Skip to main content

Documentation Index

Fetch the complete documentation index at: https://anaconda.com/docs/llms.txt

Use this file to discover all available pages before exploring further.

Anaconda Platform 7.0.0 is available through a limited early access program. Contact your Anaconda Technical Account Manager (TAM) if you’re interested in adopting the latest version.

Searching for packages

If you want to know if a package is available in one of your , you can search for it in multiple ways.

Viewing package details

Selecting a package displays its details. The Files tab contains general information about each package file.
aiohttp package details files tab
Filter the table contents by using the filters at the top of the table columns.

Dependencies and dependents

Dependencies are packages that a specific package requires to function properly. Dependents are packages that rely on a specific package to function properly.
Conda automatically installs a package’s dependencies along with the package itself when that package is requested from the channel. If a package dependency is not available due to an applied policy filter, you will not be able to build a working environment with the packages from the current channel.

Package CVEs

The CVEs tab displays details regarding the package’s associated CVEs.

Package badges

Package badges are a visually intuitive way to display real-time metadata about a package in other applications. Badge images can be embedded into package documentation, repository README files, websites, dashboards, and so on, and can be dynamically generated to show the following information:

Embedding package badges

From a package’s details page:
  1. Select the Badges tab.
  2. Open the dropdown for the badge that you want to embed.
  3. Click Copy beside the language you’re working in.
    To embed a badge from an authenticated or private channel, you must include a service account token at the end of the URL as indicated. The service account token must provide access to the channel the package is stored in.
  4. You can now take this link and embed it elsewhere.

Downloading an SBOM

  1. Select Channels from the left-hand navigation.
  2. Open the channel or subchannel that contains the package you want an SBOM for.
  3. Find the package you need an SBOM for.
  4. Select SBOM beside a package file to download an SBOM for that file version.
    SBOM download button

Uploading packages

Packages must be properly prepared before uploading them to a channel. The process for preparing a package for upload differs depending on the package type. Please follow the relevant guide to prepare your package for upload: Once the package is prepared, upload it to a channel.

Downloading a package file

From a package’s details view, select a package file’s name to download it.

Managing packages

You can move, copy, or delete packages directly from the Packages tab of any channel, or manage the individual files within a package.
  1. Select Channels from the left-hand navigation.
  2. Select a channel you need to manage packages for.
  3. Select the Packages tab.
  4. Select checkboxes beside packages you want to manage. Management options appear above the table.
    Package management options
  5. Choose the action you want to take for the selected packages.

Package signatures

Anaconda’s package curation process associates packages with security signatures to ensure package integrity and authenticity. Packages in Anaconda’s repository come with a security signature: a special key value that proves that the package hasn’t been tampered with since going through Anaconda’s curation process. Files within a package that have a signature display a signed tag in the signature column. The actual signature value can be viewed at the bottom of the metadata file.
You must mirror your packages using an Anaconda Platform (Cloud) channel as a source to view package signatures.

Enabling package signature verification

Package signature verification requires conda version 4.10.1 or later. Signature verification is not enabled by default.
  1. Install the necessary packages: 
    conda install "conda>=4.10.1" "conda-token>=0.3.0" conda-content-trust
  2. Use conda-token to configure access, turn on signature verification, and empty the index cache: 
    conda token set --enable-signature-verification <TOKEN>
Conda signature verification is now enabled. When using conda to install packages from your platform channels, conda informs you of the signature status of the proposed packages by appending the following to trusted packages: 
(INFO: package metadata is signed by Anaconda and trusted)
If the signatures do not match, tampering may have occurred, and conda appends a warning to the package instead: 
(WARNING: metadata signature verification failed)
If no signatures are currently provided for a package (for example, if you are installing from third-party channels), the signature status message is not provided.
Example install command with signature verification enabled
(environment)   ~ conda install django

## Package Plan ##
    environment location: /home/s/miniconda3-av2
    added / updated specs:
        - django


The following packages will be downloaded:

    package                    |            build
    ---------------------------|-----------------
    asgiref-3.3.4              |     pyhd3eb1b0_0          24 KB
    django-3.2                 |     pyhd3eb1b0_0         3.1 MB
    krb5-1.17.1                |       h173b8e3_0         1.3 MB
    libpq-12.2                 |       h20c2e04_0         2.1 MB
    psycopg2-2.8.6             |   py38h3c74f83_1         160 KB
    pytz-2021.1                |     pyhd3eb1b0_0         181 KB
    sqlparse-0.4.1             |             py_0          35 KB
    ------------------------------------------------------------
                                        Total:         6.9 MB

