conda-forge's compiler stack uses repackaged libraries from CentOS 6 to supply certain libraries, notably glibc when building recipes. We currently default to using CentOS 6 with the glibc 2.12 ABI. However, CentOS 6 reached end-of-life in November 2020 and increasingly software packages require at least CentOS 7 with the glibc 2.17 ABI. We also realize that due to recent events, some communities that may have been planning to skip CentOS 7 and move straight to CentOS 8 might be reconsidering those plans. Further, they may not be ready for a full-scale switch to CentOS 7. Thus the conda-forge core team has decided to delay moving to CentOS 7 until sometime early next year, likely the end of January 2021 at the earliest. We are actively looking for feedback from our users on this issue. Please do get in touch if you have comments or concerns!

In an effort to better secure conda-forge, we are developing a process to validate artifacts before they are uploaded to anaconda.org. This validation will look for various security-related items, such as artifacts that overwrite key pieces of certain packages. While this process is in development, we will not be rejecting uploads. However, we will start scanning our current artifacts and working with the maintainers of those artifacts to mark broken any which we deem a security risk. We will also be running validation on new artifacts being upload and will report any issues back to feedstocks. At a future date, artifacts that do not pass validation will not be uploaded.

We will be upgrading all GCC-based compilers to version 9.3.0 on all platforms. This upgrade will not affect C or C++ code, but will require a rebuild of all feedstocks that use FORTRAN due to a change in the SONAME. During this rebuild, we will keep the old compiler versions in production, temporarily doubling the build matrix. Once the migration is deemed complete, these old compiler versions will be removed.

We have now completed rolling out the new staging process for uploads to anaconda.org. Direct uploads to the conda-forge channel will no longer work. If you are having trouble with package uploads, please rerender your feedstock with the latest version of conda-smithy. As always, if you need help, bump us on Gitter or GitHub!

We have fixed a bug where the maintainers of feedstocks listed in the meta.yaml did not match those listed in the GitHub team. Due to this change, you may notice emails from GitHub informing you that you have been removed from a GitHub team if you have recently removed yourself from a feedstock via changing the meta.yaml. A similar fix has been applied for maintenance teams as well, though you will not see emails from this fix.

We are very excited to announce that new compilers based on repackaged sysroot's from CentOS 7 are now available for all linux-* platforms. These compilers will be the default going forward for any gcc, gxx, and gfortran versions past 8.4.0 on ppc64le and 7.5.0 on x86_64/aarch64.

On the linux-64 platform, we have also built the CentOS 6 sysroot and set it as the default, consistent with our current compilers. To use the CentOS 7 sysroot on linux-64, add a requirement of sysroot_linux-64 2.17 to the build section of your recipe. You also need to set the proper Docker image in your conda_build_config.yaml. See Using CentOS 7 <centos7> for details.

In accordance with NEP-29, we have switched to have numpy 1.16 as the minimum supported version on all platforms.

We have changed the OSX and Linux platforms to enforce strict channel priority in package builds. This change means that if a package is available in the conda-forge channels, the conda solver will not consider any versions of the package from other channels. Users can disable this by setting channel_priority: flexible in their conda-forge.yml.

The main change is that openblas will use pthreads for threading by default on Linux instead of the previous openmp default. The openmp builds can be recovered by installing libopenblas=*=*openmp*.

conda-forge is moving to a new system for generating Core Dependency Tree (CDT) packages. These changes include:

• CDT packages will no longer be built using feedstocks and this practice is officially deprecated.
• Any current CDT packages in feedstocks will be moved to the new conda-forge/cdt-builds repo and the feedstock will be archived. Members of core will be doing this slowly on an as-needed basis, so it may not happen right away.
• Requests for new CDTs should be submitted as PRs to the conda-forge/cdt-builds repo.

These changes are being made so that conda-forge can provide access to CentOS 7 / glibc 2.17 for linux-64 builds. They will also move more of the packages needed for conda-forge builds into the conda-forge channels making builds more reliable.