Registry checksum TOFU cache not scoped by registry #9552
Description
When interacting with multiple registries, the checksum TOFU cache appears to be keyed only by package identity + version + content type, not by the registry URL it came from. The read path in PackageVersionChecksumTOFU.readFromStorage calls PackageFingerprintStorage.get(package:version:kind:contentType:), which doesn’t filter by registry origin, and the file storage uses package-identity-only filenames for registry fingerprints. This means a checksum recorded from registry A can be reused for the same scope.name from registry B before any mismatch is detected, which is both a correctness and potential security issue.
Suggested fix:
- Scope registry fingerprints by registry URL (e.g. include registry URL hash in the storage key/filename or add a registry-aware storage API).
- Backward-compatible fallback: when scoped lookup misses, read the legacy unscoped entry and only accept/migrate it if the fingerprint origin matches the current registry URL.
Happy to help with a patch if that’s desired.