Embed keyring

.Rbuildignore

@@ -53,3 +53,4 @@
 ^src/library/ps/src/px$
 ^src/library/zip/src/tools/cmdunzip$
 ^src/library/zip/src/tools/cmdzip$
+^src/library/keyring/src/Makevars$

.gitignore

@@ -41,6 +41,7 @@
 /src/library/ps/src/px
 /src/library/zip/src/tools/cmdunzip
 /src/library/zip/src/tools/cmdzip
+/src/library/keyring/src/Makevars
 /tools/build/linux/pak_*.tar.gz
 /tools/build/linux/*.done
 /vignettes/internals.html

DESCRIPTION

@@ -12,6 +12,7 @@ Authors@R: c(
     person("Maëlle", "Salmon", role = "ctb", comment = "desc, pkgsearch"),
     person("Duncan", "Temple Lang", role = "ctb", comment = "jsonlite"),
     person("Lloyd", "Hilaiel", role = "cph", comment = "jsonlite"),
+    person("Alec", "Wong", role = "ctb", comment = "keyring"),
     person("Michel Berkelaar and lpSolve authors", role = "ctb", comment = "lpSolve"),
     person("R Consortium", role = "fnd", comment = "pkgsearch"),
     person("Jay", "Loden", role = "ctb", comment = "ps"),
@@ -45,6 +46,7 @@ Suggests:
     gitcreds,
     glue (>= 1.6.2),
     jsonlite (>= 1.8.0),
+    keyring,
     pingr,
     pkgbuild (>= 1.4.2),
     pkgcache (>= 2.0.4),
@@ -55,7 +57,10 @@ Suggests:
     ps (>= 1.6.0),
     rstudioapi,
     testthat (>= 3.2.0),
+    webfakes,
     withr
+Remotes:
+    r-lib/pkgcache
 ByteCompile: true
 Config/build/extra-sources: configure*
 Config/needs/dependencies:
@@ -65,6 +70,7 @@ Config/needs/dependencies:
     curl,
     filelock,
     gaborcsardi/jsonlite,
+    r-lib/keyring,
     lpSolve,
     pkgbuild,
     r-lib/pkgcache,

R/parse-url.R

@@ -0,0 +1,50 @@
+
+parse_url <- function(url) {
+  re_url <- paste0(
+    "^(?<protocol>[a-zA-Z0-9]+)://",
+    "(?:(?<username>[^@/:]+)(?::(?<password>[^@/]+))?@)?",
+    "(?<host>[^/]*)",
+    "(?<path>.*)$"            # don't worry about query params here...
+  )
+
+  mch <- re_match(url, re_url)
+  mch[, setdiff(colnames(mch), c(".match", ".text")), drop = FALSE]
+}
+
+re_match <- function(text, pattern, perl = TRUE, ...) {
+
+  stopifnot(is.character(pattern), length(pattern) == 1, !is.na(pattern))
+  text <- as.character(text)
+
+  match <- regexpr(pattern, text, perl = perl, ...)
+  match <- regexpr(pattern, text, perl = perl, ...)
+
+  start  <- as.vector(match)
+  length <- attr(match, "match.length")
+  end    <- start + length - 1L
+
+  matchstr <- substring(text, start, end)
+  matchstr[ start == -1 ] <- NA_character_
+
+  res <- data.frame(
+    stringsAsFactors = FALSE,
+    .text = text,
+    .match = matchstr
+  )
+
+  if (!is.null(attr(match, "capture.start"))) {
+
+    gstart  <- attr(match, "capture.start")
+    glength <- attr(match, "capture.length")
+    gend    <- gstart + glength - 1L
+
+    groupstr <- substring(text, gstart, gend)
+    groupstr[ gstart == -1 ] <- NA_character_
+    dim(groupstr) <- dim(gstart)
+
+    res <- cbind(groupstr, res, stringsAsFactors = FALSE)
+  }
+
+  names(res) <- c(attr(match, "capture.names"), ".text", ".match")
+  res
+}

R/subprocess.R

@@ -68,6 +68,9 @@ remote <- function(func, args = list()) {
   pkg_options <- opts[grepl("^pkg[.]", names(opts)) | names(opts) %in% extraopts]
   envs <- Sys.getenv()
   extraenvs <- c("R_BIOC_VERSION", "PATH")
+  if (any(grepl("@", subst_args[["__repos__"]]))) {
+    extraenvs <- c(extraenvs, envs[grep("^https?://", names(envs))])
+  }
   pkg_envs <- envs[grepl("^PKG_", names(envs)) | names(envs) %in% extraenvs]
   rs$run(function(new_opts, new_envs) {
     opts <- options()

inst/COPYRIGHTS

@@ -19,6 +19,11 @@ pak (c) 2017-2024 Posit Software, PBC (formerly RStudio)
 (c) Lloyd Hilaiel
 (c) Duncan Temple Lang
 
+## keyring
+
+(c) 2017-2025 Alec Wong
+(c) 2017-2024 Posit Software, PBC (formerly RStudio)
+
 ## lpSolve
 
