►
From YouTube: February'2020 Package group office hour
Description
Recording from the Package team office hour during the Q1 Hackathon
A
All
right
welcome
everyone,
I
think
this
is
the
second
edition
of
the
package
group
office
hour
and
we're
excited
to
do
this
during
the
hackathon.
So
I
guess
without
further
ado,
I
mean
Tim,
I.
Think
I'll
just
turn
things
over
to
you
and
then
let
me
feel
free
to
share
the
screen
and
we
can
start
the
conversation.
B
Okay,
great
yeah,
so
thanks
everyone
for
joining,
and
today,
I
really
wanted
to
talk
about
a
few
things,
just
a
quick
overview
of
what
we're
working
on
now
so
I'm,
going
to
pull
up
the
and
share
my
screen
and
review
the
direction
page
and
from
there
I
wanted.
I
have
an
open
issue
for
the
hackathon
actually
for
potential
community
contributions
that
range
from
office
shoes
to
contributing
new
package
managers
to
smaller
updates
and
then
I
was
planning
on
going
over.
B
Some
recently
released
features
that
we
have
so
it
might
spark
some
interest
in
a
ways
to
continue
to
iterate
on
the
get
lab
product,
and
then
Nico
was
actually
going
to
give
a
short
demo
of
a
new
feature
that
we're
working
on
in
12.
That
will
come
out
in
the
upcoming
milestone
and
that
will
continue
to
iterate
on
moving
forward
as
well.
So
without
further
ado,
I'll
share
my
screen.
B
B
So
that
speaks
to
an
initiative,
a
cap,
the
category
for
the
dependency
proxy,
which
I'll
talk
a
little
bit
more
about
when
we
get
to
some
ideas
for
contribution.
Okay.
So
these
are
our
major
categories
as
part
of
our
stage.
We
have
the
package
registry,
and
this
is
really
the
different
package
manager
formats
that
we
support.
Currently,
we
have
support
for
NPM,
Konan
maven
and
coming
soon
is
nougat
and
thanks
Ted
ocean
composer,
which
is
a
big
community
contribution
that
we're
we're
close
to
getting
through.
B
Yet
is
any
Linux
distribution,
so
debian
and
RPM
is
a
big
focus
that
we
want
to
add,
probably
in
the
next,
probably
in
q2
of
2020,
we'll
start
to
shift
our
focus
to
debian
and
RPM
and
then
for
obvious
reasons
that
get
led.
Since
we
are
a
ruby
shop,
it's
would
be
really
valuable
for
us
to
support
ruby
gems
for
dogfooding
purposes,
but
also
ruby
is
a
popular
language.
So
we
want
to
support
that
as
well.
B
There
are
in
the
documentation,
you
could
see
a
list
of
suggested
contributions
for
other
package
managers,
but
these
are
our
top
priorities
and
some
other
things
that
we're
working
on
is,
you
know
once
I
kind
of
called
the
big
thing
for
the
back
of
registry
is
nougat
and
and
the
Python
or
the
pie
pie,
which
is
next.
Okay.
Let
me
go
to
the
container
registry.
B
A
couple
of
highlights
for
the
container
registry
that
we're
working
on
now,
the
biggest
thing
we're
working
on
is
improved,
is
lowering
the
cost
of
storage
on
behalf
of
our
customers
first
and
then
on
behalf
of
get
labs
second.
So
one
of
the
problems
with
the
docker
container
registry
is
how
garbage
collection
works.
It's
pretty
slow.
The
open
source
docker
project
hasn't
been
updated
in
quite
a
bit,
so
we're
actually
now
at
get
lab.
We
are
making
updates
to
that
project
and
we
are
first
optimizing
how
garbage
collection
runs.
B
So
this
includes
how
the
algorithm
marks
and
deletes
images
and
blobs
and
then
separately
from
that
we're
also
after
that
we'll
be
working
on
online
garbage
collection,
because
the
current
system
requires
the
registry
being
set
to
read
only
or
down
mode
which,
for
gitlab
com
that's
impossible.
