On Tue, 18 Feb 2025 at 14:05, Dirk Eddelbuettel <e...@debian.org> wrote: > > > Something that had happened to the Rcpp package in the past (but seemingly > went away on its own ?) is now apparently hitting package RcppArmadillo. > > I received private email from the CRAN maintainers reporting, without > offering a fix as there seems to be none, that one of the two pdf vignettes > (which I happen to create as a shallow Rnw -> pdf wrapper around a pre-made > pdf, here that inner pdf had not changed in five years, sigh ...) now upsets > one of these (idiotic, but hey, I am sure that at least they are very > expensive) anti-virus checkers. > > Has anybody figured out a workaround? I see withdrawing the pdf vignette as > (simple but bad) route. Or should I just change the (internal, binary) pdf > payload of the file (hey, one can always update the .bib to newer versions of > the cited packages) and hope for the best? Any other route?
What happened in Rcpp is that the antivirus were detecting an old version of ghostscript that could produce potentially vulnerable outputs. We solved it by rebuilding the vignettes with a newer version of ghostscript. This is most likely the same issue. I can rebuild them and send a PR your way if you want. Best, Iñaki > > Help or tips would be appreciated. > > Best, Dirk > > -- > dirk.eddelbuettel.com | @eddelbuettel | e...@debian.org > > ______________________________________________ > R-package-devel@r-project.org mailing list > https://stat.ethz.ch/mailman/listinfo/r-package-devel > -- Iñaki Úcar ______________________________________________ R-package-devel@r-project.org mailing list https://stat.ethz.ch/mailman/listinfo/r-package-devel
