New Features
* **Unlink and Link Packages in a Single Transaction**: In the past, conda hasn't always been safe
and defensive with its disk-mutating actions. It has gleefully clobbered existing files, and
mid-operation failures leave environments completely broken. In some of the most severe examples,
conda can appear to "uninstall itself." With this release, the unlinking and linking of packages
for an executed command is done in a single transaction. If a failure occurs for any reason
while conda is mutating files on disk, the environment will be returned its previous state.
While we've implemented some pre-transaction checks (verifying package integrity for example),
it's impossible to anticipate every failure mechanism. In some circumstances, OS file
permissions cannot be fully known until an operation is attempted and fails. And conda itself
is not without bugs. Moving forward, unforeseeable failures won't be catastrophic. (3833, 4030)
* **Progressive Fetch and Extract Transactions**: Like package unlinking and linking, the
download and extract phases of package handling have also been given transaction-like behavior.
The distinction is the rollback on error is limited to a single package. Rather than rolling back
the download and extract operation for all packages, the single-package rollback prevents the
need for having to re-download every package if an error is encountered. (4021, 4030)
* **Generic- and Python-Type Noarch/Universal Packages**: Along with conda-build 2.1.0, a
noarch/universal type for python packages is officially supported. These are much like universal
python wheels. Files in a python noarch package are linked into a prefix just like any other
conda package, with the following additional features
1. conda maps the `site-packages` directory to the correct location for the python version
in the environment,
2. conda maps the python-scripts directory to either $PREFIX/bin or $PREFIX/Scripts depending
on platform,
3. conda creates the python entry points specified in the conda-build recipe, and
4. conda compiles pyc files at install time when prefix write permissions are guaranteed.
Python noarch packages must be "fully universal." They cannot have OS- or
python version-specific dependencies. They cannot have OS- or python version-specific "scripts"
files. If these features are needed, traditional conda packages must be used. (3712)
* **Multi-User Package Caches**: While the on-disk package cache structure has been preserved,
the core logic implementing package cache handling has had a complete overhaul. Writable and
read-only package caches are fully supported. (4021)
* **Python API Module**: An oft requested feature is the ability to use conda as a python library,
obviating the need to "shell out" to another python process. Conda 4.3 includes a
`conda.cli.python_api` module that facilitates this use case. While we maintain the user-facing
command-line interface, conda commands can be executed in-process. There is also a
`conda.exports` module to facilitate longer-term usage of conda as a library across conda
conda releases. However, conda's python code *is* considered internal and private, subject
to change at any time across releases. At the moment, conda will not install itself into
environments other than its original install environment. (4028)
* **Remove All Locks**: Locking has never been fully effective in conda, and it often created a
false sense of security. In this release, multi-user package cache support has been
implemented for improved safety by hard-linking packages in read-only caches to the user's
primary user package cache. Still, users are cautioned that undefined behavior can result when
conda is running in multiple process and operating on the same package caches and/or
environments. (3862)
Deprecations/Breaking Changes
* Conda will refuse to clobber existing files that are not within the unlink instructions of
the transaction. At the risk of being user-hostile, it's a step forward for conda. We do
anticipate some growing pains. For example, conda will not clobber packages that have been
installed with pip (or any other package manager). In other instances, conda packages that
contain overlapping file paths but are from different package families will not install at
the same time. The `--force` command line flag is the escape hatch. Using `--force` will
let your operation proceed, but also makes clear that you want conda to do something it
considers unsafe.
* Conda signed packages have been removed in 4.3. Vulnerabilities existed. An illusion of security
is worse than not having the feature at all. We will be incorporating The Update Framework
into conda in a future feature release. (4064)
* Conda 4.4 will drop support for older versions of conda-build.
Improvements
* create a new "trace" log level enabled by `-v -v -v` or `-vvv` (3833)
* allow conda to be installed with pip, but only when used as a library/dependency (4028)
* the 'r' channel is now part of defaults (3677)
* private environment support for conda (3988)
* support v1 info/paths.json file (3927, 3943)
* support v1 info/package_metadata.json (4030)
* improved solver hint detection, simplified filtering (3597)
* cache VersionOrder objects to improve performance (3596)
* fix documentation and typos (3526, 3572, 3627)
* add multikey configuration validation (3432)
* some Fish autocompletions (2519)
* reduce priority for packages removed from the index (3703)
* add user-agent, uid, gid to conda info (3671)
* add conda.exports module (3429)
* make http timeouts configurable (3832)
* add a pkgs_dirs config parameter (3691)
* add an 'always_softlink' option (3870, 3876)
* pre-checks for diskspace, etc for fetch and extract (4007)
* address 3879 don't print activate message when quiet config is enabled (3886)
* add zos-z subdir (4060)
* add elapsed time to HTTP errors (3942)
Bug Fixes
* account for the Windows Python 2.7 os.environ unicode aversion (3363)
* fix link field in record object (3424)
* anaconda api token bug fix; additional tests (3673)
* fix 3667 unicode literals and unicode decode (3682)
* add conda-env entrypoint (3743)
* fix 3807 json dump on conda config --show --json (3811)
* fix 3801 location of temporary hard links of index.json (3813)
* fix invalid yml example (3849)
* add arm platforms back to subdirs (3852)
* fix 3771 better error message for assertion errors (3802)
* fix 3999 spaces in shebang replacement (4008)
* config --show-sources shouldn't show force by default (3891)
* fix 3881 don't install conda-env in clones of root (3899)
* conda-build dist compatibility (3909)
Non-User-Facing Changes
* remove unnecessary eval (3428)
* remove dead install_tar function (3641)
* apply PEP-8 to conda-env (3653)
* refactor dist into an object (3616)
* vendor appdirs; remove conda's dependency on anaconda-client import (3675)
* revert boto patch from 2380 (3676)
* move and update ROOT_NO_RM (3697)
* integration tests for conda clean (3695, 3699)
* disable coverage on s3 and ftp requests adapters (3696, 3701)
* github repo hygiene (3705, 3706)
* major install refactor (3712)
* remove test timebombs (4012)
* LinkType refactor (3882)
* move CrossPlatformStLink and make available as export (3887)
* make Record immutable (3965)
* project housekeeping (3994, 4065)
* context-dependent setup.py files (4057)