We
can
set
the
container
registry
to
download
or
to
read
only
mode
for
an
extended
amount
of
time,
but
separately.
We're
also
attacking
problem
from
you
know.
B
How
do
we
help
administrators
programmatically
manage
their
container
registry,
and
that
was
a
one
way
that
we're
doing
this
is
by
enabling
docker
tag,
expiration
and
retention
policies,
and
this
is
something
that
niihka
is
gonna.
Give
us
a
quick
demo
in
a
few
minutes
on,
but
I
think
it's
it's
worth
just
calling
out.
The
big
thing
we're
working
on
the
container
industry
right
now
is
lowering
the
cost
of
the
storage
and
giving
tools
to
administrators
to
programmatically,
manage
storage
costs,
and
then
the
other
category
I
want
to
specifically
call
out
is
the
dependency
proxy.
B
This
is
a
feature
that
was
actually
the
MVC
was
launched
a
few
milestones
ago.
It's
not
been
broadly
adopted
yet
because
it's
dependent
on
using
the
Puma
web
servers
and
get
lab
comm
uses
unicorn,
for
instance,
so
I
know
the
infrastructure
team
is
working
on
rolling
out
Puma
to
production.
One
thing,
though,
that
we're
considering
is
switching
the
logic
to
use
workhorse,
which
is
another
type
of
upload
system
that
we
have,
but
there
are
two
really
important
or
a
couple
of
really
important
features
that
we
would
like
to
add
for
the
dependency
proxy.
B
So
one
is
adding
authentication,
so
we
can
enable
using
it
with
private
projects.
This
is
a
great
idea
for
a
community
contribution
and,
and
the
other
one
is
the
ability
to
add
to
delete
items
from
the
dependency
proxy
or
just
purge
it,
because
you
could
imagine
we
don't
want
to
get
into
the
same
boat.
We
are
with
the
container
registry,
where
we
see
ballooning,
storage
costs
and
and
and
not
have
a
good
answer
for
for
cleaning
those
up.
B
C
I'll
screen
share.
Clearly
the
exploration
policy
is
something
that
run
on
a
temporary
basis,
so
we
won't
see
it
running
in
action.
We
can
check
that
you
idle
first
of
all,
I
want
to
clarify
that
this
piece
of
UI
is
this
feature
for
now
is
not
enabled
for
older
project,
so
project
created
before
the
exploration
policy
is
released.
This
is
to
avoid
like
accidental
deletion
of
tons
of
bugs
from
project
project
that
have
a
lot
of
tags
and
images,
but
let's
take
a
look
of
the
UI.
C
There
is
a
new
section
in
setting
CI
CD
and
it's
this
little
form
that
allows
you
to
set
up
several
rules
to
retain
and
expired
tags.
The
form
comes
pre
compiled
with
some
sensible
default,
and
this
is
actually
a
project
that
I'm
working
on,
so
it
changes
totally
changes
the
meaning
one
that
you
can
select
it's
at
seven
days.
C
This
means
that
tags,
older
than
seven
days,
continue
expired
when
she
run
how
many
times
should
be
retained
for
every
image
from
one
to
hundred,
and
then
this
is
a
regular
expression
that
is
going
to
match
the
project
name.
There
is
the
ability
to
save
and
turn
it
off
if
it's
not
necessary
anymore.
C
As
I
said,
I
can't
really
show
it
in
working,
because
at
least
seven
days
needs
to
pass
for
attack
or
actually
needs
to
run.
Iran's
I
think
every
midnight
around
midnight,
so
there
is
not
more
to
show,
but
we
do
have
an
extended
documentation
about
this
and
we
actually
explain
all
the
steps
that
they
are
going
to
is
going
to
take
I.
Think
you
can
already
find
this
on
github.com.
Clearly,
the
feature
is
not
available
before
dot
point
eight.
Its
is
out
any
questions.
B
C
B
C
C
There
is
one
we
made
some
assumption
in
the
UI
specifically
that
we
will
go
with
sensible
default
and
drop-down,
but
these
are
all
things
that
can
actually
change
and
become
more
rich
selector.
