[R-pkg-devel] Ensuring permanence and SHA consistency of released CRAN packages for validated software

Iñaki Ucar |uc@r @end|ng |rom |edor@project@org
Thu Mar 17 11:52:45 CET 2022


On Thu, 17 Mar 2022 at 11:40, Borini, Stefano
<stefano.borini using astrazeneca.com> wrote:
>
> Then I argue that the model is wrong. Platforms change all the time, but package release and package testing are two separate operations.

I answered the question "why rebuild the package that has already been
built?". I didn't say that the rebuilt package had to be republished.
In fact, they're not in general. And when it's really needed because
something in the packaging changed but the upstream source didn't
change, then there's a "release" tag that is incremented and added as
a suffix to the version.

> I also guess it hardly scales. If the number of packages were to increase, you can’t rebuild and retest them all every time a linux distribution changes something and you want to retest the whole lot against it.

Well, we do.

-- 
Iñaki Úcar



More information about the R-package-devel mailing list