claude
7fecaf491a
Build and Deploy Verso / deploy (push) Successful in 9m23s
Previously userCanInstallPython used ignorePublicAccess: true, which blocked token-link users (not-yet-joined) and logged-in readers of public projects from installing packages. This caused Quarto presentations with Python cells to fail for shared read-only users even when the required packages were already listed in requirements.vrf. The security model is: what gets installed is fully controlled by requirements.vrf, which is only writable by members with write access. There is therefore no security reason to block other readers from triggering installation of already-approved packages. Drop ignorePublicAccess so all users with any privilege level (direct, token-based, or public-project) can trigger the venv install. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>