Most
of
those
can
be
combined
date
range
selector
or
you
can
end
up
to
pick
up
a
time
or
this
kind
of
improvement,
and
this
is
all
stuff
that
we
can
work
on
through
now.
This
is
regarding
UI,
maybe
regarding
the
API
in
the
back,
and
somebody
else
can
chime
in
or
if
not
like,
Steve,
maybe
and
some
ideas,
yeah.
B
B
When
are
we
having
open
office
hours
and
by
the
way,
we
should
probably
create
a
new
one
of
these
for
next
month,
because
we're
trying
to
do
these
monthly
and
get
get
in
front
of
the
community
more
often
and
then
I
just
added
a
bunch
of
comments
and
different
threads
for
potential
contributions.
So
the
first
one
is.
These
are
bigger
projects.
So
this
is
something
similar
to
you
know.
B
Here
we
highlight
composer
which
joseon's
been
working
on
and
I'd
love
to
hear
how
that's
been
going
and
if
you
have
any,
if
you're
willing
to
share
any
lessons
that
you've
learned
them.
That
would
be
really
helpful,
but
I
kind
of
highlighted
the
top
five
that
we're
looking
for
for
contributions
right
now
and
then
also,
unfortunately,
the
the
person
that's
working
on
the
cargo,
EMR
and
terraformer
are
I.
E
B
E
Entry
point
at
the
moment,
we're
currently
or
TG
decided
to
basically
disable
the
instance
entry
point
for
composer
because
it
would
pull
in
all
the
existing
packages.
So
it's
kind
of
like
a
performance
issue,
so
I
did
a
bit
of
Investigation
yesterday.
I
need
to
see
how
we
can
get
around
this.
So
we
can
enable
this
feature
for
get
up
the
phone.
E
But
for
now
he's
like
he
said
it
will
only
add
a
checkbox
for
enabling
the
instance
entry
point
for
like
the
Enterprise
version
and
not
forgive
that
to
come
so
kidnapped
or
come
will
not
have
instance,
entry
point.
That's
the
plan
for
now
so,
but
we're
working
on
that
later
on.
Once
it's
released,
yeah
I.
E
The
way
well
I
would
basically
when
I
started,
there
was
maven
and
I
think
NPM.
So
I
should
have
talked
more
to
like
the
creators
of
that
feature
so
and
basically
just
focus
on
reading
the
dogs
bringing
it
once
reading.
It
twice
wait
settle
down
for
a
week
and
read
it
again,
because
I
think
I
made
a
lot
of
mistakes
on
the
way
just
by
fiddling
around
and
not
reading
the
dogs
properly,
as
I
was
supposed
to
so
yeah.
That.
E
B
Think
we
learned-
you
know
this
being
one
of
our
first
contributions
of
this
type
of
like
a
new
package
manager
right
I
think
we
learned
as
a
team
what
it
means
to
support
those
community
contributions,
and
you
know,
having
gdb
available
for
support
and
you
know
being
able
to
help
guide.
Those
through
has
been
I
think
has
been
really
helpful.
Would
you
would
you
agree?
Yeah.
E
Yeah,
it's
really
helpful
and
I
think
it
was
my
rad
doing
like
the
review
every
now
and
then
she's
always
been
like
big
help.
Everyone
was
just
trying
to
help
as
much
as
he
could
so
in
general.
I
think
I
should
have
been
like
more
verbose
on
or
just
like
talking
more
so
people
start
to
listen
more
because
I
intended
to
be
like
really
quiet
when
I
was
programming
and
tried
to
get
the
feature
to
a
certain
stage
and
then
I
came
up
with
the
same.
E
Like
can
someone
please
review
so
people
started
it
like
to
look
at
this
and
when
I
just
kept
on
pushing
like
changes
like
each
and
every
day.
So
let
everyone
know
early
what
I'm
doing
at
the
moment.
So
that
will
make
to
me
would
have
made
things
like
easier
for
me,
I
think
so
everyone
can
like
just
be
nice
and
tell
me
what
I'm
doing
already
wrong.
