Security Scanned packages...

Hi All,
I am wondering if anyone provides a security checked packaged libraries. I found this interesting blog here: Will RStudio Package Manager Include a virus scanner for R packages?

This was a year ago so not sure if RStudio has this feature to do a virus scan yet. I have reached out also to the RStudio vendor asking if RStudio itself is security checked or if only RStudio Server Pro is.

Does anyone know about this and if there are packages where security checks have been run? Seems like a great value add for someone to make money on. :slight_smile:


Hi Tony!

This isn't a part of RStudio Package Manager yet, but I'd love to chat more about your expectations and goals for this work. If you're interested shoot me an email:

If you're short on time looking for alternatives, Mango offers a set of "validated packages" through their ValidR solution - a bit different from virus scanning all packages though.

There is also work underway by a collection of Pharma companies to create a list of validated packages - where validation is focused primarily on verifying a package's functions for correctness.

Both of these projects focus on carefully understanding the source code for a subset of R packages. They are not directly focused on automated scanning for security vulnerabilities, which as the blogpost you reference mentions is hard to do for an interactive language like R.



This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.