Conditional forwarding to pypi.org based on namespaces

Proposal

Gitlab provides a private Python Packages Registry which can be configured to forward to pypi.org for not found packages. To further prevent dependency confusion attacks a namespace or prefix could be configured to only forward packages not starting with the given prefix.

For example, given the prefix "foo" the package "foo-requests" mustn't be forwarded, but "requests" can be.