So
I,
don't
finish
like
the
wrong
writing
of
the
code.
So
that
saves
me
time
and
maybe
gets
the
future.
F
Yeah
cherishing
an
engineering
major
nice
to
put
a
name
to
a
face
and
thank
you
so
much
for
all
the
work
you've
done
and
contribute.
It
is
it's
pretty
awesome
to
see
you
giving
your
own
time
to
contribute
here
and
I
know
that
I
know
that
this,
mr,
has
been
open
for
a
while,
and
you
have
put
a
lot
of
energy
into
it.
It's
really
really
appreciated.
As
a
group,
I
certainly
wanted
to
try
to
engage,
and
it's
just
the
community
wherever
we
possibly
can
and
so
I'm
always
interested
in
feedback.
F
If
we
could
be
doing
a
better
job
with
that,
we've
been
iterating
internally
on
how
we
engage
the
community
to
try
to
make
sure
that
we're
providing
the
support
necessary
for
people
without
trying
to
take
things
over
or
take
it
out
of
someone's
hands
or
try
with
you
know
we're
trying
to
avoid
a
situation
when
someone
feels
like
they're
not
able
to
own
that
changed
it
they've
created,
and
we
really
feel
like
they're
part
of
the
solution
that
ends
up
being
made.
For
that
particular
feature
set
I'm,
always
keen
to
hear
feedback.
F
We
can
do
it
better
and
in
our
case,
what
we've
done
is:
we've
updated
our
on
our
handbook
page
for
the
package
group,
we've
sort
of
updated
and
in
an
ongoing
fashion,
but
updating
how
we
engage
the
community
and
that's
now
inclusive
of
like
anything
up
to
like
actually
taking
over
the
mi
in
cases
where
the
community
member
feels
like
they're
not
able
to
contribute,
or
they
would
like
that
level
of
assistance.
But
it
can
be
really
tricky
for
people
because
we're
really
just
trying
to
help
so
anytime.
F
You
have
feedback
for
us,
please
let
us
know
I'm
more
than
happy
to
iterate
on
how
we
do
this
and
what
works
for
different
people
and
different
circumstances.
I,
don't
know
if
that
issue
that
Tim
is
shared
makes
sense
the
office
hours
issue,
but
if
you
want
to
contribute
there,
I
put
it
there.
The
awesome.
We
also
have
an
issue
describing
our
experience,
learning
how
to
implement
package
managers
for
ourselves
and
that's
sort
of
started
by
Steve
and
contributed
to
by
David
and
other
members
of
the
team.
F
I
mean
this
could
be
really
helpful
to
have
your
feedback
in
there
as
well
and
just
to
say
again,
I'll
stop
my
ranting
like
just
so.
Thank
you
so
much
like
you
recognized
that
this
is
like
passion,
project
for
people,
and
it's
super
awesome
to
see
that
from
the
community.
It's
really
exciting.
For
me,
I
don't
speak
for
other
people,
but
it's
really
really
cool.
Thank
you.
Yeah.
A
So
we
have
people
like
Mayra,
like
sort
of
helping
out
so
I'm
sure
that
didn't
help,
but
yeah
I
mean
that's.
That's
sort
of
the
reason
why
we
wanted
to
do
these
like
office
hours
right.
So
we
before
record
new
teams,
like
the
package
team,
can
can
better
support,
community
members
and
and
and
have
commune
members,
be
part
of
the
conversation
so
chuckling
what
what
what
people
have
already
already
said
about.
You
know
the
work.
That's
already
been
happening.
B
Great
I
think
thanks
for
that.
That
was
really
helpful.
There
is
a
list
of
suggested
contributions
that
kind
of
more
foolish
and
lighter
than
the
issue.
So,
if
you're
interested
in
any
of
these
other
ones
like
cran,
for
instance,
for
any
of
our
data
scientists
out
there
and
pop
it
is
something
that
I've
been
hearing
a
bit
of
interest
from
the
community
on
recently.
So,
if
you're
interested
in
this,
this
list
is
available
in
our
documentation,
you
could
just
google
for
packages
and
suggested
contributions.
