Thank you for doing humanity a big favor. Somebody who is uncomfortable with people just accepting things and explaining the concept under the hood. Appreciate it!
Entirely different! This is not a data frame library. This is about scaling existing plumber APIs using Rust. So if you can write a function in R you can make a REST API, if you can do that, you can deploy it to production as a backend web service or as a serverless function. Or whatever you want! Valve helps make sure that you use all available resources on a container or machine to scale that effectively .
I havent used R studio myself since i installed Positron, working with R and Python at the same time is just so easy and somehow i feel like it's faster in response and everything.
you can use the command line if you want to i suppose. you don't _need_ VS Code or RStudio, or Positron, or any other editor. They're just nice to play with
It's worth thinking about the audience for this product. I've been testing it from the viewpoint of a data scientist and, like VS Code, there is a lot going on beyond what I need. I applaud Posit for becoming language agnostic but Positron is very much developer-centric so far. I don't like a workflow that includes dropping into the command line (or Powershell) - this is one thing I think RStudio gets right vs. what Python tools expect from people.
I must admit I'm a little confused by this whole positron thing. Im already using vscode for everything besides R. I'd have much rather they contributed a nice R extension for use with vscode. Tbh, I often use vscode for R also when I'm accessing remote machines and can't be assed installing rstudio server, and I find the setup okay...
What is the point of making a clone of vs code? They cant keep up with rstudio developennt, so how are they going to keep up with VS Code development and implement patches. The licence itself is also a big turn off. Posit really fell off.
Yeah, I've asked this for myself: What's the use of RStudio and the point of making this? I am disappointed and otherwise, I'll be astonished to this one.
@@josiahparry it is a vs code clone because it's a forked core of vs code. It doesn't have access to vs code packages just like VS codium because MS license does not allow this
can't wait to try this, rstudio has been so slow for me lately I am having to build models for Kaggle comps using dataspell that I have to pay out of pocket for.
oh wow i wasn't aware of that. finally r programming coming to the 21st century. the feel of RStudio and the versatility and modernism of VSC combined could be great.
Hey thank you for the video. I saw that you also already have the docker instructions in the package website. I'm hoping to run a simple app with plumber in production in the next few weeks. I was going to just use caddy as a load balancer for multiple plumber instances but I think using Valve should provide better functionality out of the box. Thanks again!
Just make sure that your Docker container has enough vCPU to handle multiple threads and ensure that you don't over-allocate them as well! And you can also use a load balancer in front of multiple Valve apps
@@josiahparry thanks! I have a cloud instance with 8 vcpus so it should be good. I'm not expecting massive traffic either and the computations that R has to do are very quick. I just want to make the UX as good as possible. I think 4 workers max should be good enough for my purposes. In case more is needed well that's the beauty of your package, I can just reload with more workers and if should be good to go =)
That was one of the best video tutorials I've seen lately, super informative and easy to follow! I cannot wait to test this out with some different datasets. Thanks for the amazing work!
Hi, i'm trying to implementing the algorithm in java and following the same steps i got the same results, so i guess i'm reimplementing it correctly. The only problem is, if i try to use any lat/long coordinates for example, my home adddress lat/long, got a geohash that is totally far away from the addres used. In fact if i use some online tool the hash generated is totally different and correct.
I'm curious how this works. Is it loading the whole file into memory before doing the aggregation? Or the query planner smart enough that it knows it only needs to load 1 line at a time (and then handles keeps track of the required aggregations accordingly)
Great video, Josiah! For benchmarking, just a fun FYI in case you didn't know, you can do `summary(benchmark_obj, relative = TRUE)` and it will compare the two in relative terms, which is neat!
What it boils down to is that R is at its core a fully featured programming language. To some degree it will always be inherently unsafe, as will any other programming language, simply because by nature they have to be in order to function. Much like a good quality knife is also able to cut you as well as your dinner. There are some shenanigans at play here, but it still pales in comparison to the likes of Java's Fracturiser hidden in minecraft mods or malicious executables.
This whole thing seems suspicious to me. A contract threat research company sets out to find a way to exploit R, and then, (Wa-La!) finds it! Then advertises it like crazy! And in the write-up they specifically reference the usage of R in the Pharmaceutical industry, and even links to a talk by R/Pharma. This whole thing feels like a set up. Was HiddenLayer contracted to do this? By who? Very suspicious that a *potential* exploit got as much coverage as way more damaging *actual* exploits.
Especially when the exploit basically boils down to blindly running completely unknown code. This is the coding version of downloading random executables from the internet and running them as administrator. Or to use a physical metaphor it's like saying household appliances are unsafe because someone told you to stick a fork in the socket and you did it. P.s. "Voila". Because the french were so rich they had to use extra letters just to show off.
I emailed Hadley and he said, you don't have to update R to 4.4.0. Someone in reddit said, it is no use to update R if you use RDS/RDA files from unknown source. Also, for a follow up question, is it possible to combine C, FORTRAN, C++ and Rust code together in one package? I tried to combine C++ and Rust but failed to debugged my R package but I know there's a certain package that uses C and C++ together (EBImage as an example).
You can use all of them together it just requires extra work on your behalf to make sure they dont conflict with eachother. These tools aren't designed to work out of the box with eachother.
What is R used for? Like with syntax like that I understand why it is used [That might be the most beautiful code I've ever seen] But for what like what is its practical applications?
Biomedical research, econometrics, data engineering, machine learning, big geospatial analysis, interactive dashboards, nlp, web scraping, idk whatever you want to do you can do
R's biggest strength is data engineering. Cleaning, analyzing, and reporting tabular data can be done with a fraction of the code and a fraction of the runtime in R compared to pretty much any other language. Data.table is several times faster than Pandas, and Collapse is even faster still. The nature of the interactive console also makes it incredibly easy to really get hands-on with the data step by step before cementing an optimized pipeline.
I don't get how it is a huge vulnerability. When you download code from the internet it can run code. cmd() or similar is a common resource in nearly every programming language. There is nearly no scripted programming language where a downloaded module couldn't do that. I guess it might better let them obfuscate because it is calling it indirectly? In general you should assume all downloaded code can run anything within userland within the same user on the machine. Launching a calculator is just something code can do. Any module in any programming language could probably delete all your files or send them off to some server.
I think the idea is that these are data formats and you might think you're loading data but actually you're loading a promise to unexecuted code. Then that code is executed instead of being a piece of data already. It feels like a feature not a bug but alas, you shouldn't need to have a binary file to store unexecuted code.
I'll be sure to never share this with my legal/sec department. They'd freak out at your blatant use of the R-word (whispers 'risk'). On the other hand, I've been able to take away their dread by filling out copious forms in the past so should they be exposed to your scary talk I know what to do. After all, everyone knows killer-bureaucracy is what truly keeps our corporate networks safe
LOL!! I love this so much. Yeah....I'm sure they're allowing far scarier things than **manually** inspected R packages from CRAN. And, as always, its not the language that's dangerous...it's the developers. You can allow SQL injections using just about any language / tool out there. It is up to the developer to prevent them.
