If you have used Cargo/npm/any Python package manager/etc, it will be very familiar.
If you have used Cargo/npm/any Python package manager/etc, it will be very familiar.
I'm not affiliated, btw, just a happy user. Shout out to DHH for introducing it (to me) as part of Omakub.
Microsoft's CRAN time machine helped solved this, but I think they've recently shut it down and I don't really trust Posit to not have a version behind a paywall.
What the CRAN time machine (and now Posit Package Manager) does is take that compatibility guarantee, and freeze it so you have access to all the same, compatible, packages at any moment in time.
While I personally do use PPM fairly extensively, I do understand the paywall concern for long-term reproducibility so `rv` can help you here, with a bit of manual massaging. I'd recommend setting the repositories section of the config file to be a snapshot date in PPM that contains the package version(s) you're interested in and then installing using that repository (taking the benefit of that CRAN guarantee), then in both the config file and `rv.lock`, replace all the references to the PPM repo with your preferred CRAN mirror. This will allow you to resolve to compatible package versions, but then for your POSIT concern, will still be able to reproduce using the CRAN archive.
For example: https://packagemanager.posit.co/cran/2025-03-02
You can browse available snapshot dates here: https://packagemanager.posit.co/client/#/repos/cran/setup?sn...
This also works for PyPI and Python packages: https://packagemanager.posit.co/pypi/2025-03-04/simple
feels we eagerly need cv -> C/C++ package manager
Is there any plan to have it create a manifest (like renv.lock) that can be used directly with the posit publishing system?
mbeavitt•11mo ago
goosedragons•11mo ago
scrappyjoe•11mo ago
arbutus8•11mo ago
`renv` is an iterative process of installing some packages, then snapshotting your project state, and then trying to reproduce. The time between the installation and snapshot can often lose information (think `install.packages("my_pkg", repos = "https://my-repo.com")`, your repo source is lost by time the snapshot occurs). You can also install incompatible versions over-time.
rv solves both of these problems because it will lock the source at the time of installation. Additionally, because it is declarative, we are able to resolve the full dependency tree before installing packages to ensure everything will be compatible.
While I am a big proponent of using rv, if renv fits your needs, then switching to rv may not be worth it. For our organization, we did have multiple issues with renv, so created a replacement for it that we hope others in the community will find useful to address their needs.
aquafox•11mo ago
Keats•11mo ago
okanat•11mo ago
pupperino•11mo ago