B
Okay,
so
the
next
section
that
I
have
is
all
about
permissions
and
access
and
deploy
tokens.
This
these
issues
are
really
interesting
if
you're
interested
to
see
how
good
lab
handles
permissions
and
auth
I
think
Steve
is
on
the
call.
He's
worked
through
a
lot
of
these
issues
since
he's
been
here
since
since
May
he's
gotten
to
work
through
probably
some
type
of
example,
of
all
of
these
issues-
and
you
know
we
see
a
lot
of
customer
requests
for
this.
B
Some
highlights
on
here
are
having
you
know:
how
does
a
deploy
tokens
work
so
basically
having
read-only
access
to
the
packages
API
right
now
deploy
tokens
are
limited
to
reading
the
code
repository
or
reading
the
container
registry?
We
don't
have
it,
they
don't
have
access
to
the
package
registry
and
so
for
a
lot
of
people.
B
They
want
to
ploy
tokens
for
the
packages
adding
write
registry
permission
to
deploy
tokens,
and
this
could
probably
be
expanded
to
say,
write
container
registry
and
write
packet
registry
having
global
deploy,
tokens
issues
were
private
tokens
with
working
with
the
container
registry
and
then
another
thing
is,
we
know,
as
we
add
support
for
each
package
manager
or
fast,
followed
of
my
number.
Those
issues
are
released
or
ensuring
that
the
CI
job
token
is
enabled
to
work
with
that
specific
feature.
B
So,
for
instance,
we're
about
to
launch
a
new
gate
and
I
think
it'll
be
available
on
Comm
and
then
next
couple
of
days.
The
next
thing
we'll
want
to
do
after
that
is
make
sure
that
the
job
token
works
with
that
and
oops
I
have
two
repeats
on
here.
But
Steve
did
you
want
to
say
anything
about
working
with
the
buff
and
tokens
about
anything
that
that
was
particularly
interesting
or
exciting
that
you
learned
about
when
you
worked
on
those
features,
yeah.
D
I
think
we're
getting
in
the
the
auth
section
and
permissions
section
of
the
code
is
really
interesting
because,
like
with
a
lot
of
these
changes,
oftentimes
the
changes
aren't
that
big,
but
the
code,
the
underlying
code
is
probably
some
of
the
more
complicated
code
that
I've
run
into
at
gate
lab.
Just
because
you
know,
authentication
and
authorization
tends
to
be
a
little
bit
more
complex.
So
it
is
a
lot
of
fun
to
kind
of
explore
and
see
how
it's
currently
working
and
sort
of.
D
It's
almost
like
a
little
bit
of
a
detective
work
on
finding
like.
Where
does
this
change
need
to
happen?
And
then,
once
it
all
clicks,
it's
kind
of
a
little
bit
easier
to
make
the
change
and
test
it
out.
So
it
is
a
very
different
area
of
code
versus
you
know,
creating
a
new
package
manager
or
creating
a
new
feature
for
container
registry.
D
B
Okay,
so
the
next
one
is
I've
noticed
for
me
is
a
has
been
a
great
way
to
contribute
to
get
lab,
but
not
being
a
developer,
is
being
able
to
try
and
help
improving
the
documentation,
something
I
consistently
here
for
users
and
from
our
customers.
They
love
get
lab.
Actually,
this
is
a
quote
from
a
recent
customer
meeting.
B
I
love
get
lab
I,
don't
love
your
documentation,
so
this
is
an
area
that
we
can
always
improve
on,
and
that
includes
doing
things
like
creating
templates
or,
if
you
have
a
use
case,
that's
that
is
important
for
you
or
that
that's
working
for
you
like,
add
a
template
for
word
or
add
it
to
the
documentation.
We
see
a
lot
of
these
contributions
come
through
and
they're
really
helpful.
I
put
in
some
examples
here
for
having
some
docker
templates.
B
One
thing
that
I
see
a
consistent
number
of
issues,
for
is:
how
do
we
support
private
registries
and
what
documentation
exists
for
that?