The following NEW packages will be INSTALLED:

    asgiref       repo/main/noarch::asgiref-3.3.4-pyhd3eb1b0_0 (INFO: package metadata is signed by Anaconda and trusted)
    django        repo/main/noarch::django-3.2-pyhd3eb1b0_0 (INFO: package metadata is signed by Anaconda and trusted)
    krb5          repo/main/linux-64::krb5-1.17.1-h173b8e3_0 (INFO: package metadata is signed by Anaconda and trusted)
    libpq         repo/main/linux-64::libpq-12.2-h20c2e04_0 (INFO: package metadata is signed by Anaconda and trusted)
    psycopg2      repo/main/linux-64::psycopg2-2.8.6-py38h3c74f83_1 (INFO: package metadata is signed by Anaconda and trusted)
    pytz          repo/main/noarch::pytz-2021.1-pyhd3eb1b0_0 (INFO: package metadata is signed by Anaconda and trusted)
    sqlparse      repo/main/noarch::sqlparse-0.4.1-py_0 (INFO: package metadata is signed by Anaconda and trusted)

Disabling conda signature verification

To turn the feature off, you can adjust your conda configuration: 
conda config --set extra_safety_checks false

Package license information

Open-source licenses specify how packages can be used. While many licenses allow a broad range of usage, some are more restrictive, especially with respect to production environments. The following is a list of OSS licenses and links to further details:
Filter packages by license type when creating a channel policy to help govern package availability before license issues cause production issues. For more information, see Creating a policy.

Managing packages with the CLI

If you want to manage your packages using the CLI, see Anaconda Platform CLI.

Managing packages with the API

You can also use the API to perform various functions regarding package management. Access the API interface and view the API documentation by logging in as an administrator user, opening a new tab, and then navigating to http(s)://<FQDN>/swagger/ui, replacing <FQDN> with your Anaconda Platform fully qualified domain name. ​​The following is a list of available endpoints you can use to manage your packages in Anaconda Platform:

Viewing package details

GET /api/channels/<CHANNEL_NAME>/artifacts/<ARTIFACT_TYPE>/<ARTIFACT_NAME>
GET /api/channels/<CHANNEL_NAME>/artifacts/<ARTIFACT_TYPE>/<ARTIFACT_NAME>/readme
GET /api/channels/<CHANNEL_NAME>/artifacts/<ARTIFACT_TYPE>/<ARTIFACT_NAME>/cves
GET /api/channels/<CHANNEL_NAME>/artifacts/<ARTIFACT_TYPE>/<ARTIFACT_NAME>/files
GET /api/channels/<CHANNEL_NAME>/artifacts/<ARTIFACT_TYPE>/<ARTIFACT_NAME>/dependencies
GET /api/channels/<CHANNEL_NAME>/subchannels/<SUBCHANNEL_NAME>/artifacts/<ARTIFACT_TYPE>/<ARTIFACT_NAME>
GET /api/channels/<CHANNEL_NAME>/subchannels/<SUBCHANNEL_NAME>/artifacts/<ARTIFACT_TYPE>/<ARTIFACT_NAME>/readme
GET /api/channels/<CHANNEL_NAME>/subchannels/<SUBCHANNEL_NAME>/artifacts/<ARTIFACT_TYPE>/<ARTIFACT_NAME>/cves
GET /api/channels/<CHANNEL_NAME>/subchannels/<SUBCHANNEL_NAME>/artifacts/<ARTIFACT_TYPE>/<ARTIFACT_NAME>/files
GET /api/channels/<CHANNEL_NAME>/subchannels/<SUBCHANNEL_NAME>/artifacts/<ARTIFACT_TYPE>/<ARTIFACT_NAME>/dependencies

Deleting a package

DELETE /api/channels/<CHANNEL_NAME>/artifacts/<ARTIFACT_TYPE>/<ARTIFACT_NAME>
DELETE /api/channels/<CHANNEL_NAME>/subchannels/<SUBCHANNEL_NAME>/artifacts/<ARTIFACT_TYPE>/<ARTIFACT_NAME>