Aye. I rly need to get back to my security & privacy "R" post. The
slipstreaming in of these binaries is somewhat frightening. Almost as
frightening as being stuck on Windows 😀
On Sat, Aug 13, 2016 at 13:09 Dirk Eddelbuettel <e...@debian.org> wrote:
>
> I don't think there is a good "generally applicable" solution. We have a
> bunch of hacks. Below are three quickly picked examples from packages of
> mine:
>
> RQuantLib relies on environment variables and a 'library that needs to just
> be there' on the build host:
>
> ## The environment variable QUANTLIB_ROOT has to point to an existing
> build of QuantLib
> ## With R 2.12.0 and later, we also support 32 and 64 bit builds and
> need to differentiate
> PKG_CPPFLAGS=-I$(QUANTLIB_ROOT) -I../inst/include -I. -I$(BOOSTLIB)
> PKG_CXXFLAGS=$(SHLIB_OPENMP_CFLAGS) -fpermissive
> PKG_LIBS=-L$(QUANTLIB_ROOT)/lib${R_ARCH} -lQuantLib
> $(SHLIB_OPENMP_CFLAGS)
>
> RcppGSL does the same
>
> ## This assumes that the LIB_GSL variable points to working GSL
> libraries
> PKG_CPPFLAGS=-I$(LIB_GSL)/include -I../inst/include
> PKG_LIBS=-L$(LIB_GSL)/lib -lgsl -lgslcblas
>
> Rblpapi copies a library (for which we have 'free' binaries but no source)
> in
> from GitHub:
>
> ## target to ensure tar.gz files get unpacked
> ## the opening '@' ensures operations are executed 'quietly'
> ## in order to see commands as they happens add a 'v' to the tar and cp
> commands
> ## curl has '-k' flag to suppress certificate warnings
> blpLibrary:
> @if [ ! -d ../inst ]; then mkdir -p ../inst; fi
> @if [ ! -d ../blp/win/${FLV} ]; then mkdir -p
> ../blp/win/${FLV}; fi
> @if [ ! -f ../blp/win/${FLV}/blpHeaders.tar.gz ]; then
> curl -s -k -L -O
> https://github.com/Rblp/blp/raw/master/headers/windows/blpHeaders.tar.gz;
> mv blpHeaders.tar.gz ../blp/win/${FLV}; tar xfz
> ../blp/win/${FLV}/blpHeaders.tar.gz -C ../inst; fi
> @if [ ! -f ../blp/win/${FLV}/blpLibrary.tar.gz ]; then
> curl -s -k -L -O
> https://github.com/Rblp/blp/raw/master/win${WIN}/blpLibrary.tar.gz; mv
> blpLibrary.tar.gz ../blp/win/${FLV}; tar xfz
> ../blp/win/${FLV}/blpLibrary.tar.gz; fi
> @if [ ! -d ${FLV} ]; then mkdir -p ${FLV}; fi
> @cp blpapi3_${WIN}.dll ${FLV}
> @if [ ! -d ../inst/libs/${FLV} ]; then mkdir -p
> ../inst/libs/${FLV}; fi
> @cp blpapi3_${WIN}.dll ../inst/libs/${FLV}
>
>
> None of that really generalizes well. The last bit, much like the
> so-called
> anticonf pattern, is more or less a non-standard practice exposing a
> security
> risk by copying in code from a semi-random location which could be hijacked
> or man-in-the-middle'd.
>
> Really all this is just pretending that Windows is an envrionment on which
> you can deploy proper build systems -- similar to what we are used from the
> likes of dpkg/apt/yum or brew. But in all honesty you just can't.
>
> So I would not try to aim for something overly general. It is Windows
> after all.
>
> Dirk
>
> --
> http://dirk.eddelbuettel.com | @eddelbuettel | e...@debian.org
>
[[alternative HTML version deleted]]
______________________________________________
R-package-devel@r-project.org mailing list
https://stat.ethz.ch/mailman/listinfo/r-package-devel
