[R-sig-Debian] R-SIG-Debian Digest, Vol 152, Issue 4
Bill Harris
bill_h@rri@ @ending from f@cilit@ted@y@tem@@com
Mon May 14 05:53:35 CEST 2018
On Sun, May 13, 2018 at 9:30 AM, Dirk Eddelbuettel <edd at debian.org> wrote:
>
> On 13 May 2018 at 09:03, Bill Harris wrote:
> |
> | safest way to go. Does something like this make sense:
> |
> |
> | 1. aptitude safe-upgrade should be safe: there won't be any 3.5.0
> Debian
> | packages coming through until the environment is ready for them to
> come
> | through (which most likely means that base R and other Stretch R
> packages
> | are upgraded to 3.5.0?)..
>
> Unsure.
>
> You did not specify if you look only at Debian distro repositories, or if
> you
> include the backports managed by Johannes (which should be safe he plays
> along with the r-api-3.5 tag).
>
Here is my complete sources.list:
#
# deb cdrom:[Official Debian GNU/Linux Live 9.1.0 gnome 2017-07-23T04:21]/
stretch main
#deb cdrom:[Official Debian GNU/Linux Live 9.1.0 gnome 2017-07-23T04:21]/
stretch main
deb http://ftp.us.debian.org/debian/ stretch main non-free contrib
deb-src http://ftp.us.debian.org/debian/ stretch main non-free contrib
deb http://security.debian.org/debian-security stretch/updates main contrib
non-free
deb-src http://security.debian.org/debian-security stretch/updates main
contrib non-free
# stretch-updates, previously known as 'volatile'
deb http://ftp.us.debian.org/debian/ stretch-updates main contrib non-free
deb-src http://ftp.us.debian.org/debian/ stretch-updates main contrib
non-free
## R https://cran.r-project.org/
## deb https://cran.cnr.berkeley.edu/bin/linux/debian stretch-cran34/
deb http://cran.wustl.edu/bin/linux/debian stretch-cran34/
I'll be glad to take advice.
>
> | 2. update.packages() inside R is /not/ safe, because it could pick up
> | problematic packages from CRAN that aren't under your control.
>
> I actually take the opposite view.
>
> I am comfortable compiling from source, so this mode happens to be my
> default. I use the littler scripts install.r and update.r _all the time_ to
> install / update.
>
>
I think I reasoned through to that once, and then I forgot. so
install.packages() and update.packages() is safe; aptitude safe-upgrade
may or may not be safe, depending upon what you see in my sources-list.
Right?
> | 3. install.packages() inside R is /not/ safe, for the same reason.
>
> That seems to be the same as 2. so ...
>
> | 4. A prominent note will be posted here, when these two restrictions
> are
> | removed.
> |
> | Are those true statements? Would steps 2 and 3 work if the packages
> don't
> | require compiled C++ code? If so, is there a way to tell which packages
> | are at risk without memorizing what seems like a very long list?
> |
> | If we (think we) need a new package we don't currently have installed,
> are
> | we out of luck until 3.5.0 is officially released in Stretch?
>
> Again, "pure Debian" or "Debian plus CRAN repos" ?
>
In addition to what you see in my sources.list, I've also installed a few
packages from github or similat (hydromad comes to mind). Perhaps the CRAN
package that might test all this the most is rstan.
I'm okay if a small number of github packages--or any packages, for that
matter--fail; I just would rather not do something that makes a /lot/ of
extra work if I could avoid it.
>
> | Is there a place where an official summary of the state of the R system
> on
> | Stretch is maintained?
> |
> | I've tried to scan this list, but I may well have missed the answers to
> my
> | questions about Stretch.
>
> We're volunteers so something may always fall short somewhere.
> Documentation
> is always a good candidate. Contributions are always welcome.
>
> I'll keep that in mind.
>
Thanks,
Bill
[[alternative HTML version deleted]]
More information about the R-SIG-Debian
mailing list