Consider removing the user's ID from tarballs generated by build()

[wlandau]

In build(), the ID of the user is automatically inserted into the DESCRIPTION file, e.g.

Packaged: 2018-11-06 14:01:50 UTC; <MY USER ID>

This is problematic for those of us who work in corporate settings. We must not divulge our user IDs in the packages we develop and release.

I feel this problem affects enough users to consider here. In this post, @zeroby0 suggests I decompress, edit, and re-compress the built package. Maybe pkgbuild could handle this, either with an option in build() or an exported function to clean the tarball. Or maybe the right solution is to chat with the R Core Team about R CMD build.

[jimhester]

I think this need is sufficiently small that we are not going to implement it in pkgbuild.

The user ID for most people is not privileged information and for those that it is they should either strip the confidential information manually or should submit packages without using the employers resources.

The code which adds the Packaged field in R CMD build is at https://github.com/wch/r-source/blame/521c90a175d67475b9f1b43d7ae68bc48062d8e6/src/library/tools/R/build.R#L170-L175, you could try proposing a patch to the R-devel mailing list that preferentially reads the username from an environment variable, something like _R_BUILD_USERNAME_ or similar that you could set when building packages.

[wlandau]

Proposing a patch to R-devel seems like a good way to handle this. Thank you for the suggestion.