 (c) Michel Berkelaar and lpSolve authors

src/install-embedded.R

@@ -90,7 +90,10 @@ install_order <- function() {
     "pkgsearch",
     # callr, cli, curl, desc, filelock, jsonlite, lpSolve, pkgbuild,
     # pkgcache, processx, ps, R6, zip
-    "pkgdepends"
+    "pkgdepends",
+    # filelock, R6
+    "keyring",
+    NULL
   )
 
   pkgs

src/library/keyring/DESCRIPTION

@@ -0,0 +1,38 @@
+Package: keyring
+Title: Access the System Credential Store from R
+Version: 1.3.2.9000
+Authors@R: c(
+    person("Gábor", "Csárdi", , "[email protected]", role = c("aut", "cre")),
+    person("Alec", "Wong", role = "ctb"),
+    person("Posit Software, PBC", role = c("cph", "fnd"))
+  )
+Description: Platform independent 'API' to access the operating system's
+    credential store. Currently supports: 'Keychain' on 'macOS',
+    Credential Store on 'Windows', the Secret Service 'API' on 'Linux',
+    and simple, platform independent stores implemented with environment
+    variables or encrypted files.  Additional storage back-ends can be
+    added easily.
+License: MIT + file LICENSE
+URL: https://keyring.r-lib.org/, https://github.com/r-lib/keyring
+BugReports: https://github.com/r-lib/keyring/issues
+Depends: R (>= 3.6)
+Imports: filelock, R6, tools, utils
+Suggests: callr, covr, testthat (>= 3.0.0), withr
+Config/Needs/website: tidyverse/tidytemplate
+Config/testthat/edition: 3
+Encoding: UTF-8
+Roxygen: list(markdown = TRUE, r6 = FALSE)
+RoxygenNote: 7.3.2
+SystemRequirements: Optional: libsecret on Linux (libsecret-1-dev on
+        Debian/Ubuntu, libsecret-devel on Fedora/CentOS)
+Collate: 'aaa-import-standalone-rstudio-detect.R' 'aaassertthat.R'
+        'api.R' 'assertions.R' 'backend-class.R' 'backend-env.R'
+        'backend-file.R' 'backend-macos.R' 'backend-secret-service.R'
+        'backend-wincred.R' 'default_backend.R' 'keyring-package.R'
+        'mocks.R' 'package.R' 'pass.R' 'standalone-errors.R' 'utils.R'
+NeedsCompilation: yes
+Packaged: 2025-02-21 11:34:07 UTC; gaborcsardi
+Author: Gábor Csárdi [aut, cre],
+  Alec Wong [ctb],
+  Posit Software, PBC [cph, fnd]
+Maintainer: Gábor Csárdi <[email protected]>

src/library/keyring/LICENSE

@@ -0,0 +1,2 @@
+YEAR: 2023
+COPYRIGHT HOLDER: keyring authors

src/library/keyring/NAMESPACE

@@ -0,0 +1,30 @@
+# Generated by roxygen2: do not edit by hand
+
+export(backend)
+export(backend_env)
+export(backend_file)
+export(backend_keyrings)
+export(backend_macos)
+export(backend_secret_service)
+export(backend_wincred)
+export(default_backend)
+export(has_keyring_support)
+export(key_delete)
+export(key_get)
+export(key_get_raw)
+export(key_list)
+export(key_list_raw)
+export(key_set)
+export(key_set_with_raw_value)
+export(key_set_with_value)
+export(keyring_create)
+export(keyring_delete)
+export(keyring_is_locked)
+export(keyring_list)
+export(keyring_lock)
+export(keyring_unlock)
+importFrom(R6,R6Class)
+importFrom(utils,URLdecode)
+importFrom(utils,head)
+importFrom(utils,tail)
+useDynLib(keyring, .registration = TRUE)

src/library/keyring/NEWS.md

@@ -0,0 +1,64 @@
+# keyring (development version)
+
+# keyring 1.3.2
+
+* keyring uses safer `*printf()` format strings (Secret Service backend).
+
+# keyring 1.3.1
+
+* No user visible changes.
+
+# keyring 1.3.0
+
+* `keyring_create()` and also all backends that support multiple keyrings
+  now allow passing the password when creating a new keyring (#114).
+
+* `key_set()` can now use a custom prompt (@pnacht, #112).
+
+* keyring now handled better the 'Cancel' button when requesting a password
+  in RStudio, and an error is thrown in this case (#106).
+
+# keyring 1.2.0
+
+* It is now possible to specify the encoding of secrets on Windows
+  (#88, @awong234).
+
+* The `get_raw()` method of the Secret Service backend works now (#87).
+
+* Now the file backend is selected by default on Unix systems if
+  Secret Service is not available or does not work (#95, @nwstephens).
+
+* The file backend now works with keys that do not have a username.
+
+* All backends use the value of the `keyring_username` option, if set,
+  as the default username (#60).
+
+# keyring 1.1.0
+
+* File based backend (#53, @nbenn).
+
+* Fix bugs in `key_set()` on Linux (#43, #51).
+
+* Windows: support non-ascii characters and spaces in `key_list()`
+  `service` and `keyring` (#48, #49, @javierluraschi).
+
+* Add support for listing service keys for env backend
+  (#58, @javierluraschi).
+
+* keyring is now compatible with R 3.1.x and R 3.2.x.
+
+* libsecret is now optional on Linux. If not available, keyring is built
+  without the Secret Service backend (#55).
+
+* Fix the `get_raw()` method on Windows.
+
+* Windows: `get()` tries the UTF-16LE encoding if the sting has embedded
+  zero bytes. This allows getting secrets that were
+  set in Credential Manager (#56).
+
+* Windows: fix `list()` when some secrets have no `:` at all
+  (these were probably set externally) (#44).
+
+# keyring 1.0.0
+
+First public release.