pak icon indicating copy to clipboard operation
pak copied to clipboard

Published 20 hours ago verified publisher icon r-lib

Allow manual selection between sources for the same package

Open gaborcsardi opened this issue 2 years ago • 7 comments

E.g. if we want user1/repo1, but one of our dependencies wants user2/repo2, we should have a way to force user1/repo1. A ?force parameter could work:

pkg_install("user1/repo1?force", ...)

gaborcsardi avatar Nov 26 '21 12:11 gaborcsardi

This would be great to have for rstudio/shinycoreci testing.

Motivation

By using URL installations, we would be able to keep GITHUB_PAT usage to a minimum. (I am ok with the slower installation speeds for the advantage of minimal GITHUB_PAT usage.)

Currently, I get [valid] errors like:

Error: Cannot install packages:
* url::https://github.com/rstudio/shinytest2/archive/HEAD.zip:
  * Can't install dependency rstudio/shiny
  * Can't install dependency rstudio/shinyvalidate
* rstudio/shinyvalidate: Conflicts with url::https://github.com/rstudio/shinyvalidate/archive/HEAD.zip
* rstudio/shiny: Conflicts with url::https://github.com/rstudio/shiny/archive/HEAD.zip

It would be great to set ?force in the URL and have these errors ignored

schloerke avatar Apr 19 '22 16:04 schloerke

@schloerke you can specify a read only, ephemeral PAT, though, no? If this is for GH actions.

gaborcsardi avatar Apr 19 '22 17:04 gaborcsardi

Do you have any docs on this?

Correct, I'm using GHA. Currently, I'm hitting my API limit within the hour using the standard secrets.GITHUB_TOKEN when I push many times (> 4 times).

schloerke avatar Apr 19 '22 17:04 schloerke

This is how you restrict the permissions for the temporary token: https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

AFAIR the rate limit for the automatic token is 1000 requests per hour per repo, which is usually more than enough. But if you hit it, you can use a read-only token for a dummy user, to get 5000 requests per hour.

gaborcsardi avatar Apr 19 '22 17:04 gaborcsardi

Ah! Turning on the read only would be a good idea to do regardless of the solution. Thank you!

rstudio/shinycoreci is hitting the 1k requests per hour while using the automatic tokens. ~ 20 repos * 15 testing combinations for each push allows for about 3 successful runs before I hit an API limit on the 4th push.

I like the idea for a dummy user if I run into constant trouble. So far it is only been a few times. Thanks!

schloerke avatar Apr 19 '22 17:04 schloerke

I thought that the limit of the automatic token was per repo,no?

gaborcsardi avatar Apr 19 '22 18:04 gaborcsardi

Correct! Sorry, poor wording on my part.

(The single repo) rstudio/rshinycoreci installs 26 packages from GitHub during testing on 15x testing combinations. This causes the (1k) token limit to be reached quickly when I'm debugging. (It works great for nightly testing!)

Example of Rate Limit being reached.

This situation would probably be fixed with a dummy account's PAT being used.

schloerke avatar Apr 19 '22 19:04 schloerke