R SIG Debian - May 2018 - R-SIG-Debian Digest, Vol 152, Issue 4

>
> Date: Sat, 5 May 2018 18:02:12 -0500
> From: Dirk Eddelbuettel <edd at debian.org>
> To: Matthieu S <matthieu.stigler at gmail.com>
> Cc: r-sig-debian at r-project.org
> Subject: Re: [R-sig-Debian] Ubuntu 18.04 bionic: availability of R
>         Ubuntu packages/ppa?
> Message-ID: <23278.14324.913149.453495 at rob.eddelbuettel.com>
> Content-Type: text/plain; charset="us-ascii"
>
> Thanks, we try. Not too much infrastructure that we have built so these
> transitions can be slow.  On my side, Debian has one schedules but not yet
> started.

Dirk, all,

I can't say enough about my appreciation of the work you folks do in
keeping R going so well on Debian.

In these interesting times, I think you're saying that things will resolve
themselves at some point, but we're in a transition.  I see a number of
postings on Ubuntu, but I'm on Debian Stretch, trying to figure out the
safest way to go.  Does something like this make sense:


   1. aptitude safe-upgrade should be safe: there won't be any 3.5.0 Debian
   packages coming through until the environment is ready for them to come
   through (which most likely means that base R and other Stretch R packages
   are upgraded to 3.5.0?)..
   2. update.packages() inside R is /not/ safe, because it could pick up
   problematic packages from CRAN that aren't under your control.
   3. install.packages() inside R is /not/ safe, for the same reason.
   4. A prominent note will be posted here, when these two restrictions are
   removed.

Are those true statements?  Would steps 2 and 3 work if the packages don't
require compiled C++ code?  If so, is there a way to tell which packages
are at risk without memorizing what seems like a very long list?

If we (think we) need a new package we don't currently have installed, are
we out of luck until 3.5.0 is officially released in Stretch?

Is there a place where an official summary of the state of the R system on
Stretch is maintained?

I've tried to scan this list, but I may well have missed the answers to my
questions about Stretch.

Thank you,

Bill

	[[alternative HTML version deleted]]

Hi,

I wonder if you have read the notes on R 3.5.0 on stretch on

https://cran.r-project.org/bin/linux/debian/

I think this should answer your questions. If not, please let us know.

Johannes

Am Sonntag, 13. Mai 2018, 09:03:13 CEST schrieb Bill
Harris:
> > Date: Sat, 5 May 2018 18:02:12 -0500
> > From: Dirk Eddelbuettel <edd at debian.org>
> > To: Matthieu S <matthieu.stigler at gmail.com>
> > Cc: r-sig-debian at r-project.org
> > Subject: Re: [R-sig-Debian] Ubuntu 18.04 bionic: availability of R
> > 
> >         Ubuntu packages/ppa?
> > 
> > Message-ID: <23278.14324.913149.453495 at rob.eddelbuettel.com>
> > Content-Type: text/plain; charset="us-ascii"
> > 
> > Thanks, we try. Not too much infrastructure that we have built so
these
> > transitions can be slow.  On my side, Debian has one schedules but not
yet
> > started.
> 
> Dirk, all,
> 
> I can't say enough about my appreciation of the work you folks do in
> keeping R going so well on Debian.
> 
> In these interesting times, I think you're saying that things will
resolve
> themselves at some point, but we're in a transition.  I see a number of
> postings on Ubuntu, but I'm on Debian Stretch, trying to figure out the
> safest way to go.  Does something like this make sense:
> 
> 
>    1. aptitude safe-upgrade should be safe: there won't be any 3.5.0
Debian
>    packages coming through until the environment is ready for them to come
>    through (which most likely means that base R and other Stretch R
packages
> are upgraded to 3.5.0?)..
>    2. update.packages() inside R is /not/ safe, because it could pick up
>    problematic packages from CRAN that aren't under your control.
>    3. install.packages() inside R is /not/ safe, for the same reason.
>    4. A prominent note will be posted here, when these two restrictions are
>    removed.
> 
> Are those true statements?  Would steps 2 and 3 work if the packages
don't
> require compiled C++ code?  If so, is there a way to tell which packages
> are at risk without memorizing what seems like a very long list?
> 
> If we (think we) need a new package we don't currently have installed,
are
> we out of luck until 3.5.0 is officially released in Stretch?
> 
> Is there a place where an official summary of the state of the R system on
> Stretch is maintained?
> 
> I've tried to scan this list, but I may well have missed the answers to
my
> questions about Stretch.
> 
> Thank you,
> 
> Bill
> 
> 	[[alternative HTML version deleted]]
> 
> _______________________________________________
> R-SIG-Debian mailing list
> R-SIG-Debian at r-project.org
> https://stat.ethz.ch/mailman/listinfo/r-sig-debian

