What and why: Downloading artifact Zlib, Bzip2, MbedTLS

At some companies one have to get permission to download software, and it’s a major effort. Thus, it’s necessary to identify the set of packages needed.
(In fact at my previous company, cloning git repos was simply blocked - there was no way to use julia, period).

I downloaded all the necessary packages including Atom+Juno.

But then in Running Juno, it tries Downloading artifact of Zlib, Bzip2, MbedTLS.

What is Downloading artifact? Shouldn’t that occur when the package is built()?

Artifacts are explained in this excellent blog post.

looks like a good well thought-out design, like most of Julia

except that it further increases the need to download random things at unpredictable times, which is a problem in corporate environment.

Perhaps you misunderstood some things. Artifacts are not “random things”: they come from well-specified sources and are verified:

Note that each artifact contains both a git-tree-sha1 and a sha256 for each download entry. This is to ensure that the downloaded tarball is secure before attempting to unpack it, as well as enforcing that all tarballs must expand to the same overall tree hash.

Also, of course they are not downloaded at “unpredictable times”, but only when you add/update packages. Julia will not start downloading artifacts without the user initiating it.