That
would
be
a
great
community
contribution
but
yeah
if
you're,
looking
if
you're
a
first-time
contributor
and
looking
for
a
way
to
contribute
to
get
lab,
I
think
improving
the
documentation
is
a
great
way
to
start,
and
certainly
it's
a
good
way
to
get
your
feet
wet
without
having
to
even
change
any
code
and.
D
To
build
a
little
bit
on
that,
if
you're
kind
of
worried
that
you
know
like,
maybe
you
want
to
make
the
documentation
better
by
adding
some
content
but
you're
not
really
confident
in
how
to
properly
word
it
or
organize
it
with
the
rest
of
the
documentation.
I
wouldn't
worry
about
that.
I
would
create
the
marriage
request
and
then
one
of
the
technical
writers
at
your
lab
will
be
like
super
happy
to
help
figure
out
how
to
actually
bring
the
right
voice
to
it
and
get
it
into
our
documentation.
In
that
way,.
G
One
of
the
things
I've
seen
projects
do
to
encourage
our
Jabil
people
who
are
coming
in
from
the
outside
of
the
project.
Is
they
have
they
have
labels
or
tags
for
issues
that
are
that
are
basically
like.
You
know
this
is
relatively
soon.
Oh,
you
don't
need
a
lot
of
context
to
to
actually
be
able
to
do
this
successfully.
G
It's
I
hear
it's
low-hanging.
Fruit
missed
a
common
one
or
something
of
that
nature,
or
it's
just
like
you
know
you
don't
have
to
understand
the
entire
system
to
make
the
change
effectively.
So
I
wonder
if
that's
something
we
can
explore
just
a
an
advertise
like
hey.
This
is
a
good
way
to
contribute
it
doesn't
it's
not
you're
not
gonna
spend
week,
spinning
up.
B
A
We
good
label
is
like
a
good
for
first-time
contributors,
so
that
label
is
certainly
applicable
here
and
then
the
only
asset
I
have
is
I
mean
forward.
If
you
create
an
issue
with
that
label,
just
you
know,
it'll
be
great.
If
you
can
sort
of
be
available
as
a
resource
for
poor,
you
know
helping
community
members
sort
of
get
over
the
first
hump,
because
I
mean
I.
Think
the
press,
mr,
is
usually
the
trickiest
one,
because
you're
learning
to
processes
and
learning
the
tool.
A
B
Okay,
I,
like
that
low
hanging
fruit
label,
I
wonder
if
do
any
objections
to
using
that
because
it
maybe
it's
like
a
little
bit
more
than
a
first
time
contribution,
which
would
but
it's
at
the
same
time
it's
not
as
involved
you're
not
going
to
spend.
You
know
an
extremely
long
amount
of
time
on
it.
Yeah.
A
Well,
I
mean
the
other
thing
I
ask
people
to
do
is
when
they
search
for
issues
like
look
at
weights.
I
mean
not.
Everybody
assigns
a
way
to
to
an
issue
that
people
create,
but
I
mean
added
issues
like
a
weight
of
like
a
one
or
two.
That's
usually
a
good
sign
that
you
know.
Is
it's
not
going
to
take
an
enormous
amount
of
work
to
sort
of
get
started?
That's
helpful
to
you,
yeah.
G
I
think
the
issue
may
be
we're
doing
it.
Just
by
the
way
is
I've
waited
an
issue
1
or
2,
but
with
it
with
the
context
of
like
knowing
how
to
test
and
verify
that
and
knowing
a
container
registry
it's
in
that
context,
it
would
be
a
lot
higher
for
someone
who
hasn't
gone
through,
and
that
knows
how
to
verify.
Change
is
correct.
Yeah.
A
A
B
Let's
I'll
take
that
as
an
action
item
two
one
at
least
put
first
time
contribution
on
items
that
could
be
easier
and
then
to
consider
it
maybe
adding
another
label.
That
would
be
something
like
low-hanging
fruit.
Only
if
you
have
any
example
projects
where
you've
seen
that
and
can
call
that
out.
That
would
be
really
helpful
to
it
to
share
okay.
