/watcher

Prevents R packages from being loaded into scope

Primary LanguageR

watcher

Travis build status CRAN status Codecov test coverage

The goal of watcher is to prevent R packages from being used through library() and require() calls. This is useful to prevent (un)intentional use of packages not approved within a classroom, research, or company environment.

Installation

This package is only available on GitHub. To install the package, please use:

if(!requireNamespace("remotes")) install.packages("remotes")
remotes::install_github("coatless/watcher")

Usage

To use the watcher package, load it into R using:

library("watcher")
#> No packages are currently prohibited from being used.

From there, any package that is on a blacklist will be prevented from being loaded. The blacklist can be established on a per-session basis or can be loaded as needed.

For example, let’s say we didn’t want to allow toad to be loaded. We would call:

watch_pkg("toad")
#> Added a watch for {toad}.

If we attempted to load toad using either library() or require(), then we would error:

library("toad")
#> Detected {toad} package load...
#> The {toad} package is not allowed to be used.
#> Error in as.environment(lib.pos) : invalid 'pos' argument

require("toad")
#> Loading required package: toad
#> Detected {toad} package load...
#> The {toad} package is not allowed to be used.
#> Failed with error:  'invalid 'pos' argument'

All packages that are prohibited from being used can be viewed with:

watchlist()
#> The following packages are prohibited from being used:
#> *  toad

To allow the package to be used, we would need to remove the watch:

unwatch_pkg("toad")
#> Removed a watch for {toad}.

Then, the package load would be allowed.

library("toad")

Motivation

When designing watcher, the goal was to achieve a “soft-failure” when undesirable packages were loaded via library() or require(). Generally, this follows in the footsteps of strict – which sought to raise issues with undesirable design patterns in code – and, subsequently, conflicted – which addressed search path collisions between similarly named functions in different packages – both by Hadley Wickham. With this being said, there are better variants of protecting the R process. Most notably, the RAppArmor by Jeroen Ooms provides superior sandboxing of R. Alternatively, the version of R could simply not have these packages installed to begin with.

Fun fact: The code for this sat in an untitled.R file for ~2 years.

Author

James Joseph Balamuta

License

GPL (>= 2)