Checklist
What happened?
CEP 28 states:
When no allow list is available among all the JSON files, but only deny lists are available, a default C:/Windows/System32/*.dll glob is assumed. When no deny list is available among all the JSON files, but only allow lists are available, an empty deny list is assumed. When neither are available, conda build tools should fall back to the current method (as of August 2025).
When both allow lists and deny lists are available, allow lists among all the JSON files are processed first and then deny lists are processed.
However, in the code I see:
def _get_dsolists(build_prefix, host_prefix, subdir):
result = merge_dicts_of_lists(
_get_dsolists_prefix(build_prefix, subdir),
_get_dsolists_prefix(host_prefix, subdir),
)
if subdir.startswith("win-") and (result["allow"] or result["deny"]):
result["allow"].extend(_expand_dsolist(["C:/Windows/System32/**/*.dll"]))
return resultMeaning, when either allow or deny are found, the default is added.
I would have expected:
if subdir.startswith("win-") and (not result["allow"] and result["deny"]):
result["allow"].extend(_expand_dsolist(["C:/Windows/System32/**/*.dll"]))Can you clarify if there is a mistake in my understanding @isuruf? I am happy either way!
PS: if you have a minute to review: prefix-dev/rattler-build#2173 that would be highly appreciated. I am considering to blanket switch to searching dlls from this path instead of using the hard-coded allowlist.
Conda Info
Conda Config
Conda list
Additional Context
No response
Checklist
What happened?
CEP 28 states:
However, in the code I see:
Meaning, when either allow or deny are found, the default is added.
I would have expected:
Can you clarify if there is a mistake in my understanding @isuruf? I am happy either way!
PS: if you have a minute to review: prefix-dev/rattler-build#2173 that would be highly appreciated. I am considering to blanket switch to searching
dllsfrom this path instead of using the hard-coded allowlist.Conda Info
Conda Config
Conda list
Additional Context
No response