►
From YouTube: Package quad planning; Milestone 14.2 review
A
Welcome
to
the
package
quad
planning
this
week,
we
intend
to
go
over
the
plan
for
milestone
14.2.
So
if
there
are
no
objections,
I
could
just
get
started
sharing
my
screen.
A
Cool
so
yeah
this
milestone,
I
put
together.
It's
mainly
focused
on,
I
would
say,
performance
improvements,
customer
bugs
and
a
lot
a
lot
of
dependency
proxy
issues,
so
I'll
just
walk
through
the
p1
deliverable
issues.
First,
and
then
just
please
jump
in
and
stop
me
if
I'm
talking
too
fast
or
you
have
any
questions
so
the
first
issue,
this
new
get
packages
larger
than
500
megabytes,
fail
to
be
uploaded.
A
This
was
an
investigation
that
we
did
and
david
did
in
14.1
and
it
affects
large
packages
that
need
to
be
that
need
to
have
a
background
process
run
on
them,
specifically
for
nuget,
but
this
could
impact
other
packages,
so
we'd
like
to
resolve
this,
and
this
affects
customers
as
well,
and
then
the
next
one
is
performance,
improvement
or
scalability
improvement
for
the
cleanup
policies.
A
It
resolves
a
bug
where
we're
not
where
we're
not
passing
the
information
in
the
logs
and
then
the
next
one,
where
is
deploy
token
support
for
the
dependency
proxy.
This
is
a
carryover
from
14.1
popular
issue,
popular
customer
issue,
which
is
related
to
the
one
below
it.
Where
dependency
proxy
is
not
working
with
single
sign-on
steve.
A
You
mentioned
that
this
one
might
be
resolved
by
the
previous
one,
but
we're
not
sure
yet,
so
I
just
wanted
to
make
sure
we
we
called
both
out
because
item
four
here
is
a
popular
customer
issue
has
a
lot
of
upvotes
and
customer
interest.
A
The
next
one's
been
open
for
a
while.
This
is
a
one
of
our
p2
bugs
that's
kind
of
been
pushed
back
a
lot,
but
this
is
a
bad
request
error
when,
when
publishing
npm
packages-
and
this
has
a
lot
of
customer
interest
as
well
so
it'd
be
great
to
resolve
this
and
then
part
of
the
theme
of
improv
investigating
or
improve
testing
object,
storage
integration,
so
investigate
multi-part
uploads
with
various
object,
storage
configurations.
A
Let
me
know
what
you
think
about
this
one.
I
thought
that
this
would
go
well
with
number
one,
since
we
would
have
to
test
some
of
the
configurations
as
part
of
that
for
nougat.
So
I
thought
maybe
that
would
be
a
good
opportunity
to
combine
those
two
issues.
A
Nico's
not
here.
This
is
a
front-end
issue,
follow-up
from
an
incident
where
folks
are
deleting
an
image
repository
and
then
not
realizing
that
they
deleted
the
whole
image
and
not
just
a
given
tag
so
adding
in
some
extra
safeguards
there,
where
you'll
have
to
enter
in
the
project.
Name
just
like
when
you
delete
your
project,
you
have
to
enter
in
the
project
to
for
it
to
be
deleted.
A
This
one
is
for
python,
so
we've
been
seeing
a
lot
of
interest
in
our
python
repository
recently,
and
this
is
following
a
similar
feature
that
we
have
for
npm,
where,
if
you
try
to
install
a
python
package-
and
it's
not
found
that
will
forward
the
request
to
the
public
python
repository.
A
This
is
important
because
the
pi
pi
project
is
making
a
change
with
it.
Removing
support
for
the
extra
index
url,
which
means
that
you
won't
be
able
to
say
to
link
to
multiple
repositories
in
your
setup
file.
So
this
has
been
requested
by
a
lot
of
customers
recently.
So
hopefully
we
can
get
this
done
on
the
performance
front
and
we're
continuing
the
graphql
work
that
nico's
been
working
on,
and
so
this
will
be
converting
the
package
list
page
to
use
the
the
new
endpoints.
A
And
then
we
have
an
investigation
issue
for
the
p95
scores
for
npm
are
a
bit
slow
and
so
we've
been
meaning
to
investigate
those
to
see.
