Searching for packages
If you want to know whether or not a package is available in one of your repository channels, you can search for it by entering the package name into the search bar at the top of the dashboard. Click Show more to view a full list of matching packages from all available channels.
You can search for channels and CVEs using the same search bar. To adjust your search parameters, open the dropdown menu to the left of the search bar, then select an option from the dropdown menu.
Viewing package details
Clicking on any package in a channel will display the package details.
From here, you can view the following information:
- All the files contained within the package
- The package’s dependents (other packages that require this package to operate properly)
- The package’s dependencies (other packages that this package requires to operate properly)
- CVEs that are associated with files in the package
Conda automatically installs a package’s dependencies along with the package itself when that package is requested from the channel. If a dependency is not available due to an applied mirror filter, you will not be able to build a working environment with the packages from the current channel.
General information about the package, such as its version number, architecture, signature status, CVE score and status, number of CVEs associated, and package status is shown here.
The information icon shows additional information, such as the package’s license type, the last time the package was published, and a command that you can copy to install the package from this channel.
Package badges
Package badges are a visually intuitive way to display real-time metadata about a package in other applications.
Embedding package badges
Package badges are a visually intuitive way to display real-time metadata about a package in other applications. Badge images can be embedded into package documentation, repository README files, websites, dashboards, and so on and can be dynamically generated to show the following information:
- Package version
- Download count
- License
- Platforms
- Last updated
- Updated ago
From a package’s details page:
-
Select a package from a channel.
-
Select the Badges tab.
-
Open the dropdown for the badge that you want to embed.
-
Click Copy beside the language you’re working in.
To embed a badge from an authenticated or private channel, you must include a channel resource token at the end of the URL.
-
You can now take this link and embed it elsewhere.
Configuring badge colors
Administrators can customize badge colors by setting the following environment variables in the repo_api section of the docker-compose.yml file. If these variables are not specified, the default colors listed below are used:
Filtering package files
Further search the contents of a package by utilizing the file filters at the top of the table columns. You can filter by file name, platform, CVE score and/or status, package status (active/passive state), and upload date.
Package signatures
Packages in Anaconda’s repository come with a security signature: a special key value that proves that the package hasn’t been tampered with since going through Anaconda’s curation process. Files within a package that have a signature display a signed tag in the signature column. The actual signature value can be viewed at the bottom of the metadata file. For information on enabling conda package signature verification, see Security practices.
You must mirror your packages using an Anaconda Business channel as a source to view package signatures.
Viewing file metadata
From the package details view, select the information icon associated with a file to view its metadata, which is a .json formatted file that contains all of the information about the package file.
Installing a package in your environment
The additional package information provides you with a command to install the package from the channel. Copy the command, then run it from within your active conda environment. Keep in mind that all the package’s dependencies will also be installed.
This command assumes that you have set the channel alias in your .condarc file to your Package Security Manager URL. For more information and help setting your channel alias, see Set a channel alias in the official conda documentation.
Downloading a package file
From the package details view, click on a package file’s name to download it.
Uploading a package
The process for preparing a package for upload differs depending on the package type. Please follow the relevant guide to prepare your package for upload before continuing:
Once the package is ready for upload:
- Log in to Package Security Manager.
- Navigate to the channel/subchannel you want to upload your package to.
- Open the Manage dropdown menu and select Upload File.
- Open the Type dropdown menu and select your applicable file type.
- Click Select files… then locate the file on your computer, and then click Upload.
You can also drag and drop the file you’d like to upload.
Moving a package
To move a package from one channel or subchannel to another:
- From the channel or subchannel details page, select the Packages tab.
- Select the checkbox beside the packages you want to move. File management buttons appear at the top of the list.
- Click Move # packages.
- Open the Move To: dropdown menu and select a destination channel or subchannel for your packages.
- Click Move.
Moving a package will remove it from its origin channel.
Copying a package
To copy a package from one channel or subchannel to another:
- From the channel or subchannel details page, select the Packages tab.
- Select the checkbox beside the packages you want to copy. File management buttons appear at the top of the list.
- Click Copy # packages.
- Open the Copy To: dropdown menu and select a destination channel for your packages.
- Click Copy.
Copying a package will not remove it from its origin channel.
Deleting a package
To delete a package from a channel or subchannel:
- From the channel or subchannel details page, select the Packages tab.
- Select the checkbox beside the packages you want to delete. File management buttons appear at the top of the list.
- Click Delete # packages.
- Click Delete to verify you want to delete your selected packages.
Managing packages with the CLI
If you want to manage your packages using the CLI, see Package Security Manager CLI.
Managing packages with the API
You can also use the API to perform various functions regarding package management. Access the API interface and view the API documentation by logging in as an administrator user, opening a new tab, and then navigating to http(s)://<FQDN>/swagger/ui, replacing <FQDN> with your Package Security Manager fully qualified domain name.