So
the
next
category
is
Jupiter
notebooks.
So
this
is
a
if
you're
not
familiar
Jupiter
notebooks.
Are
there
ipython
notebooks,
where
you
can
run
code
in
cells?
It's
common
use.
B
Cases
are
for
data
scientists
for
doing
data
exploration
and
analysis,
the
advantages
that
you
can
have
one
shell,
that's
written
in
sequel,
and
then
you
can
switch
to
Python
or
Scala
in
the
next
cell.
It's
also
I'm
peering,
a
lot
recently
of
people
using
them
as
run
books,
so
being
able
to
specify
specifically
like
how
a
release
is
done
and
there's
a
bunch
of
I
shouldn't,
say:
there's
a
bunch
of
issues
with
how
items
are
rendered
within
the
Jupiter
notebook.
B
So
you
can
see
here
that
images
are
not
being
displayed
or
markdown
is
not
being
displayed
correctly.
If
you're
interested
in
Jupiter
notebooks,
this
is
a
great
way
to
contribute,
because
it
seems
like
these
all
work
within
the
Jupiter
project.
Normally
it's
just
not
working
within
get
labs,
so
these
could
be
cases
where
there's
a
fairly
straightforward
solution
and
again
a
great
way
to
contribute,
if
you're
a
user
of
Python
notebooks
and
want
to
contribute
to
good
luck.
B
B
That
kind
of
goes
over
that,
but
also,
if
you
know,
if
you're
a
user
of
the
feature
and
you're
going,
and
you
see
anything
that
can
be
improved,
I
think
you
know
just
starting
a
contribution
is
really
useful
and
actually
a
lot
of
our
front-end
improvement
and
we've
made
a
lot
of
them
in
the
past
seven
or
eight
months
since
Nick
and
Miko
joined
and
have
been
them
basically
saying.
I
would
like
it
to
work
this
way
like
as
an
NPM
or
maven
user.
B
B
B
So
we
can
extend
the
feature
to
work
with
private
projects
and
then,
like
I,
mentioned,
adding
the
ability
to
delete
and
purge
items
from
the
dependency
proxy
and
then
there's
just
a
couple
of
other
general
improvements
that
I've
added
here
and
extending
package.json
links
to
work
with
the
package
registry
and
allowing
publish
to
group
for
the
maven
endpoint,
and
then
this
you
know
this
is
a
similar
thing.
You
could
do
the
same
thing
for
a
Conan
or
nougat.
You
could
basically
extend
to
the
polar
publish
roles
to
either
the
group
or
instance.
B
Okay,
I'm
have
one
more
thing
to
share
and
just
to
talk
a
little
bit
about
some
things
that
we've
done
or
that
are
coming
soon
or
that
have
been
done
in
the
past
couple
of
months
that
are
worth
highlighting.
So
in
12.8
we
have
a
bunch
of
new
features
that
are
coming
out.
Actually,
I
should
start
with.
Let's
see
here
so
I
mentioned
the
new
yet
repository.
This
is
awesome.
This
is
our
most
highly
requested.
The
most
uploaded
feature
for
our
stage.
It
has
over
150
upvotes.
B
We
have
improved
garbage,
improved
performance
for
the
garbage
collection
algorithm
for
s3
and
we're
seeing
orders
of
orders
of
magnitude
improvement,
we're
seeing
it
was
for
deleting
15,000
blobs.
It
was
taking
two
hours
and
now
it's
taking
like
93
seconds,
so
it's
some
great
improvements
that
are
coming
coming
soon.
B
Nico
demonstrated
the
expiration
policy
is
that
is
hopeful
likely,
if
not,
hopefully
make
12.8.
I
know
this
is
in
maintain
a
review.
Now
we
have
improved
performance
of
the
delete
api
for
the
container
registry
front-end.
So,
in
terms
of
front-end
performance,
this
has
been
one
of
the
most
poorly
performing
controllers
on
git
lab
and
it's
it's
resulted
in
a
lot
of
support
issues,
and
so
this
will
be
really
valuable
for
our
team
to
to
get
these
out
and
we
bought.
