2020-12-01 Conda Community Meeting
Attendees
| Name | Initials | Affiliation | Username |
|---|---|---|---|
| Gonzalo Peña-Castellanos | GPC | Quansight | @goanpeca |
| Megan Yancy | MCY | Anaconda | @myancy-anaconda |
| Marius van Niekerk | MvN | Flatiron Health | @mariusvniekerk |
| Cheng Lee | CHL | Anaconda | @chenghlee |
| Eric Dill | ED | DTN | @ericdill |
| Crystal Soja | CAS | Anaconda | @csoja |
| Christopher J "CJ" Wright | CJ | Lab49 | @cj-wright |
| Keith Kraus | KK | NVIDIA | @kkraus14 |
| Filipe Fernandes | FF | IOOS | ocefpaf |
| Michael Grant | MG | Anaconda | mcg1969 |
| Connor Martin | CJM | Anaconda | @cjmartian |
| Marcel Bargull | MB | Bioconda / conda-forge | @mbargull |
| Wolf Vollprecht | WV | QuantStack / mamba | @wolfv |
| Matthew Becker | MRB | -- | @beckermr |
| Marcelo Duarte Trevisani | MDT | conda-forge | @marcelotrevisani |
| Michael Sarahan | MCS | RStudio | @msarahan |
Agenda
- Welcome
Announcements
Standing Items
- Anaconda: Organizational-level CLA
- No current updates.
New Agenda Items
-
Rotating Meeting Facilitator
- Call for volunteers
- Who wants to go next?
-
Conda Triaging and Issue Tracking meeting took place.
- Meeting: Kale, Marcel, Gonzalo, Cheng
- Splitting responsibility by day: each person triages issues that come in that day
- conda-triage
-
Given that pip install conda still "works" but obviously installs something wildly out of date and non functional should we yank the releases on pypi ? (@marius)
- Existing blog posts refer to conda being pip installable
- Possible solutions:
- could
pipx install condawith a standalone binary? pip install condaforcibly fails with a link to miniconda installer?- Remove the packages but reserve the package name?
- Very long term: cool but probably impractical due to major technical challenges
- could
- Short term fix: Anaconda will replace with newer stub package on PyPI.
- Create a
conda-stubrepository that creates folder with an empty package. - Will not remove package (without annoucement) to avoid breaking existing users & workflows.
- Issue: https://github.com/conda/conda/issues/10388
- Create a
-
Where are the conda-standalone binaries these days?
- Since all i know of is https://repo.anaconda.com/pkgs/misc/conda-execs
- Short term I am unpacking the ones from https://anaconda.org/anaconda/conda-standalone (for use in ensureconda)
conda install conda-standalone-> installs into$CONDA_PREFIX/standalone_conda- https://repo.anaconda.com/pkgs/main/${subdir}/conda-standalone*.tar.bz2
- Ray has pushed for updating these binaries for each conda release.
- Anaconda needs to address internal CI issues around automating executable signing. (Currently use a manual process of downloading, re-signing, and re-uploading executables.)
-
(MRB) package copying and package metadata on anaconda.org
- We are having an issue in conda-forge where when we copy packages from one user to another using the copy API endpoint, the metadata per package (doc_url, dev_url etc) displayed on anaconda.org is erased. We need this metadata for certain packages, especially cudatoolkit.
- We need two fixes:
- support for patch requests for the anaconda.org
/package/{owner_login}/{package_name}API endpoint so that we can restore the metadata - fix the copy endpoint so it does not delete this metadata
- support for patch requests for the anaconda.org
- These will let us fix the packages we have and make sure it doesn't happen for new packages.
- issue: https://github.com/Anaconda-Platform/anaconda-client/issues/556
-
Audit (CJ)
- Using depfinder to check:
- Accurate
- Under specified
- Over specified
- Under and over specified
- Errored
- Link to the information
- Using depfinder to check:
-
Raises the question of how to handle optional dependencies and/or sub-packages?
- Like RPM provides?
-
Additional test "keys" for conda-build (WV)
- I wrote down some ideas here: https://github.com/mamba-org/boa/issues/93
- Is conda-build interested in these tests? (CHL: yes; please open issue on conda-build GH)
- Fits into concepts for conda-verify
Outstanding Items From the Previous Meeting
- N/A
Active Votes
Subteam Updates
Open PRs
- N/A
Discussion
Action items
Last meeting points (2020-11-17)
- Ways to address diversity inclusiveness issues
- new sub-team - charter for maintaining and advancing conda-forge as a diverse community, try to grow. Charter is dynamic. Looking for those who are not core contributors of conda-forge.
- Would like input on document
- https://github.com/conda-forge/conda-forge.github.io/pull/1187
- Availability of artifact verification features to other pieces of software (than conda):
- SA: @Wolf, Please be aware that at first, we're offering the trust and signing data to paid folks, because... lights on. But I don't see why support for consuming that data shouldn't be handled in any package manager frontend talking to the repository. There's a project with the majority of the low-level code and a set of algorithms. The process of integrating that into conda (or other managers) is a delicate thing, so I'm hoping that the guidelines are helpful enough... but this will improve after conda integration.
- Wolf: sure. with quetz we're working hard to support mirroring of conda-channels (specifically conda-forge), and this trust & verification is pretty integral for that so ... we might have to implement this anyways, and then it would probably make sense to do it in the same fashion as upstream
- SA: that'd be good, yeah. We can talk about the TUF work underlying it at the least