Packages#

Searching for packages#

If you want to know if a package is available on one of your organization’s channels, search for it by entering the package name into the Search artifacts field of the channel details page.

Note

If you see that the package contains zero files, it means that all the files for that package were removed from the channel, and the package is not available. Select the package to view the reason the files were removed.

Viewing package details#

Clicking on any package in a channel will display the package details.

From here, you can view the following information:

  • All the files contained within the package

  • The package’s dependents (other packages that require this package to operate properly)

  • The package’s dependencies (other packages that this package needs to operate properly)

  • CVEs that are associated with files in the package (for Business tier organizations)

    Caution

    Conda automatically installs a package’s dependencies along with the package itself when that package is requested from the channel. If a dependency is not available due to an applied policy filter, you will not be able to build a working environment with the packages from the current channel.

General information about the package, such as its license type, version number, web homepage, and documentation (if available) is also available from this page.

Package signatures#

Packages in Anaconda’s repository come with a security signature: a special key value that proves that the package hasn’t been tampered with since going through Anaconda’s curation process. Files within a package that have a signature display a green check icon beside their names. The actual signature value can be viewed at the bottom of the metadata file.

Viewing package metadata#

From the package details view, click on a file’s name to display its metadata. The metadata is a .json formatted file that contains all of the information about the package file.

Tip

Click the expand icon to view the metadata in full screen.

Viewing package SBOMs#

Anaconda’s Software Bill Of Materials (SBOMs) are built in accordance with Software Package Data Exchange (SPDX) specifications, version 2.2.1, which specifies the checksum hash values of software down to the individual file level.

From the package details view, click on a file’s name, then select the File SBOM tab.

Note

If no SBOM tab appears, there is no SBOM for that package file.

Installing a package in your environment#

The package details page also provides you with a command to run if you want to install the package from this channel. Keep in mind that all the package’s dependencies will also be installed.