Feature Request
Problem
When a Python package is identified as malicious or is yanked from public PyPI, there is currently no mechanism in Pulp to prevent that same package from being re-uploaded to a Pulp-hosted Python repository. This is a gap in supply chain security — a malicious package that has been removed can simply be uploaded again.
Proposed Solution
Add a blocklist feature to pulp_python that allows administrators to maintain a list of packages (by name, version, or name+version) that are prohibited from being uploaded to specific repositories.
When an upload is attempted for a package matching a blocklist entry, Pulp should reject the upload with an appropriate HTTP error (e.g., 400 or 403) and a clear message indicating the package is blocklisted.
Key Design Considerations
- Scope: Blocklist should be configurable per-repository (on
PythonRepository) so different repositories can have different policies.
- Granularity: Support blocking by package name (all versions), by specific name+version, or by filename.
- Management API: CRUD endpoints for managing blocklist entries (add, remove, list).
- Audit trail: Record when entries are added and by whom, for security review purposes.
- Integration point: The blocklist check should occur during the upload/publish workflow before content is added to a repository version.
Acceptance Criteria
- A new model for blocklist entries associated with
PythonRepository.
- API endpoints to manage blocklist entries (create, list, delete).
- Upload attempts for blocklisted packages are rejected with a clear error message.
- Existing content already in a repository is not affected (blocklist only prevents new uploads).
- Documentation for the feature.
Context
Recent supply chain attacks on Python packages (e.g., lightLLM) highlight the need for proactive controls. The blocklist feature complements a planned periodic PyPI yank monitoring task — when a package is yanked from PyPI, it can be added to the Pulp blocklist to prevent re-upload. Together these features provide defense-in-depth for Python package repositories hosted on Pulp.
Feature Request
Problem
When a Python package is identified as malicious or is yanked from public PyPI, there is currently no mechanism in Pulp to prevent that same package from being re-uploaded to a Pulp-hosted Python repository. This is a gap in supply chain security — a malicious package that has been removed can simply be uploaded again.
Proposed Solution
Add a blocklist feature to
pulp_pythonthat allows administrators to maintain a list of packages (by name, version, or name+version) that are prohibited from being uploaded to specific repositories.When an upload is attempted for a package matching a blocklist entry, Pulp should reject the upload with an appropriate HTTP error (e.g., 400 or 403) and a clear message indicating the package is blocklisted.
Key Design Considerations
PythonRepository) so different repositories can have different policies.Acceptance Criteria
PythonRepository.Context
Recent supply chain attacks on Python packages (e.g.,
lightLLM) highlight the need for proactive controls. The blocklist feature complements a planned periodic PyPI yank monitoring task — when a package is yanked from PyPI, it can be added to the Pulp blocklist to prevent re-upload. Together these features provide defense-in-depth for Python package repositories hosted on Pulp.