Re: [R-pkg-devel] Submission to CRAN when package needs personal data (API key)

Spencer Graves Wed, 05 Sep 2018 11:09:02 -0700



On 2018-09-05 12:52, Gábor Csárdi wrote:

On Wed, Sep 5, 2018 at 6:34 PM Spencer Graves
<spencer.gra...@effectivedefense.org> wrote:

The fda package disables some tests on CRAN using:


if(!fda::CRAN()){
      test you don't want run on CRAN
}

Seemingly this just checks for a couple of (5 by default) environment
variables that match "^_R_":
https://github.com/cran/fda/blob/0549e6a86aa144d8c2aade2d8704a269fb8a94ed/R/CRAN.R#L14

I am not sure if this is a good indication of the machine being a CRAN
machine, I do set  some of these
occasionally on my machine.  It would be great if CRAN machines could
set a specific environment
variable globally, e.g. ON_CRAN, or _R_ON_CRAN_, so people could skip
these tests and examples
easily.

Agreed. Before I wrote that function, I asked this list forsuggestions. The suggestion I got was, "Don't do it." I felt that wasnot acceptable so wrote what I did. I think we need a better solution. Spencer


Gabor


        I've used this in other contexts with tests that are too long to
run on CRAN but that I want to run otherwise during "R CMD check".


        Spencer Graves


On 2018-09-05 12:13, Peter Meissner wrote:

Hey,

Maybe webmockr (or something alike) can help:
https://cran.r-project.org/web/packages/webmockr/index.html

Best, Peter

Rainer M Krug <rai...@krugs.de> schrieb am Mi., 5. Sep. 2018, 15:38:

OK - thanks. I will than disable the checks for CRAN.

Thanks,

Rainer

On 5 Sep 2018, at 15:37, Uwe Ligges <lig...@statistik.tu-dortmund.de>

wrote:

You should not run on CRAN. Note that the checks are done almost daily

oin several platforms, hence the API key is used for about 10 check runs a
day.

Best,
Uwe Ligges



On 05.09.2018 09:28, Rainer Krug wrote:

Hi
I have a package at GitHub (https://github.com/rkrug/ROriginStamp)

which I am pre[paring for CRAN.

It creates a trusted timestamp using the API fro OriginStamp (

https://originstamp.org/home) which requires an API key. Now this API
should not be made public, as to much traffic through one API key will lead
to it’s blocking.

I have stored the key encrypted in the travis.yml, and the package

passes all tests.

But if I send it to CRAN, it would fail the tests, as the api key is

not in the package itself.

I could disable all tests for CRAN which need the API key, but I think

it would be better tu run the tests there as well (as an additional check
to travis).

My question:
Is there a way of storing the API key encrypted, so that only the CRAN

test servers can decrypt it, or is there another way can steal with this?

Thanks,
Rainer
--
Rainer M. Krug, PhD (Conservation Ecology, SUN), MSc (Conservation

Biology, UCT), Dipl. Phys. (Germany)

University of Zürich
Cell:       +41 (0)78 630 66 57
email:      rai...@krugs.de
Skype:      RMkrug
PGP: 0x0F52F982
______________________________________________
R-package-devel@r-project.org mailing list
https://stat.ethz.ch/mailman/listinfo/r-package-devel

--
Rainer M. Krug, PhD (Conservation Ecology, SUN), MSc (Conservation
Biology, UCT), Dipl. Phys. (Germany)

University of Zürich

Cell:       +41 (0)78 630 66 57
email:      rai...@krugs.de
Skype:      RMkrug

PGP: 0x0F52F982



______________________________________________
R-package-devel@r-project.org mailing list
https://stat.ethz.ch/mailman/listinfo/r-package-devel

       [[alternative HTML version deleted]]

______________________________________________
R-package-devel@r-project.org mailing list
https://stat.ethz.ch/mailman/listinfo/r-package-devel

______________________________________________
R-package-devel@r-project.org mailing list
https://stat.ethz.ch/mailman/listinfo/r-package-devel


______________________________________________
R-package-devel@r-project.org mailing list
https://stat.ethz.ch/mailman/listinfo/r-package-devel

Re: [R-pkg-devel] Submission to CRAN when package needs personal data (API key)

Reply via email to