-- 
PD Dr. Johannes Ranke
Grenzach-Wyhlen

On 13 May 2018 at 09:03, Bill Harris wrote:
| In these interesting times, I think you're saying that things will resolve
| themselves at some point, but we're in a transition.  I see a number of
| postings on Ubuntu, but I'm on Debian Stretch, trying to figure out the
| safest way to go.  Does something like this make sense:
| 
| 
|    1. aptitude safe-upgrade should be safe: there won't be any 3.5.0
Debian
|    packages coming through until the environment is ready for them to come
|    through (which most likely means that base R and other Stretch R packages
|    are upgraded to 3.5.0?)..

Unsure.

You did not specify if you look only at Debian distro repositories, or if you
include the backports managed by Johannes (which should be safe he plays
along with the r-api-3.5 tag).

|    2. update.packages() inside R is /not/ safe, because it could pick up
|    problematic packages from CRAN that aren't under your control.

I actually take the opposite view.

I am comfortable compiling from source, so this mode happens to be my
default. I use the littler scripts install.r and update.r _all the time_ to
install / update.

|    3. install.packages() inside R is /not/ safe, for the same reason.

That seems to be the same as 2. so ...

|    4. A prominent note will be posted here, when these two restrictions are
|    removed.
| 
| Are those true statements?  Would steps 2 and 3 work if the packages don't
| require compiled C++ code?  If so, is there a way to tell which packages
| are at risk without memorizing what seems like a very long list?
| 
| If we (think we) need a new package we don't currently have installed, are
| we out of luck until 3.5.0 is officially released in Stretch?

Again, "pure Debian" or "Debian plus CRAN repos" ?
 
| Is there a place where an official summary of the state of the R system on
| Stretch is maintained?
| 
| I've tried to scan this list, but I may well have missed the answers to my
| questions about Stretch.

We're volunteers so something may always fall short somewhere. Documentation
is always a good candidate.  Contributions are always welcome.

Dirk

-- 
http://dirk.eddelbuettel.com | @eddelbuettel | edd at debian.org

On Sun, May 13, 2018 at 9:30 AM, Dirk Eddelbuettel <edd at debian.org>
wrote:
>
> On 13 May 2018 at 09:03, Bill Harris wrote:
> |
> | safest way to go.  Does something like this make sense:
> |
> |
> |    1. aptitude safe-upgrade should be safe: there won't be any 3.5.0
> Debian
> |    packages coming through until the environment is ready for them to
> come
> |    through (which most likely means that base R and other Stretch R
> packages
> |    are upgraded to 3.5.0?)..
>
> Unsure.
>
> You did not specify if you look only at Debian distro repositories, or if
> you
> include the backports managed by Johannes (which should be safe he plays
> along with the r-api-3.5 tag).
>
Here is my complete sources.list:

