ipyvolume v0.6.2

[regro-cf-autotick-bot]

It is very likely that the current package version for this feedstock is out of date.

Checklist before merging this PR:

• Dependencies have been updated if changed: see upstream
• Tests have passed
• Updated license if changed and license_file is packaged

Information about this PR:

1. Feel free to push to the bot's branch to update this PR if needed.
2. The bot will almost always only open one PR per version.
3. The bot will stop issuing PRs if more than 3 version bump PRs generated by the bot are open. If you don't want to package a particular version please close the PR.
4. If you want these PRs to be merged automatically, make an issue with @conda-forge-admin,please add bot automerge in the title and merge the resulting PR. This command will add our bot automerge feature to your feedstock.
5. If this PR was opened in error or needs to be updated please add the bot-rerun label to this PR. The bot will close this PR and schedule another one. If you do not have permissions to add this label, you can use the phrase @conda-forge-admin, please rerun bot in a PR comment to have the conda-forge-admin add it for you.

Pending Dependency Version Updates

Here is a list of all the pending dependency version updates for this repo. Please double check all dependencies before merging.

Name	Upstream Version	Current Version
scikit-image	0.21.0

Dependency Analysis

Please note that this analysis is highly experimental. The aim here is to make maintenance easier by inspecting the package's dependencies. Importantly this analysis does not support optional dependencies, please double check those before making changes. If you do not want hinting of this kind ever please add bot: inspection: false to your conda-forge.yml. If you encounter issues with this feature please ping the bot team conda-forge/bot.

Analysis by source code inspection shows a discrepancy between it and the the package's stated requirements in the meta.yaml.

Packages found by source code inspection but not in the meta.yaml:

• ipython_genutils
• six
• pytest
• bokeh
• jupyter-packaging
• ipython

_{This PR was created by the regro-cf-autotick-bot. The regro-cf-autotick-bot is a service to automatically track the dependency graph, migrate packages, and propose package version updates for conda-forge. Feel free to drop us a line if there are any issues! This PR was generated by https://github.com/regro/cf-scripts/actions/runs/5156150586, please use this URL for debugging.}

[conda-forge-webservices]

Hi! This is the friendly automated conda-forge-linting service.

I just wanted to let you know that I linted all conda-recipes in your PR (recipe) and found it was in an excellent condition.

[maartenbreddels]

Thank you ❤️
I'm not sure what:

bot:
  inspection: hint-all

does. I couldn't find much documentation on it, except https://conda-forge.org/docs/maintainer/conda_forge_yml.html#bot which refers to auto-tick, but I'm not sure what that is.

Is this responsible for the "Packages found by source code inspection but not in the meta.yaml:" text?

And the update-all you refer to in jupyterlite/pyodide-kernel#48 (comment) will automatically apply the changes?

[bollwyvl]

inspection: hint-all

https://conda-forge.org/docs/maintainer/conda_forge_yml.html#bot

Adding hint-all will encourage the autotick bot use more sources of information, basically re-running grayskull and updating the the PR message with what it finds. Sometimes it fails.

Adding update-all will actually change the meta.yaml. This is fine... as long as no new -/_ package confusion comes along, and again, doesn't do a good job with detecting build-system changes.

Adding automerge: true will automate the "happy day," case, but it's a lot more work to go back and fix bad packages (e.g. with repodata-patches PRs) than it is to have one button click to push out a new version.

While we're here: the list of dependencies is really long, with a number of heavyweight, and the upstream setup.* doesn't actually declare version pins on much of anything. It would be lovely if those were captured as optional-dependencies upstream, with pins, in exactly one place, so they could be more easily compared.

We could also consider splitting this into "real" packages here, with multiple outputs (e.g. ipyvolume[scikit-image]), so that the actual dependencies weren't mixed in with the optional ones. However, grayskull hasn't fully automated this process yet, and pip check is notoriously (perhaps intentionally) bad at finding these kinds of problems.

[maartenbreddels]

We could also consider splitting this into "real" packages here, with multiple outputs (e.g. ipyvolume[scikit-image]),

I'm interested in this, how would the optional dependencies translate to the packages?

Also, for solara, we have solara and solara-assets which are released in sync (solara-assets is only needed for airgapped installs). Would a multi output single recipe for solara/solara-assets work with update-all?

[bollwyvl]

how would the optional dependencies translate to the packages?

A package ends up with:

outputs:
  - name: the-real-package
    requirements:
      - a-real-dependency
  - name: the-real-package-with-foo
    requirements:
      run:
        - {{ pin_subpackage("the-real-package", max_pin="x.x.x") }}
        - foo-dependency

There's no fully-automatic way to do this at present, because of the myriad of PEP517 backends that do stuff every-so-slightly differently than PEP621. grayskull has some support for it, but mostly limited to conventions for test(|s|ing). I've gone the heavyweight road on a few packages with enormous, but important to me, lists that i don't even really trust pip install foo[bar] to get/keep accurate. As mentioned, I'd much rather have something fail fast than ship shoddy.

multi output single recipe work with update-all

no, i don't think so. for some very special cases, it might work, but it relies on some conventions in multi-outputs that are very subtle and confusing (to me) where the package is fully described in the "outer" recipe, but then has an exactly-the-same-named output, but wouldn't update the other outputs' dependencies, today. However, the crucial pin_subpackage would not have to be updated per-PR.

[maartenbreddels]

What I thought of doing is that in the automated release GHA we have, to also automatically open a PR for a conda-forge recipe, instead of having the bot do it.

In that way, the recipe PR is closer in time to the actual release, and any automation errors (that patch the recipe) can be easily fixed to your own repo (and then force push + force push tag to force a re-release).
Any thoughts on that? The indirection via the bot also adds friction I think.

[bollwyvl]

Sure, as a first-party maintainer, you can automate whatever you like! But the autotick bot does keep thousands of packages, with conda-disinterested upstreams, running smoothly, and every package will get migration updates, time-to-time, so the cf bots can't be ignored entirely.

An upstream could certainly adopt a variant of the above-linked script for the "special" cases one might introduce, backed by a declarative data source (e.g. pyproject.toml), and make a PR, add your custom bot to the maintainers, and let it tag things as automerge as it sees fit, to be merged by the conda-forge automerge GHA if everything passes, giving a a human a chance to step in if something breaks.

force push tag

gross