This was only minimally touched on at the summit sessions on requirements. The takeaway though is that our mirror should, whenever possible, reflect any of the same breakage exposed upstream in PyPI and not try to shield our CI processes from it... proposals were floated to perform some sort of notification of breakage during mirror builds and then fall back on safe/working behavior instead, but the primary concern there is visibility. The compromise with the most support was if we had some process to automagically open bugs when this happens, and include the list of packages added when that happened.
There was also a related proposals for preemptive testing of upstream dependencies to provide feedback for us (and possibly them depending on openness to it and proximity of our communities) as an early warning system for these sorts of issues.
This was only minimally touched on at the summit sessions on requirements. The takeaway though is that our mirror should, whenever possible, reflect any of the same breakage exposed upstream in PyPI and not try to shield our CI processes from it... proposals were floated to perform some sort of notification of breakage during mirror builds and then fall back on safe/working behavior instead, but the primary concern there is visibility. The compromise with the most support was if we had some process to automagically open bugs when this happens, and include the list of packages added when that happened.
There was also a related proposals for preemptive testing of upstream dependencies to provide feedback for us (and possibly them depending on openness to it and proximity of our communities) as an early warning system for these sorts of issues.