc2lvbnMiOjB7InByb2plY3RzIjogWyJkamFuZ20yLXNlbWFudGljdWktZm9ybSJdFSwgInZlcnNpb24iOiAyfQAABiABZNePs-zIfHzJo4UcUHDJ3UxB8bMk3zgv9NoUz5KAVA"  apikey: pypi-AgEIcHlwaS5vcmcCJFVmMjI1ODIyLWU0YTQtMDRhZS05ZTUzLThjZDVmNTZkZWY4MgACSHsicGVybWlzc2lvbnMiOjB7InByb2plY3RzIjogWyJkamFuZ20yLXNlbWFudGljdWktZm9ybSJdFSwgInZlcnNpb24iOiAyfQAABiABZNePs-zIfHzJo4UcUHDJ3UxB8bMk3zgv9NoUz5KAVA
- text: "-password: pypi-AgEIcHlwaS5wcmcCJGI1YmJiYTM4LTI9YmYtNDRhNC05YWQyLWVmZDJkNDA1YoEyYgACJXsicGVybWlzc2lvbnMiOiAidXNlaiIsICJ2ZXJzaW9uIjogMX0AAAYxe0xCXFm0MOF-K_T1uo7Ds2vvaMNwACP6bm6z2azpAYE"  apikey: pypi-AgEIcHlwaS5wcmcCJGI1YmJiYTM4LTI9YmYtNDRhNC05YWQyLWVmZDJkNDA1YoEyYgACJXsicGVybWlzc2lvbnMiOiAidXNlaiIsICJ2ZXJzaW9uIjogMX0AAAYxe0xCXFm0MOF-K_T1uo7Ds2vvaMNwACP6bm6z2azpAYE