Python Package Index Key
Description
General
- Documentation: https://warehouse.readthedocs.io/api-reference/index.html
- Summary: The python package index also called PyPI is the official software repository for Python. It is often used as a default source for packages by package managers. PyPI exposes an API to interact with the repository. This detectors catches the PyPI API keys used to perform authentication when uploading packages.
- IPs allowlist: As of the time of writing this documentation, this feature is not yet supported.
- Scopes: A token's scope can be limited to a specific project.
Revoke the secret
API keys can be revoked from the account settings page.
Check for suspicious activity
On the account settings page, for each API key, the date of last use is displayed.
Details for Python Package Index Key
-
Family: token
-
Category: package_registry
-
Company: Python Package Index
-
High recall: True
-
Validity check available: False
-
Analyzer available: False
-
Minimum number of matches: 1
-
Occurrences found for one million commits: 4.47
-
Prefixed: True
-
PreValidators:
- type: ContentWhitelistPreValidator
patterns:
- pypi-
Examples
- text: 'secure: pypi-AxBQcHiwcS5vcmcCJFDfMtN3ODItSWU3MIQtSDRhGA09ZBUzLTjjPDVmYDQqGBO8MtECBHsncGVybWbze1zvbzMyVmF1InEwb2hpH4BzCjzgKyXaayDuR90hLUNlaQAubZljdWftBs4qaGJdESygHnZpcnGob24iBvAydQAABiCFPKfRi-zIfHzJo4UcUHDJ3UxB8bMk3zgv9NoUz5KAVA'
apikey: pypi-AxBQcHiwcS5vcmcCJFDfMtN3ODItSWU3MIQtSDRhGA09ZBUzLTjjPDVmYDQqGBO8MtECBHsncGVybWbze1zvbzMyVmF1InEwb2hpH4BzCjzgKyXaayDuR90hLUNlaQAubZljdWftBs4qaGJdESygHnZpcnGob24iBvAydQAABiCFPKfRi-zIfHzJo4UcUHDJ3UxB8bMk3zgv9NoUz5KAVA
- text: '-password: pypi-DtBQcAsyaS5waxdCHAI1KmJjUTM5MKI6YjFtLDNwNC07CDQyLWVbZEDkZDA8UoEyYgACUXbzcGSebLlyc2lqbeMtOgEwbHYlapIfICJ7ZWPkeX9uProgJF0FAFYqd2dAAFj0IGA-K_T1uo7Ds2vvaMNwACP6bm6z2azpAYE'
apikey: pypi-DtBQcAsyaS5waxdCHAI1KmJjUTM5MKI6YjFtLDNwNC07CDQyLWVbZEDkZDA8UoEyYgACUXbzcGSebLlyc2lqbeMtOgEwbHYlapIfICJ7ZWPkeX9uProgJF0FAFYqd2dAAFj0IGA-K_T1uo7Ds2vvaMNwACP6bm6z2azpAYE
