Skip to content

Packages: gather customer needs

Created by: olafurpg

We should confirm with big customers whether they need the following features for packages:

  • Repository permissions. For example, is it OK if all Sourcegraph accounts have access to all packages? If not, how do we sync permissions? Is it OK to limit permissions to Sourcegraph organizations, or do we need to dynamically pull in permissions from SAML, or Artifactory, or some other service?
  • What is missing for a world-class site-admin experience? We already anticipate that we need a "Packages" section with the ability to browse details from some kind of packages table (aka. lsif_dependency_repos) with the option to delete/update/sync certain packages/versions.
  • What eviction strategy do we need? Is it OK to indefinitely keep packages forever or must Sourcegraph add the ability to regularly clean up unused packages.
  • What package-related monitoring/observability information do customers need?
  • How painful is it that packages currently have no clone/fetch status? Should we add a progress bar to indicate while a package is being downloaded. Packages typically download quickly so it might not be necessary.
  • Do customer need the ability specify an allow/denylist of packages to sync?
  • performance: are we okay with adding packages to the repo table even if user doesn’t ever want to search them but only wants to navigate cross-repo to defs/refs? This will have performance implications (repo is our most heavily used table and often a performance bottleneck, especially its name index).

Thank you @mrnugget for providing this detailed list of items! 🙏 Many of these items are copy-pasted from a DM. cc/ @macraig