Remove internal malware infrastructure/checks

Procfile

@@ -2,5 +2,4 @@ release: bin/release
 web: bin/start-web ddtrace-run python -m gunicorn.app.wsgiapp -c gunicorn-prod.conf.py warehouse.wsgi:application
 web-uploads: bin/start-web ddtrace-run python -m gunicorn.app.wsgiapp -c gunicorn-uploads.conf.py warehouse.wsgi:application
 worker: bin/start-worker celery -A warehouse worker -Q default -l info --max-tasks-per-child 32
-worker-malware: bin/start-worker celery -A warehouse worker -Q malware -l info --max-tasks-per-child 32
 worker-beat: bin/start-worker celery -A warehouse beat -S redbeat.RedBeatScheduler -l info

bin/release

@@ -6,8 +6,5 @@ set -eo pipefail
 # Migrate our database to the latest revision.
 python -m warehouse db upgrade head
 
-# Insert/upgrade malware checks.
-python -m warehouse malware sync-checks
-
 # Insert/upgrade classifiers.
 python -m warehouse classifiers sync

dev/environment

@@ -43,8 +43,6 @@ MAIL_BACKEND=warehouse.email.services.ConsoleAndSMTPEmailSender host=maildev por
 
 BREACHED_PASSWORDS=warehouse.accounts.NullPasswordBreachedService
 
-MALWARE_CHECK_BACKEND=warehouse.malware.services.PrinterMalwareCheckService
-
 OIDC_BACKEND=warehouse.oidc.services.NullOIDCPublisherService
 
 METRICS_BACKEND=warehouse.metrics.DataDogMetrics host=notdatadog

docs/dev/application.rst

@@ -55,8 +55,7 @@ Warehouse serves four main classes of users:
 3. *PyPI application moderators*. These users have a subset of the
    permissions of *PyPI application administrators* to assist in some
    routine administration tasks such as adding new trove classifiers,
-   adjusting upload limits for distribution packages, and reviewing
-   malware verdicts.
+   and adjusting upload limits for distribution packages.
 4. *PyPI application administrators*, e.g., Ee Durbin,
    Dustin Ingram, and Donald Stufft, who can ban
    spam/malware projects, help users with account recovery, and so
@@ -103,7 +102,6 @@ Directories within the repository:
   - `legacy/ <https://github.com/pypi/warehouse/tree/main/warehouse/legacy>`_ - most of the read-only APIs implemented here
   - `locale/ <https://github.com/pypi/warehouse/tree/main/warehouse/locale>`_ - internationalization
   - `macaroons/ <https://github.com/pypi/warehouse/tree/main/warehouse/macaroons>`_ - API token support
-  - `malware/ <https://github.com/pypi/warehouse/tree/main/warehouse/malware>`_ - automated malware checks
   - `manage/ <https://github.com/pypi/warehouse/tree/main/warehouse/manage>`_ - logged-in user functionality (i.e., manage account &
     owned/maintained projects)
   - `metrics/ <https://github.com/pypi/warehouse/tree/main/warehouse/metrics>`_ - services for recording metrics

docs/dev/development/index.rst

@@ -37,7 +37,6 @@ Get involved or find help using:
     development-database
     cloud
     email
-    malware-checks
     token-scanning
 
 .. _`GitHub`: https://github.com/pypi/warehouse

docs/dev/security.rst

@@ -13,8 +13,3 @@ Project and release activity details
 ------------------------------------
 See :doc:`api-reference/feeds` for how to track new and updated releases on
 PyPI.
-
-Malware Checks
---------------
-See :doc:`development/malware-checks` for information about existing checks
-that are instrumented in PyPI, and instructions for contributing new checks.

requirements/main.in

@@ -71,6 +71,5 @@ typeguard
 webauthn>=1.0.0,<2.0.0
 whitenoise
 WTForms[email]>=2.0.0
-yara-python
 zope.sqlalchemy
 zxcvbn

requirements/main.txt

@@ -1631,21 +1631,6 @@ wtforms[email]==3.0.1 \
     --hash=sha256:6b351bbb12dd58af57ffef05bc78425d08d1914e0fd68ee14143b7ade023c5bc \
     --hash=sha256:837f2f0e0ca79481b92884962b914eba4e72b7a2daaf1f939c890ed0124b834b
     # via -r requirements/main.in
-yara-python==4.2.3 \
-    --hash=sha256:113f430c5189519e13fc07d8493e3f29a1464a9be06eb7ba1b76451da620a391 \
-    --hash=sha256:26ec1042017b3c4e12d2999ed6a33d7807013ae16c487048464b98dabfe3a7b0 \
-    --hash=sha256:31f6f6f2fdca4c5ddfeed7cc6d29afad6af7dc259dde284df2d7ea5ae15ee69a \
-    --hash=sha256:47a7de4d7dae04e5e146b79f26b7f0b7e9430cb92459b85db7f4341843974aac \
-    --hash=sha256:87125ede7fbc18ae65aab550f1a36f4ebf73bb828c5d7a3dd2bb99176f0faa15 \
-    --hash=sha256:90db22a471b512d1adb49cec97a1356a1cf7791beeb0acab74c3187f6e8679a6 \
-    --hash=sha256:98040aa88d242632c75be87ac3a9958eb407ca30e85b513b9e22807af82ab1c8 \
-    --hash=sha256:9f17e0572c49906d0b2a8f6ac20fcb46f17820a7408a5511744a844df4b2ec61 \
-    --hash=sha256:aaad4cd4495b7605cb4e039473710ee87a151082171c4bb720086adbe548fb36 \
-    --hash=sha256:bef2f079acd459b852c0634f72cd41058766110d8900573b2d55be12d35d55db \
-    --hash=sha256:d6c2de71b368da053599d734c031389815a70df4b667d6dc386d1335689717d6 \
-    --hash=sha256:d7543ff7eb7e21a815d7bc1bf2fcca24cab3548184d3257c58916628f3c89b37 \
-    --hash=sha256:feac02291a584b846615aa9265f01fa458ec7e7087317ffa679bbb1a2baec85b
-    # via -r requirements/main.in
 zope-deprecation==5.0 \
     --hash=sha256:28c2ee983812efb4676d33c7a8c6ade0df191c1c6d652bbbfe6e2eeee067b2d4 \
     --hash=sha256:b7c32d3392036b2145c40b3103e7322db68662ab09b7267afe1532a9d93f640f