`uv add` leaks credentials to `tool.uv.index` when `UV_DEFAULT_INDEX` is set

[kwaegel]

I have a project that uses a private JFrog Artifactory repository to host internal packages, and as a proxy for PyPi. I just noticed that calling uv add internal_package==specific_version when overriding with UV_DEFAULT_INDEX will leak credentials into the pyproject.toml file, even if the lockfile isn't modified.

Original index entry (company name redacted):

# Set JFrog Artifactory as the default index.
[[tool.uv.index]]
name = "internal"
url = "https://repos.internal.com/artifactory/api/pypi/internal-pypi/simple"
default = true

Command (a no-op, since the package version already exists as a dependency):

$uv add internal_package==version
Resolved M packages in 2ms
Audited N packages in 0.87ms

After running that command, the tool.uv.index section has removed the name = internal line, inserted the full repo URL, including authentication tokens, and removed the comments:

[[tool.uv.index]]
url = "https://USERNAME:REDACTED@repos.internal.com/artifactory/api/pypi/internal-pypi/simple"
default = true

Summary:

• I was not expecting credentials to get saved to pyproject.toml
• I was not expecting that setting UV_DEFAULT_INDEX before running uv add would modify pyproject.toml at all (including removing comments).

uv version 0.4.25

[kwaegel]

I tried using UV_INDEX_URL (which is marked as deprecated) instead of UV_DEFAULT_INDEX, and it seems to work without leaking credentials, but it also emitted a warning suggesting that the behaviour I'm seeing might be intentional?

warning: Indexes specified via `--index-url` will not be persisted to the `pyproject.toml` file; use `--default-index` instead.

Not sure what to do in this case, since I want to set UV_INDEX_URL (for uv pip commands to pick up), but also not overwrite/leak credentials when I already have pyproject.toml configured properly.

[charliermarsh]

It's just a bug. We shouldn't be overwriting with credentials like that IMO.

[charliermarsh]

I'll fix it for today's release.

[dan-jacobson]

Hey @charliermarsh, I'm still seeing a variant of this behavior with uv 0.5.1, IF the UV_DEFAULT_INDEX is set, but there's no existing [[tool.uv.index]] in the pyproject.toml.

Just to be clear, it's not overwriting the existing [[tool.uv.index]] anymore, it's only setting when it's blank. So I can go in and delete the token when I know to look for it.

But it does leak creds into pyproject.toml going through a standard new project workflow of uv init -> uv add with my UV_DEFAULT_INDEX set. Feels like this has a decent potential to be a foot-gun.

[charliermarsh]

You're right! Thanks.

[gaspardc-met]

Hey,

Sorry to chime in on a closed issue, but I did get owned by this issue recently, using uv==0.5.11.
Both UV_DEFAULT_INDEX and UV_EXTRA_INDEX_URL are defined as environment variables, but I did not set anything in pyproject.toml, so using uv add library leaked my private info.

I have read the docs on configuration and private indexes, but I don't get the point of defining a [[tool.uv.index]] entry in the pyproject.toml if you have environment variables or a proper global uv.toml file.

[charliermarsh]

That's ok. I thought I fixed it but I may be misremembering -- I'll look again today.