The goal of watcher is to prevent R packages from being used through
library() and require() calls. This is useful to prevent
(un)intentional use of packages not approved within a classroom,
research, or company environment.
This package is only available on GitHub. To install the package, please use:
if(!requireNamespace("remotes")) install.packages("remotes")
remotes::install_github("coatless/watcher")To use the watcher package, load it into R using:
library("watcher")
#> No packages are currently prohibited from being used.From there, any package that is on a blacklist will be prevented from being loaded. The blacklist can be established on a per-session basis or can be loaded as needed.
For example, let’s say we didn’t want to allow toad to be loaded. We
would call:
watch_pkg("toad")
#> Added a watch for {toad}.If we attempted to load toad using either library() or require(),
then we would error:
library("toad")
#> Detected {toad} package load...
#> The {toad} package is not allowed to be used.
#> Error in as.environment(lib.pos) : invalid 'pos' argument
require("toad")
#> Loading required package: toad
#> Detected {toad} package load...
#> The {toad} package is not allowed to be used.
#> Failed with error: 'invalid 'pos' argument'All packages that are prohibited from being used can be viewed with:
watchlist()
#> The following packages are prohibited from being used:
#> * toadTo allow the package to be used, we would need to remove the watch:
unwatch_pkg("toad")
#> Removed a watch for {toad}.Then, the package load would be allowed.
library("toad")When designing watcher, the goal was to achieve a “soft-failure” when
undesirable packages were loaded via library() or require().
Generally, this follows in the footsteps of
strict – which sought to raise
issues with undesirable design patterns in code – and, subsequently,
conflicted – which addressed
search path collisions between similarly named functions in different
packages – both by Hadley Wickham. With this being said, there are
better variants of protecting the R process. Most notably, the
RAppArmor by Jeroen
Ooms provides superior sandboxing of R. Alternatively, the version of
R could simply not have these packages installed to begin with.
Fun fact: The code for this sat in an untitled.R file for ~2 years.
James Joseph Balamuta
GPL (>= 2)