From 7528b6d4fb9d6a2af8335c13c40b70ed27248751 Mon Sep 17 00:00:00 2001 From: Philipp Baumann Date: Tue, 30 Jan 2024 23:30:26 +0100 Subject: [PATCH 1/3] add another security guard for lib locations --- R/nix_build.R | 14 ++++++++++++++ dev/flat_nix_build.Rmd | 16 +++++++++++++++- tests/testthat/test-nix_build.R | 2 +- 3 files changed, 30 insertions(+), 2 deletions(-) diff --git a/R/nix_build.R b/R/nix_build.R index 70406db5..f83cab53 100644 --- a/R/nix_build.R +++ b/R/nix_build.R @@ -28,6 +28,9 @@ nix_build <- function(project_path = ".", exec_mode = c("blocking", "non-blocking")) { # if nix store is not PATH variable; e.g. on macOS (system's) RStudio PATH <- set_nix_path() + if (isTRUE(nzchar(Sys.getenv("NIX_STORE")))) { + remove_r_libs_user() + } has_nix_build <- nix_build_installed() # TRUE if yes, FALSE if no nix_file <- file.path(project_path, "default.nix") @@ -72,6 +75,17 @@ nix_build <- function(project_path = ".", return(invisible(proc)) } +#' @noRd +remove_r_libs_user <- function() { + current_paths <- .libPaths() + userlib_paths <- Sys.getenv("R_LIBS_USER") + user_dir <- grep(paste(userlib_paths, collapse = "|"), current_paths) + new_paths <- current_paths[-user_dir] + # sets new library path without user library, making nix-R pure at + # run-time + invisible(.libPaths(new_paths)) +} + #' @noRd poll_sys_proc_blocking <- function(cmd, proc, what = c("nix-build", "expr")) { diff --git a/dev/flat_nix_build.Rmd b/dev/flat_nix_build.Rmd index b915ec79..640013ee 100644 --- a/dev/flat_nix_build.Rmd +++ b/dev/flat_nix_build.Rmd @@ -41,6 +41,9 @@ nix_build <- function(project_path = ".", exec_mode = c("blocking", "non-blocking")) { # if nix store is not PATH variable; e.g. on macOS (system's) RStudio PATH <- set_nix_path() + if (isTRUE(nzchar(Sys.getenv("NIX_STORE")))) { + remove_r_libs_user() + } has_nix_build <- nix_build_installed() # TRUE if yes, FALSE if no nix_file <- file.path(project_path, "default.nix") @@ -85,6 +88,17 @@ nix_build <- function(project_path = ".", return(invisible(proc)) } +#' @noRd +remove_r_libs_user <- function() { + current_paths <- .libPaths() + userlib_paths <- Sys.getenv("R_LIBS_USER") + user_dir <- grep(paste(userlib_paths, collapse = "|"), current_paths) + new_paths <- current_paths[-user_dir] + # sets new library path without user library, making nix-R pure at + # run-time + invisible(.libPaths(new_paths)) +} + #' @noRd poll_sys_proc_blocking <- function(cmd, proc, what = c("nix-build", "expr")) { @@ -153,7 +167,7 @@ testthat::test_that("Testing that `nix_build()` builds derivation", { skip_on_covr() - path_subshell <- "." + path_subshell <- tempdir() rix_init( project_path = path_subshell, diff --git a/tests/testthat/test-nix_build.R b/tests/testthat/test-nix_build.R index d509fff4..8fe7d3cb 100644 --- a/tests/testthat/test-nix_build.R +++ b/tests/testthat/test-nix_build.R @@ -7,7 +7,7 @@ testthat::test_that("Testing that `nix_build()` builds derivation", { skip_on_covr() - path_subshell <- "." + path_subshell <- tempdir() rix_init( project_path = path_subshell, From b6cd30b46f8722a004087c06a83714323ab5adf4 Mon Sep 17 00:00:00 2001 From: Philipp Baumann Date: Wed, 31 Jan 2024 00:21:02 +0100 Subject: [PATCH 2/3] add nix_build() via fusen --- dev/config_fusen.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dev/config_fusen.yaml b/dev/config_fusen.yaml index 0e66ea7f..06bf0080 100644 --- a/dev/config_fusen.yaml +++ b/dev/config_fusen.yaml @@ -210,7 +210,7 @@ flat_nix_build.Rmd: path: dev/flat_nix_build.Rmd state: active R: R/nix_build.R - tests: [tests/testthat/test-nix_build.R] + tests: tests/testthat/test-nix_build.R vignettes: [] inflate: flat_file: dev/flat_nix_build.Rmd From b5c36666e432459b93ad06fe169e2ce972fba97e Mon Sep 17 00:00:00 2001 From: Philipp Baumann Date: Wed, 31 Jan 2024 00:33:12 +0100 Subject: [PATCH 3/3] do not skip nix_build test on covr --- dev/flat_nix_build.Rmd | 2 +- tests/testthat/test-nix_build.R | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/dev/flat_nix_build.Rmd b/dev/flat_nix_build.Rmd index 640013ee..763a89be 100644 --- a/dev/flat_nix_build.Rmd +++ b/dev/flat_nix_build.Rmd @@ -165,7 +165,7 @@ testthat::test_that("Testing that `nix_build()` builds derivation", { skip_if_not(nix_shell_available()) - skip_on_covr() + # skip_on_covr() path_subshell <- tempdir() diff --git a/tests/testthat/test-nix_build.R b/tests/testthat/test-nix_build.R index 8fe7d3cb..7c04cf49 100644 --- a/tests/testthat/test-nix_build.R +++ b/tests/testthat/test-nix_build.R @@ -5,7 +5,7 @@ testthat::test_that("Testing that `nix_build()` builds derivation", { skip_if_not(nix_shell_available()) - skip_on_covr() + # skip_on_covr() path_subshell <- tempdir()