#

# deb cdrom:[Official Debian GNU/Linux Live 9.1.0 gnome 2017-07-23T04:21]/
stretch main

#deb cdrom:[Official Debian GNU/Linux Live 9.1.0 gnome 2017-07-23T04:21]/
stretch main

deb http://ftp.us.debian.org/debian/ stretch main non-free contrib
deb-src http://ftp.us.debian.org/debian/ stretch main non-free contrib

deb http://security.debian.org/debian-security stretch/updates main contrib
non-free
deb-src http://security.debian.org/debian-security stretch/updates main
contrib non-free

# stretch-updates, previously known as 'volatile'
deb http://ftp.us.debian.org/debian/ stretch-updates main contrib non-free
deb-src http://ftp.us.debian.org/debian/ stretch-updates main contrib
non-free

## R https://cran.r-project.org/
## deb https://cran.cnr.berkeley.edu/bin/linux/debian stretch-cran34/
deb http://cran.wustl.edu/bin/linux/debian stretch-cran34/

I'll be glad to take advice.

>
> |    2. update.packages() inside R is /not/ safe, because it could pick up
> |    problematic packages from CRAN that aren't under your control.
>
> I actually take the opposite view.
>
> I am comfortable compiling from source, so this mode happens to be my
> default. I use the littler scripts install.r and update.r _all the time_ to
> install / update.
>
>
I think I reasoned through to that once, and then I forgot.  so
install.packages() and update.packages() is safe; aptitude  safe-upgrade
may or may not be safe, depending upon what you see in my sources-list.
Right?

> |    3. install.packages() inside R is /not/ safe, for the same reason.
>
> That seems to be the same as 2. so ...
>
> |    4. A prominent note will be posted here, when these two restrictions
> are
> |    removed.
> |
> | Are those true statements?  Would steps 2 and 3 work if the packages
> don't
> | require compiled C++ code?  If so, is there a way to tell which packages
> | are at risk without memorizing what seems like a very long list?
> |
> | If we (think we) need a new package we don't currently have
installed,
> are
> | we out of luck until 3.5.0 is officially released in Stretch?
>
> Again, "pure Debian" or "Debian plus CRAN repos" ?
>
In addition to what you see in my sources.list, I've also installed a few
packages from github or similat (hydromad comes to mind).  Perhaps the CRAN
package that might test all this the most is rstan.

I'm okay if a small number of github packages--or any packages, for that
matter--fail; I just would rather not do something that makes a /lot/ of
extra work if I could avoid it.
>
> | Is there a place where an official summary of the state of the R system
> on
> | Stretch is maintained?
> |
> | I've tried to scan this list, but I may well have missed the answers
to
> my
> | questions about Stretch.
>
> We're volunteers so something may always fall short somewhere.
> Documentation
> is always a good candidate.  Contributions are always welcome.
>
> I'll keep that in mind.
>
Thanks,

Bill

	[[alternative HTML version deleted]]

On Sun, May 13, 2018 at 9:27 AM, Johannes Ranke <jranke at uni-bremen.de>
wrote:
> Hi,
>
> I wonder if you have read the notes on R 3.5.0 on stretch on
>
> https://cran.r-project.org/bin/linux/debian/
>
> I think this should answer your questions. If not, please let us know.
>
>
Johannes,

I think I have--I think that's how I got the last line in my
sources.list--but I missed it this morning in my hurry.

Do I understand correctly that I should be able to replace the last line of
my sources.list (in my reply to Dirk) with

deb http://<favourite-cran-mirror>/bin/linux/debian stretch-cran35/


and then use

update.packages(lib.loc="/usr/local/lib/R/site-library", ask=FALSE,
checkBuilt=TRUE)


to update all my packages (all packages--or just those that use Rcpp?)?
That seems to suggest I /not/ let aptitude safe-upgrade touch anything in
R, right?  I'm guessing / hoping I can use that to update all my CRAN R
packages.  Do I need to do anything to keep any of the r-cran-... Debian
packages from updating?

Figuring out which packages used Rcpp and which didn't seems tedious; am I
right?

Thanks,

Bill

	[[alternative HTML version deleted]]