Add check for `MPN_SNAPSHOT` env var in System Info

[seth127]

Motivation

Related to #39, we would like to be able to more easily and reliably reproduce the environment (notably, the versions of all dependencies of the package being scored) that a package was scored in. #39 will give us the raw information, but this would still be painstaking to reproduce. One simple answer would be to record the MPN snapshot that the dependencies were installed from (if one was used). This would make it easy to reproduce the environment, and package versions could be cross-checked between the snapshot and the sessionInfo() output, if anything seemed wrong.

Proposal

First off: I'm very open to other ideas on this, particularly if they can reliably and simply pull the snapshot date or URL without needing manual intervention. See "Other Notes" below for more discussion on that.

• Add MPN_SCORECARD to get_metadata(..., env_vars) here
• Document that both METWORX_VERSION and MPN_SCORECARD env vars will be checked and, if present, included in the scorecard. That probably belongs in the render_scorecard() docs.
• Modify this line to only append the passed env vars if isTRUE(nzchar(Sys.getenv(.ev))). In other words, if either of those vars aren't set, we don't want to put METWORX_VERSION: ___ in the Scorecard, we just want to not include it at all.

Other Notes

I considered pulling options(repos) but if the deps were installed via pkgr (which will be our practice at Metrum) then options(repos) likely won't contain the relevant information (and could in fact be entirely wrong and misleading).

I also considered parsing this from the pkgr.yml file directly, if one is found, but this feels a bit strange too. Mostly in that it introduces some "auto-magical" behavior which is very reliant on an external tool. If we can think of a good pattern for this, then I'm open to it. One option might be to use the env var idea from above, and then have our internal score-r-pkg script automatically set that variable by looking for a pkgr.yml file and pulling the repo from it. That would accomplish the same goal, but keep that pkgr-specific code out of the package.

[kyleam]

Thanks for writing this up. As you know from our discussion, I definitely like the idea of having the option to record this.

I considered pulling options(repos) but if the deps were installed via pkgr (which will be our practice at Metrum) then options(repos) likely won't contain the relevant information (and could in fact be entirely wrong and misleading).

Right.

I also considered parsing this from the pkgr.yml file directly, if one is found, but this feels a bit strange too. Mostly in that it introduces some "auto-magical" behavior which is very reliant on an external tool.

Yeah, I agree with your feeling about that being out of place.

One option might be to use the env var idea from above, and then have our internal score-r-pkg script automatically set that variable by looking for a pkgr.yml file and pulling the repo from it. That would accomplish the same goal, but keep that pkgr-specific code out of the package.

Yes, this is what I mind when we talked about this. score-r-pkg automatically determines the latest snapshot (or uses the date pass in by the caller), so it has this information.