Skip to content

Consuming attestations

Info

Index attestations are currently under active development, and are not yet considered stable.

PyPI makes a file's attestations available via the simple index (HTML) and simple JSON APIs.

For a full API reference, see the Integrity API documentation.

Internals

Since a distribution file can have multiple attestations, and PyPI serves these attestations as a single JSON file, this JSON file groups the attestations into a single provenance object. This object contains bundles of attestations grouped by the Trusted Publisher identity used to sign them.

To manually verify a PyPI artifact against its provenance object, the pypi-attestations CLI tool can be used:

export WHEEL_DIRECT_URL=https://files.pythonhosted.org/packages/d7/73/c16e5f3f0d37c60947e70865c255a58dc408780a6474de0523afd0ec553a/sampleproject-4.0.0-py3-none-any.whl

pypi-attestations verify pypi --repository https://github.com/pypa/sampleproject $WHEEL_DIRECT_URL

This downloads the wheel from PyPI and its corresponding provenance JSON (using the Integrity API), checks that the Trusted Publishers specified in the provenance match the --repository argument passed by the user, and finally cryptographically verifies the wheel against the included attestations.