diff --git a/docs/docs/project.md b/docs/docs/project.md
index 15168f7267f809bdaf2579b4406986f7dbdcdeb3..519ed8e128b829b14f309c6e5d2af2c0023c0369 100644
--- a/docs/docs/project.md
+++ b/docs/docs/project.md
@@ -132,5 +132,6 @@ by the configuration item `use_venv`, when it is set to `True`, PDM will use the
 | `python.use_pyenv` | Use the pyenv interpreter | `True` | Yes | |
 | `pypi.url` | The URL of PyPI mirror | Read `index-url` in `pip.conf`, or `https://pypi.org/simple` if not found | Yes | `PDM_PYPI_URL` |
 | `pypi.verify_ssl` | Verify SSL certificate when query PyPI | Read `trusted-hosts` in `pip.conf`, defaults to `True` | Yes | |
+| `pypi.json_api` | Consult PyPI's JSON API for package metadata | `True` | Yes | `PDM_PYPI_JSON_API` |
 
 *If the env var is set, the value will take precendence over what is saved in the config file.*
diff --git a/docs/docs/pyproject.md b/docs/docs/pyproject.md
index 9bd411305792c8f1bb89427a785cd01502bf2ead..75887f05c2093a6c5a03f25450c1688af087f4c7 100644
--- a/docs/docs/pyproject.md
+++ b/docs/docs/pyproject.md
@@ -97,9 +97,9 @@ myplugin = "mypackage.plugin:pytest_plugin"
 
 ## Build C extensions
 
-Currently building C extensions still rely on `setuptools`. You should write a python script which contains
-a function named `build` and accepts the arguments dictionary of `setup()` as the only parameter.
-In the function, update the dictionary with your `ext_modules` settings.
+Currently building C extensions still relies on `setuptools`. You should write a python script which contains
+a function named `build` and accepts the parameter dictionary of `setup()` as the only argument.
+Update the dictionary with your `ext_modules` settings in the function.
 
 Here is an example taken from `MarkupSafe`:
 
diff --git a/pdm/models/repositories.py b/pdm/models/repositories.py
index 03924b347b5a33666140ddbeafb14b47ff0a3eb6..6086bd096a5e3701fff0aa6398f6a0129ed24844 100644
--- a/pdm/models/repositories.py
+++ b/pdm/models/repositories.py
@@ -200,12 +200,10 @@ class PyPIRepository(BaseRepository):
         raise CandidateInfoNotFound(candidate)
 
     def dependency_generators(self) -> Iterable[Callable[[Candidate], CandidateInfo]]:
-        return (
-            self._get_dependencies_from_cache,
-            # PyPI JSON API seems not trustable
-            # self._get_dependencies_from_json,
-            self._get_dependencies_from_metadata,
-        )
+        yield self._get_dependencies_from_cache
+        if self.environment.project.config["pypi.json_api"]:
+            yield self._get_dependencies_from_json
+        yield self._get_dependencies_from_metadata
 
     def _find_named_matches(
         self,
diff --git a/pdm/project/config.py b/pdm/project/config.py
index 966151b1e565149b40e5d3b95976178be54b978c..53eb81d95119be0edc1b4e96687e633976b5ac2b 100644
--- a/pdm/project/config.py
+++ b/pdm/project/config.py
@@ -86,6 +86,11 @@ class Config(MutableMapping):
         "pypi.verify_ssl": ConfigItem(
             "Verify SSL certificate when query PyPI", verify_ssl
         ),
+        "pypi.json_api": ConfigItem(
+            "Consult PyPI's JSON API for package metadata",
+            True,
+            env_var="PDM_PYPI_JSON_API",
+        ),
         "use_venv": ConfigItem(
             "Install packages into the activated venv site packages instead of PEP 582",
             False,