feat: allow python custom registries configuration through config file

2026-05-26 20:20:49 +00:00 · 2025-12-22 13:49:45 +01:00 · 2025-12-22 13:49:45 +01:00 · c53a7347e2
commit c53a7347e2
parent 39e2001d97
5 changed files with 325 additions and 283 deletions
--- a/packages/safe-chain/src/config/configFile.js
+++ b/packages/safe-chain/src/config/configFile.js
@ -11,6 +11,7 @@ import { getEcoSystem } from "./settings.js";
 * @property {unknown | Number} scanTimeout
 * @property {unknown | Number} minimumPackageAgeHours
 * @property {unknown | SafeChainRegistryConfiguration} npm
+ * @property {unknown | SafeChainRegistryConfiguration} pip
 *
 * @typedef {Object} SafeChainRegistryConfiguration
 * We cannot trust the input and should add the necessary validations.
@ -104,6 +105,28 @@ export function getNpmCustomRegistries() {
  return customRegistries.filter((item) => typeof item === "string");
 }

+/**
+ * Gets the custom npm registries from the config file (format parsing only, no validation)
+ * @returns {string[]}
+ */
+export function getPipCustomRegistries() {
+  const config = readConfigFile();
+
+  if (!config || !config.pip) {
+    return [];
+  }
+
+  // TypeScript needs help understanding that config.pip exists and has customRegistries
+  const pipConfig = /** @type {SafeChainRegistryConfiguration} */ (config.pip);
+  const customRegistries = pipConfig.customRegistries;
+
+  if (!Array.isArray(customRegistries)) {
+    return [];
+  }
+
+  return customRegistries.filter((item) => typeof item === "string");
+}
+
 /**
 * @param {import("../api/aikido.js").MalwarePackage[]} data
 * @param {string | number} version
@ -169,6 +192,9 @@ function readConfigFile() {
    npm: {
      customRegistries: undefined,
    },
+    pip: {
+      customRegistries: undefined,
+    },
  };

  const configFilePath = getConfigFilePath();