jayvdb / veripypi Goto Github PK

Ensure the package you're installing from PyPi is the same as the source code advertised on GitHub.

$ pip3 install veripypi
$ veripypi <PACKAGE_NAME>

Open-sourced repositories provide a false sense of security. Since the code is readable, other developers must have read and audited it, right? Someone would surely say something if there were really an issue...

(See the Bystander Effect.)

But, even when the source code has been thoroughly audited, it's trivial to showcase a clean version of the project on GitHub and a distribute a trojaned package on PyPi.

This is a PoC to minimize this attack vector. (Although the real solution to this problem is probably more along the lines of enforcing PGP signed releases, but there's a whole lot of controversy surrounding this that I won't delve into here.)

First, a source distribution is created from the latest release of a GitHub repository of the package to be verified. This sdist is used as "ground truth." Then, the PyPi version of the package is installed. Both versions are compared, and if they're not identical, a flag is raised.

A green flag from veripypi only tells you that the source code being distributed matches the source code that can be viewed on GitHub. It does not imply anything about the safety of the code being installed.

Similarly, a red flag does not necessarily mean that the package is trojaned. One simple explanation for a rejection from this tool is a maintainer pushing an updated release to PyPi and forgetting to push to GitHub.