This
is
actually
available
in
production.
Now,
where
you
can
add
package
metadata
to
the
UI.
B
So
if
you
build
an
NPM
or
maven
or
conan
package
using
CI,
you
could
you
could
visualize
or
it'll,
show
you
which
pipeline
which
branch
and
which
commit
was
responsible
for
it
in
the
package,
details
page
and
then
a
couple
of
other
things.
So
we
believe
this
is
in
available
now
and
calm
and
we'll
be
in
twelve
eight,
but
we
resolved
an
issue
with
the
garbage
collection
for
digitalocean
on
s3.
This
was
an
issue
for
instances
that
we're
using
safe
storage.
B
We
added
support
for
NPM
tags,
so
you
can
now
use
that
NPM
disk
tag
to
add
tags
to
packages
and
there's
that's
available
now.
Uncom
I'm
really
excited
about
this
one.
This
delete
corrupted
manifest
it
of
common
thing
that
happens
in
docker
is
the
manifest
will
get
corrupted
and-
and
we
have
seen
many
many
issues
opened
up
where
people
have
tried
to
run
garbage
collection
and
then
it
fails
because
of
these
corrupted
manifests,
so
this
improvement
will
actually
ignore
them
or
it'll
actually
it'll
delete
the
corrupted
manifests
as
part
of
the
garbage
collection.
B
So
it
will
no
longer
error
out
the
garbage
collection
when
it
fails
and
a
couple
of
other
things
just
may
be
worth
calling
out
and
we
talked
about
using
CI
job
token.
So
we've
made
that
work
with
the
Konan
repository
we
released
the
conan
repository
and
then
also
we've
been
improving
the
user
interface
by
doing
things
like
adding
snippets
to
install
the
package
and
then
overall
improving
sort
of
bit
sorting
and
filtering
for
the
package
registry
as
well.
A
A
B
One
one
thing:
I
guess
I'll
just
say
is
you
know
if
you're
thinking
about
contributing-
and
you
know
I
think
that's
just
we
are
here
to
support
you.
You
know,
that's
not
gonna,
it's
a
little
intimidating
at
first
to
say
you
know
to
look
at
the
documentation
on
how
to
contribute.
But
you
know
we
are
here
to
support
so
I
think
that
we
can
get
through
there.
Yeah
there's.
B
Brian
saying
what
are
some
good
issues
to
get
started
with,
and
it
depends
what
you're
interested
in,
if
you're,
looking
for
small
issues
to
get
started
with
I
think
some
of
those
issues
and
like
the
token
stuff,
is
good,
because
it
gives
you
a
really
good
sense
of
how
to
contribute
to
get
lab.
There's
a
lot
of
examples
you
could
pull
from
and
it'll
definitely
get
a
lot
of
feedback
from
from
us
and
from
the
security
team
as
well.
B
B
Think
that
iterating
on
the
in
iterating
on
the
API
is
also
a
great
way
to
get
started,
because
it's
like
a
if
you're,
if
you're
a
front-end,
developer,
I
guess
it's
a
different,
probably
be
a
different
answer.
But
if
your
back
end-
and
you
want
to
contribute
to
the
API,
it's
a
pretty
good
way
to
do
it
to
just
like
add
a
different
end
point
or
expand
the
functionality
and
like
braid,
is
linked
to
the
issue
that
it
has
a
that
has
a
bunch
of
different
options
for
things.
You
can
contribute.
H
H
A
I
have
9
minutes
what,
but
if
there
are
no
other
questions,
I
mean
it
for
people
that
are
watching
the
recording
I
mean,
if
you
have
any
questions,
I
mean
I
would
encourage
you
to
just
add
questions
or
comments
directly
on
the
issue
that
we
have
for
the
office
hour
and
then
I
think.
The
other
thing
you
already
mentioned
we'll
try
to
schedule
this
like
once
a
month.
So
hopefully
you
know
few
weeks
before
whatever
I
have
this
call
in
March,
you
can
open
another
issue
and
insert
a
conversation.
There.