Some R package upkeep (#77)

* Add GitHub links to DESCRIPTION

* Update lifecycle SVGs

* Update README

* Update lifecycle, testthat

* Redocument

* Switch to native pipe

* Update Posit as funder

* Change headers in vignette

* Apply air to package

* Add Air config

* Update date in LICENSE

* Update DESCRIPTION

* Update GH actions

* Update this one too

* Fix up package level description

* Take very old versions of R back out of GH actions

Author: juliasilge

.Rbuildignore

@@ -13,3 +13,5 @@
 ^CRAN-SUBMISSION$
 ^\.python-version$
 ^revdep$
+^[.]?air[.]toml$
+^\.vscode$

.github/workflows/R-CMD-check-hard.yaml

@@ -8,12 +8,13 @@
 # dependency.
 on:
   push:
-    branches: [main]
+    branches: main
   pull_request:
-    branches: [main]
 
 name: R-CMD-check-hard
 
+permissions: read-all
+
 jobs:
   R-CMD-check:
     runs-on: ${{ matrix.config.os }}

.github/workflows/R-CMD-check.yaml

@@ -8,10 +8,11 @@ on:
   push:
     branches: main
   pull_request:
-    branches: main
 
 name: R-CMD-check
 
+permissions: read-all
+
 jobs:
   R-CMD-check:
     runs-on: ${{ matrix.config.os }}
@@ -26,10 +27,10 @@ jobs:
 
           - {os: windows-latest, r: 'release'}
 
-          - {os: ubuntu-latest,   r: 'devel', http-user-agent: 'release'}
-          - {os: ubuntu-latest,   r: 'release'}
-          - {os: ubuntu-latest,   r: 'oldrel-1'}
-          - {os: ubuntu-latest,   r: 'oldrel-2'}
+          - {os: ubuntu-latest,  r: 'devel', http-user-agent: 'release'}
+          - {os: ubuntu-latest,  r: 'release'}
+          - {os: ubuntu-latest,  r: 'oldrel-1'}
+          - {os: ubuntu-latest,  r: 'oldrel-2'}
 
     env:
       GITHUB_PAT: ${{ secrets.GITHUB_TOKEN }}
@@ -70,3 +71,4 @@ jobs:
       - uses: r-lib/actions/check-r-package@v2
         with:
           upload-snapshots: true
+          build_args: 'c("--no-manual","--compact-vignettes=gs+qpdf")'

.github/workflows/format-suggest.yaml

@@ -0,0 +1,46 @@
+# Workflow derived from https://github.com/posit-dev/setup-air/tree/main/examples
+
+on:
+  # Using `pull_request_target` over `pull_request` for elevated `GITHUB_TOKEN`
+  # privileges, otherwise we can't set `pull-requests: write` when the pull
+  # request comes from a fork, which is our main use case (external contributors).
+  #
+  # `pull_request_target` runs in the context of the target branch (`main`, usually),
+  # rather than in the context of the pull request like `pull_request` does. Due
+  # to this, we must explicitly checkout `ref: ${{ github.event.pull_request.head.sha }}`.
+  # This is typically frowned upon by GitHub, as it exposes you to potentially running
+  # untrusted code in a context where you have elevated privileges, but they explicitly
+  # call out the use case of reformatting and committing back / commenting on the PR
+  # as a situation that should be safe (because we aren't actually running the untrusted
+  # code, we are just treating it as passive data).
+  # https://securitylab.github.com/resources/github-actions-preventing-pwn-requests/
+  pull_request_target:
+
+name: format-suggest.yaml
+
+jobs:
+  format-suggest:
+    name: format-suggest
+    runs-on: ubuntu-latest
+
+    permissions:
+      # Required to push suggestion comments to the PR
+      pull-requests: write
+
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event.pull_request.head.sha }}
+
+      - name: Install
+        uses: posit-dev/setup-air@v1
+
+      - name: Format
+        run: air format .
+
+      - name: Suggest
+        uses: reviewdog/action-suggester@v1
+        with:
+          level: error
+          fail_level: error
+          tool_name: air

