We've been using renv to handle dependency management and installs, but recently given pak a go to see how the grass is on the other side.
I have a package that I have to support for a legacy system running R3 (ugh). And to make this possible some package versions in the DESCRIPTION file have hard pins == or upper bounds <= on the version.
renv has been able to handle installing this on the system, selecting the right versions of the dependencies to satisfy the archaic environment. When I tried this with pak it reported errors attempting to resolve the dependencies, that looked like this:
The reason for the upper bounds / pins is because the later versions of some of these packages require R4. These errors look like pak is trying to fetch the latest versions of these packages and correctly identifying that it can't install them in the current R3 environment.
Am I doing something wrong? Does pak support == and <= notation in the DESCRIPTION file?
I had hoped that it might even be able to automatically resolve the possible dependencies and find the latest version that satisfied the R3 constraint Although I know that this kind of dependency search can be extremely expensive. Though hoped that doing it on the package repo meta data might allow it.
Project looks super cool and promising, hoping to get a better understanding of it to see if it meets our needs. Thank you very much!
pak will select the right package version, if it is included in the package metadata. However the package metadata typically (e.g. on CRAN) only includes the latest version for each package, so there isn't much to choose from.
Btw. I am not sure how the following could work at all, you obviously cannot install multiple versions of cpp11, so there is no way to satisfy all these requirements, as far as I can tell.
So pak is limited to selecting dependencies from the packages listed in the Packages.rds file in the repo? I have seen before while exploring that CRAN-like repos also provide a /src/contrib/Meta/archive.rds with information about packages in the archive. Is this something you've come across? Does pak also search the Archive for older versions?
I'm also not sure how all of those cpp11 versions come about. Thanks for confirming that this looks completely messed up. I am only pinning this version to 0.5.0, so I'm not sure where the other ==1.1.0 is coming from. Am I right in thinking that each constraint in parens is a version constraint from a different dependency, or transitive dependency of the package?
CRAN-like repos don't need to have archive.rds. CRAN does, others might not.
CRAN's archive.rds does not contain dependency information, so pak cannot use that for dependency resolution. The only way to extract the dependencies of an old package is to download the package file and extract it. That's obviously not feasible.
But even we had information about all dependencies, solving them is an NP-complete integer programming problem, and if every package had several possible candidates, that would make it unsolvable in practice.
and pak development team!
Although I know that this kind of dependency search can be extremely expensive. Though hoped that doing it on the package repo meta data might allow it.