If
there's
any
improvements
that
could
be
made,
and
then
this
one
is
came
up
during
an
investigation
into
deploy
tokens,
and
it
turns
out
that
when
you
are
when
you
can
manage
permissions
for
the
the
repository
and
we
check
for
those
when,
when
you're
actually
using
a
deploy
token
for
the
for
the
package
registry,
so
that
breaks
deploy,
tokens
so
fix
removing
that
check.
A
And
then
we
have
a
bunch
of
testing
issues
so
adding
some
qa
tests
for
the
dependency
proxy.
At
least.
We
might
split
this
up,
or
we
might
just
like
make
this-
the
smallest
iteration
forward
and
then
yeah
following
up
on
some
of
our
incidents
and
some
of
the
bugs
that
we
found
testing
package
uploads
using
s3
and
minio,
and
that's
part
of
our
broader
epic,
to
start
to
to
test
that.
So
before
going
into
the
stretch,
goals
like
I
can
pause
and
does
anyone
have
any
questions
or
comments.
B
Number
six
would
be
better
combined
with
13
and
14,
because
I
guess
the
the
different
object,
storage
configurations.
Oh
it's,
the
investigation,
sorry
never
mind
yeah,
it's
the
investigation
about
if
they
are
working
properly
with
all
the
different
configurations.
B
C
I
think
I
think
we
would
have
by
just
integrating
with
aws
s3,
for
example,
for
our
qa
tests.
We
would
already
it
would
bring
up
already
some
some
it
would
fit
into
the
investigation.
That's
what
I
mean.
So,
if
there
are
any
results
with
those
tests,
we
could
we
could
plug
it
in
the
in
this
issue
as
well
in
the
multi-part
uploads.
A
D
Yeah,
I
made
a
comment
about
the
unlinking
of
temporary
files
from
the
dependency
proxy,
that's
kind
of
like
the
in
between
step
before
we
migrate
to
workhorse,
which
a
little
bit
of
work
has
been
done
on.
But
since
it's
not
totally
prioritized
I've
been
putting
it
off,
but
I
thought
that
might
be
worth
considering.
D
D
Was
more
of
whether
or
not
it's
high
enough
priority,
given
that
it
it
could
prevent
escalations
in
the
future.
D
I
mean
we
could
probably
go
through
and
wait
some
before
we
decide
and
see
what
the
weight
looks
like.
I
am
thinking
about
now.
I'm
trying
to
I
think.
If
we
were
to
move
to
workhorse
would
we
still
have
to
worry
about
the
temp
file
issue
and
I
think
the
answer.
B
D
B
I'm
not
sure
if
this
has
already
been
been
done
on
workhorse,
and
on
top
of
that
we
need
to
add
a
custom
logic
where
we
we
are
going
to
receive
a
new
url
and
credentials
from
rails
and
workhorse.
We
need
to
contact
that
url
to
upload
the
content
of
that
url
to
object.
Storage.
That's
completely
completely
new
to
my
knowledge,
so
it's
really
not
the
same
weight.
I
would
say.
D
I
think
the
the
unlinking
was
like
the
the
work
around
to
prevent
any
incidents
or
escalations.
While
we
find
time
to
work
on
workhorse.
D
A
Okay,
yeah.
There
are
like
like
something
like
900
000
images
that
are
being
pulled
per
week,
so
each.
D
Well,
not
necessarily,
they
only
fill
up
the
system
if,
if
something
goes
wrong,.
A
D
A
A
He's
so
good
at
that:
okay,
any
other
questions
on
the
p1s
anything
here
that
you're
like.
Oh,
I
don't
want
to
work
on
that
or
it's
or
something
missing
or.
A
Cool
okay:
well,
we
could
go
over
the
stretch
goals.
This
first
one
is
definitely
near
and
dear
to
my
heart,
adding
in
or
extracting
the
npm
package
metadata.
That's
I've
been
getting
inundated
with
those
requests.
A
A
This
is
a
issue
opened
by
a
customer
and
by
ben
prescott
shared
this
with
us,
but
there's
an
issue
with
python
compatibility
tags.
So
that's
a
a
customer
bug
this
one.
The
generic
packages.
Events
are
not
captured
with
usage
ping.
This
got
delayed
from
14
1..
This
is
important
because
right
now
we're
understating
our
stage
team
or
our
group,
our
gmail,
which
is
basically
our
monthly
active
users
for
the
stage
it
would
be
awesome
to
have
that.
But
yeah
definitely
performance
and
scaling
comes
first.