.github/workflows/pkgdown.yaml

@@ -2,15 +2,16 @@
 # Need help debugging build failures? Start at https://github.com/r-lib/actions#where-to-find-help
 on:
   push:
-    branches: [main, master]
+    branches: main
   pull_request:
-    branches: [main, master]
   release:
     types: [published]
   workflow_dispatch:
 
 name: pkgdown
 
+permissions: read-all
+
 jobs:
   pkgdown:
     runs-on: ubuntu-latest
@@ -57,7 +58,7 @@ jobs:
 
       - name: Deploy to GitHub pages 🚀
         if: github.event_name != 'pull_request'
-        uses: JamesIves/github-pages-deploy-action@v4.4.1
+        uses: JamesIves/github-pages-deploy-action@v4.5.0
         with:
           clean: false
           branch: gh-pages

.github/workflows/test-coverage.yaml

@@ -4,7 +4,6 @@ on:
   push:
     branches: main
   pull_request:
-    branches: main
 
 name: test-coverage
 
@@ -51,9 +50,19 @@ jobs:
             clean = FALSE,
             install_path = file.path(normalizePath(Sys.getenv("RUNNER_TEMP"), winslash = "/"), "package")
           )
+          print(cov)
           covr::to_cobertura(cov)
         shell: Rscript {0}
 
+      - uses: codecov/codecov-action@v5
+        with:
+          # Fail if error if not on PR, or if on PR and token is given
+          fail_ci_if_error: ${{ github.event_name != 'pull_request' || secrets.CODECOV_TOKEN }}
+          files: ./cobertura.xml
+          plugins: noop
+          disable_search: true
+          token: ${{ secrets.CODECOV_TOKEN }}
+
       - name: Show testthat output
         if: always()
         run: |
@@ -67,4 +76,3 @@ jobs:
         with:
           name: coverage-test-failures
           path: ${{ runner.temp }}/package
-          

.vscode/extensions.json

@@ -0,0 +1,5 @@
+{
+    "recommendations": [
+        "Posit.air-vscode"
+    ]
+}

.vscode/settings.json

@@ -0,0 +1,10 @@
+{
+    "[r]": {
+        "editor.formatOnSave": true,
+        "editor.defaultFormatter": "Posit.air-vscode"
+    },
+    "[quarto]": {
+        "editor.formatOnSave": true,
+        "editor.defaultFormatter": "quarto.quarto"
+    }
+}

DESCRIPTION

@@ -7,7 +7,8 @@ Authors@R: c(
     person("Simon", "Couch", , "simonpatrickcouch@gmail.com", role = "aut"),
     person("Qiushi", "Yan", , "qiushi.yann@gmail.com", role = "aut"),
     person("Max", "Kuhn", , "max@posit.co", role = "aut"),
-    person("Posit Software, PBC", role = c("cph", "fnd"))
+    person("Posit Software, PBC", role = c("cph", "fnd"),
+           comment = c(ROR = "03wc8by49"))
   )
 Description: Typically, models in 'R' exist in memory and can be saved via
     regular 'R' serialization. However, some models store information in
@@ -19,9 +20,10 @@ License: MIT + file LICENSE
 URL: https://github.com/rstudio/bundle, https://rstudio.github.io/bundle/
 BugReports: https://github.com/rstudio/bundle/issues
 Depends: 
-    R (>= 3.6)
+    R (>= 4.1)
 Imports:
     glue,
+    lifecycle,
     purrr,
     rlang,
     utils,
@@ -56,10 +58,11 @@ Suggests:
     xgboost (>= 1.6.0.1)
 VignetteBuilder: 
     knitr
+Remotes: 
+    tidymodels/butcher
 Config/Needs/website: tidyverse/tidytemplate
 Config/testthat/edition: 3
+Config/usethis/last-upkeep: 2025-12-08
 Encoding: UTF-8
 Roxygen: list(markdown = TRUE)
-RoxygenNote: 7.3.2
-Remotes:  
-    tidymodels/butcher
+RoxygenNote: 7.3.3

LICENSE

@@ -1,2 +1,2 @@
-YEAR: 2023
+YEAR: 2025
 COPYRIGHT HOLDER: bundle authors