[R] are R packages safe?
Dimitri Liakhovitski
dimitri.liakhovitski at gmail.com
Thu Dec 8 19:08:51 CET 2016
Thank you, Marc.
That's helpful!
I think, in this case it's mostly:
That they are virus/malware free.
And that they don't send out some info that they are not supposed to.
Thank you!
Dimitri
On Thu, Dec 8, 2016 at 1:04 PM, Marc Schwartz <marc_schwartz at me.com> wrote:
>
> On Dec 8, 2016, at 11:47 AM, Dimitri Liakhovitski
> <dimitri.liakhovitski at gmail.com> wrote:
>
> Guys,
>
> suddenly, I am being asked for a proof that R packages that are not
> '"base" are safe. I've never been asked this question before.
>
> Is there some documentation on CRAN that discusses how it's ensured
> that all "official" R packages have been "vetted" and are safe?
>
> Thanks a lot!
>
> --
> Dimitri Liakhovitski
>
>
>
> Dimitri,
>
> You are going to need to define "safe".
>
> Also, note that the notion of "official R packages" is not defined, other
> than for those that bear the copyright of The R Foundation (Base +
> Recommended), as per:
>
> https://www.r-project.org/certification.html
>
> That packages are available on CRAN does not infer, implicitly or
> explicitly, that the packages are endorsed/certified/validated by any party.
>
> You can review the CRAN Policy here:
>
> https://cran.r-project.org/web/packages/policies.html.
>
> which provides a standardized framework for CRAN submissions.
>
> Does "safe" mean that they are virus/malware free?
>
> Does "safe" mean that they are extensively tested/validated, bug free and
> yield documented evidence of consistent and correct results, possibly having
> also been tested for "edge cases"?
>
> Regards,
>
> Marc Schwartz
>
>
--
Dimitri Liakhovitski
More information about the R-help
mailing list