Please read the guidelines on reporting security issues on the official website for instructions on how to report a security-related problem to the Python Security Response Team responsibly.

To reach the response team, email security at python dot org.

Pip relies on the Python Security Response Team (PSRT) to triage and respond to security reports. PSRT members balance security work against many other responsibilities, so please be thoughtful about the time and attention your report requires. Reports that repeatedly disregard this policy may be rejected regardless of technical merit.

Due to the design of the Python packaging ecosystem, pip has no way to know whether an index or a package is malicious, and packages can run code both while being built and after being installed. The following are not pip vulnerabilities:

• A malicious or compromised package index.
• A malicious package. Building a package from source runs the build tool the package itself chooses (PEP 517). A wheel (binary distribution) is installed by "simply unpacking" it, but once any package is installed, its code can run whenever Python runs in that environment. Report malicious packages on PyPI through its malware reporting process.
• An attacker who already controls the machine pip runs on. Anyone who can change pip's command line, environment variables, configuration, or cache can already make pip install anything.

A bug in a step that already runs arbitrary code is also not a vulnerability and can be reported as a normal bug on the issue tracker. Any ideas for improving the security of these processes can be reported as feature requests.

pip ships its own copies of its dependencies in pip/_vendor. A vulnerability in one of them is not a vulnerability in pip unless pip's use of the library is affected. Report the library's bug to that library's project.

Updates to vendored libraries, including security fixes, are defined in pip's release process.