The following is a list of available endpoints you can use to manage your packages in Package Security Manager:
Viewing package details
Deleting a package
Searching for packages
If you want to know whether or not a package is available in one of your repository channels, you can search for it by entering the package name into the search bar at the top of the dashboard. Click Show more to view a full list of matching packages from all available channels.
You can search for channels and CVEs using the same search bar. To adjust your search parameters, open the dropdown menu to the left of the search bar, then select an option from the dropdown menu.
Viewing package details
Clicking on any package in a channel will display the package details.
From here, you can view the following information:
- All the files contained within the package
- The package’s dependents (other packages that require this package to operate properly)
- The package’s dependencies (other packages that this package requires to operate properly)
- CVEs that are associated with files in the package
Conda automatically installs a package’s dependencies along with the package itself when that package is requested from the channel. If a dependency is not available due to an applied mirror filter, you will not be able to build a working environment with the packages from the current channel.
General information about the package, such as its version number, architecture, signature status, CVE score and status, number of CVEs associated, and package status is shown here.
The information icon shows additional information, such as the package’s license type, the last time the package was published, and a command that you can copy to install the package from this channel.
Package badges
Package badges are a visually intuitive way to display real-time metadata about a package in other applications.
Embedding package badges
Package badges are a visually intuitive way to display real-time metadata about a package in other applications. Badge images can be embedded into package documentation, repository README files, websites, dashboards, and so on and can be dynamically generated to show the following information:
- Package version
- Download count
- License
- Platforms
- Last updated
- Updated ago
From a package’s details page:
-
Select a package from a channel.
-
Select the Badges tab.
-
Open the dropdown for the badge that you want to embed.
-
Click Copy beside the language you’re working in.
To embed a badge from an authenticated or private channel, you must include a channel resource token at the end of the URL.
-
You can now take this link and embed it elsewhere.
Configuring badge colors
Administrators can customize badge colors by setting the following environment variables in the repo_api section of the docker-compose.yml file. If these variables are not specified, the default colors listed below are used:
Filtering package files
Further search the contents of a package by utilizing the file filters at the top of the table columns. You can filter by file name, platform, CVE score and/or status, package status (active/passive state), and upload date.
Package signatures
Packages in Anaconda’s repository come with a security signature: a special key value that proves that the package hasn’t been tampered with since going through Anaconda’s curation process. Files within a package that have a signature display a signed tag in the signature column. The actual signature value can be viewed at the bottom of the metadata file. For information on enabling conda package signature verification, see Security practices.
You must mirror your packages using an Anaconda Business channel as a source to view package signatures.
Viewing file metadata
From the package details view, select the information icon associated with a file to view its metadata, which is a .json formatted file that contains all of the information about the package file.
Installing a package in your environment
The additional package information provides you with a command to install the package from the channel. Copy the command, then run it from within your active conda environment. Keep in mind that all the package’s dependencies will also be installed.
This command assumes that you have set the channel alias in your .condarc file to your Package Security Manager URL. For more information and help setting your channel alias, see Set a channel alias in the official conda documentation.
Downloading a package file
From the package details view, click on a package file’s name to download it.
Uploading a package
The process for preparing a package for upload differs depending on the package type. Please follow the relevant guide to prepare your package for upload before continuing:
Once the package is ready for upload:
- Log in to Package Security Manager.
- Navigate to the channel/subchannel you want to upload your package to.
- Open the Manage dropdown menu and select Upload File.
- Open the Type dropdown menu and select your applicable file type.
- Click Select files… then locate the file on your computer, and then click Upload.
You can also drag and drop the file you’d like to upload.
Moving a package
To move a package from one channel or subchannel to another:
- From the channel or subchannel details page, select the Packages tab.
- Select the checkbox beside the packages you want to move. File management buttons appear at the top of the list.
- Click Move # packages.
- Open the Move To: dropdown menu and select a destination channel or subchannel for your packages.
- Click Move.
Moving a package will remove it from its origin channel.
Copying a package
To copy a package from one channel or subchannel to another:
- From the channel or subchannel details page, select the Packages tab.
- Select the checkbox beside the packages you want to copy. File management buttons appear at the top of the list.
- Click Copy # packages.
- Open the Copy To: dropdown menu and select a destination channel for your packages.
- Click Copy.
Copying a package will not remove it from its origin channel.
Deleting a package
To delete a package from a channel or subchannel:
- From the channel or subchannel details page, select the Packages tab.
- Select the checkbox beside the packages you want to delete. File management buttons appear at the top of the list.
- Click Delete # packages.
- Click Delete to verify you want to delete your selected packages.
Managing packages with the CLI
If you want to manage your packages using the CLI, see Package Security Manager CLI.
Managing packages with the API
You can also use the API to perform various functions regarding package management. Access the API interface and view the API documentation by logging in as an administrator user, opening a new tab, and then navigating to http(s)://<FQDN>/swagger/ui, replacing <FQDN> with your Package Security Manager fully qualified domain name.
The following is a list of available endpoints you can use to manage your packages in Package Security Manager: