[R-pkg-devel] Submission to CRAN when package needs personal data (API key)
Uwe Ligges
ligge@ @ending from @t@ti@tik@tu-dortmund@de
Wed Sep 5 15:37:10 CEST 2018
You should not run on CRAN. Note that the checks are done almost daily
oin several platforms, hence the API key is used for about 10 check runs
a day.
Best,
Uwe Ligges
On 05.09.2018 09:28, Rainer Krug wrote:
> Hi
>
> I have a package at GitHub (https://github.com/rkrug/ROriginStamp) which I am pre[paring for CRAN.
>
> It creates a trusted timestamp using the API fro OriginStamp (https://originstamp.org/home) which requires an API key. Now this API should not be made public, as to much traffic through one API key will lead to it’s blocking.
>
> I have stored the key encrypted in the travis.yml, and the package passes all tests.
>
> But if I send it to CRAN, it would fail the tests, as the api key is not in the package itself.
>
> I could disable all tests for CRAN which need the API key, but I think it would be better tu run the tests there as well (as an additional check to travis).
>
> My question:
>
> Is there a way of storing the API key encrypted, so that only the CRAN test servers can decrypt it, or is there another way can steal with this?
>
> Thanks,
>
> Rainer
>
>
>
> --
> Rainer M. Krug, PhD (Conservation Ecology, SUN), MSc (Conservation Biology, UCT), Dipl. Phys. (Germany)
>
> University of Zürich
>
> Cell: +41 (0)78 630 66 57
> email: Rainer using krugs.de
> Skype: RMkrug
>
> PGP: 0x0F52F982
>
>
>
>
>
> ______________________________________________
> R-package-devel using r-project.org mailing list
> https://stat.ethz.ch/mailman/listinfo/r-package-devel
>
More information about the R-package-devel
mailing list