A
This
one's
we've
been
punting
on
forever.
It's
a
popular
proposal
and
people
are
passionate
in
the
issue,
but
supporting
publishing
composer
packages
to
one
central
project
right
now.
We
only
support
the
group,
but
a
lot
of
what
we
do
is
we
tell
our
customers
that
they
should
use
one
central
project
for
their
packages,
and
so
this
is
a
popular
request
that
we
hear
a
lot
about.
A
We
have
a
feature
flag
for
the
container
registry
that
has
been
open
for
some
time
now.
I
I
hear
and
it'd
be
good
to
just
remove
that
and
ensure
that
it's
safe
to
remove.
It
seems
like
it
is,
but
yeah
it
may
require
some
extra
work
and
investigation
and
then
refactor
package
manager
test
use
different
auth
tokens.
I
think
sofia,
you
must
have
added
this
one
right.
This
would
be
great
so
right
now
we
only
test
with
the
job
token.
C
Yeah
we
we
actually
have
different
approaches
from
different
tests,
but
david
did
a
really
good
work
with
gradle
and
started
introducing
a
matrix
combination
of
different
off
tokens
that
we
use
so
from
job
token
to
personal
access,
token
and
so
on.
I
think
it's
just
if
there
is
some
time
to
to
extend
that
to
the
rest
of
the
package
managers.
A
Cool
and
then
yeah,
I
was
very
excited
to
say
in
our
note,
where
the
community
contributions
to
remove
helm.
So
it's
very
exciting
great
job,
steve
and
david,
and
I
we
do
still
have
debian,
which
is
going
on,
and
I
mentioned
that
we
do
expect
it
to
wrap
up
in
14
2,
possibly
14
30.
So
there
might
be
unex.
I
just
want
to
make
sure
we
com
account
for
that
work
and
that
we're
aware
that
it's
still
coming
and
yeah
I
added
in
some
valve
about
design
work.
A
Hyun
is
going
to
be
helping
us
out
with
the
the
delete
experience
of
for
the
container
registry
ui
and
then
on
the
validation
track.
I'm
still
working
on
the
go
to
market
use
case
for
package,
doing
some
solution,
validation
for
pipelines
for
packages
as
we
zoom
in
for
into
a
solution
there
and
then
sending
out
a
survey
to
our
self-managed
customers
to
understand
storage
usage
or
object
storage
usage.
So
that's
just
some
other
things
that
I'll
be
working
on.
D
Great,
I
think,
for
that
composer
stretch,
goal
that
might
warrant
an
investigation
just
because
the
way
composer
works
is
very
different
from
the
others.
In
that
we
don't
really
upload
a
file.
It
doesn't
end
up
with
an
actual
package
file
attached
to
it.
So
there's
different
ways
we
can
think
about
how
we
might
want
to
centralize
it
to
one
project.
B
I'd
like
to
bring
again
the
mr
about
the
nuget
instance
level
endpoint,
it
has
been
paused
so
that
we
focused
on
debian
and
helm.
So
now
that
we
are
a
bit
of
more
time
for
community
emails,
I'd
like
to
go
back
to
this
one
because
it
was
almost
ready
and
the
naming
convention
was
not
was
had
an
issue,
and
I
suggested
the
solution,
and
that
was
the
last
update
on
it.
A
B
Well,
we
can
take
take
dmr
over
and
finish
it
and
credit
him
for
all
the
work
of
course,
okay,
but
it
was
it
it's
not
like
it
was
done,
but
it's
like
eighty
percent
done
so
more
than
a
half.
D
A
Too
bad
we
don't
have
any
dotnet
developers
on
the
team
or
people
who
know.net
I'm
just
trolling
you
ago.
Sorry,
I
couldn't
help
it.
A
Okay,
anything
else
to
to
add.
A
No
okay,
well
cool.
I
think
that
we
can
stop
the
recording
and
we
can
add
weights
to
the
issues
and
finalize
like
the
deliverable
items,
would
be
good,
I'm
actually
out
on
thursday
friday
and
the
kickoff
videos
on
monday.
So
if
just
keep,
if
this,
if
we
could
apply
weight
sooner,
that
would
be
great
and
if
not
I'll,
focus
the
kickoff
video
on
like
the
stuff
that
I'm
very
confident
that
will
be
deliverable
items
and
not
the
stuff
that
won't
be
okay,
cool.
I'm
gonna
pause
the
recording.