[R-sig-DB] RMySQL release candidate 0-7.0

Mon Nov 17 17:01:08 CET 2008

Prof Brian Ripley wrote:
> On Mon, 17 Nov 2008, Paul Gilbert wrote:
> 
>> Dirk Eddelbuettel wrote:
>>> On 16 November 2008 at 11:26, Prof Brian Ripley wrote:
>>> | 5) Uwe Ligges and I and Dirk Edelbuettel (as maintainer) have 
>>> worked out a [ Almost:  s/Edel/Eddel/ ]
>>>
>>> | way to have RPostgreSQL built on the main Windows package builder.  
>>> We | could try to do the same here, but none of us are happy with 
>>> distributing | a binary build that has no tests at all (as RMySQL 
>>> runs no actual | examples).  So can we please have a test suite?  You 
>>> will need to allow | the DBMS account, password and database name to 
>>> be set via environment | variables, as for RPostgreSQL.
>>>
>>> That was a leftover of me trying to get the Summer of Code whom I 
>>> mentored
>>> for RPostgreSQL student to write 'test-driven' code. Which didn't 
>>> work so
>>> well as he wrote code but few tests, but I ended up writing some 
>>> tests for
>>> him.  Kurt then had an issue with these tests running 
>>> _un_conditionally and
>>> hence upsettting CRAN tests (that have no backend) so between Uwe, 
>>> Brian and
>>> myself we came up with code where each file in tests/ starts as
>>>
>>>
>>> ----------------------------------------------------------------------------- 
>>>
>>> if ((Sys.getenv("POSTGRES_USER") != "") &
>>>     (Sys.getenv("POSTGRES_HOST") != "") &
>>>     (Sys.getenv("POSTGRES_DATABASE") != "")) {
>>
>> I've been setting this information in ~.pgpass (~/.my.cnf for MySQL) 
>> in Linux and understood it could be set in Windows 
>> %APPDATA%\postgresql\pgpass.conf and C:\my.cnf, although it may be 
>> machine specific rather than user specific in Windows.  I believe 
>> setting this way is considered more secure, although security may not 
>> be  the concern for package tests.  I assume this option was 
>> considered. Is there a complication that makes it difficult?
> 
> Yes, the DBMS account used for testing is not my own working account.
> 
> I really don't see giving that having the settings in your file is any 
> more secure: they are even in a known place.  Note that I at least do 
> not set a password this way.

I guess the important security question is about the password, so how do 
you set the password for tests?

Paul
> 
>>
>> Paul
>>
>>>
>>>     ## try to load our module and abort if this fails
>>>     stopifnot(require(RPostgreSQL))
>>>
>>>     ## load the PostgresSQL driver
>>>     drv <- dbDriver("PostgreSQL")
>>>     ## can't print result as it contains process id which changes 
>>> print(summary(drv))
>>>
>>>     ## connect to the default db
>>>     con <- dbConnect(drv,
>>>                      user=Sys.getenv("POSTGRES_USER"),
>>>                      password=Sys.getenv("POSTGRES_PASSWD"),
>>>                      host=Sys.getenv("POSTGRES_HOST"),
>>>                      dbname=Sys.getenv("POSTGRES_DATABASE"))
>>>
>>>
>>>     # tests follow below ...
>>>
>>> ----------------------------------------------------------------------------- 
>>>
>>>
>>> which allowed Brian and Uwe to test on their end as well.  The actual 
>>> tests
>>> are creating (and the removing) tables and ensuring things come out as
>>> identical() and/or same class() as the input.  I still need to add 
>>> one for
>>> transaction management.
>>>  | 6) I've put a version of the revised sources I used to test on 
>>> Windows | (and with updated documentation and unused files removed) at
>>> | | http://www.stats.ox.ac.uk/pub/R/RMySQL_0.7-1.tar.gz
>>> | | I tested MySQL 5.0.67 on Windows and 5.0.45 on Linux, and I think 
>>> these | days we should only support MySQL 5.
>>>
>>> As Debian maintainer for r-cran-rmysql I'd also be happy to test there.
>>>
>>> Dirk
>>>
>> ==================================================================================== 
>>
>>
>> La version française suit le texte anglais.
>>
>> ------------------------------------------------------------------------------------ 
>>
>>
>> This email may contain privileged and/or confidential information, and 
>> the Bank of
>> Canada does not waive any related rights. Any distribution, use, or 
>> copying of this
>> email or the information it contains by other than the intended 
>> recipient is
>> unauthorized. If you received this email in error please delete it 
>> immediately from
>> your system and notify the sender promptly by email that you have done 
>> so. 
>> ------------------------------------------------------------------------------------ 
>>
>>
>> Le présent courriel peut contenir de l'information privilégiée ou 
>> confidentielle.
>> La Banque du Canada ne renonce pas aux droits qui s'y rapportent. 
>> Toute diffusion,
>> utilisation ou copie de ce courriel ou des renseignements qu'il 
>> contient par une
>> personne autre que le ou les destinataires désignés est interdite. Si 
>> vous recevez
>> ce courriel par erreur, veuillez le supprimer immédiatement et envoyer 
>> sans délai à
>> l'expéditeur un message électronique pour l'aviser que vous avez 
>> éliminé de votre
>> ordinateur toute copie du courriel reçu.
>>
> 
====================================================================================

La version française suit le texte anglais.

------------------------------------------------------------------------------------

This email may contain privileged and/or confidential in...{{dropped:26}}