[R] are R packages safe?
jdnewmil at dcn.davis.ca.us
Thu Dec 8 19:14:58 CET 2016
On the plus side, all binary packages on CRAN are built from source code automatically by the CRAN team, so it would be a bit audacious to include "unsafe" code when the source code had to reviewable at any time.
There is nothing in R that would prevent a user from downloading a binary package from a non-CRAN source, though.
The only legally defensible answer is No, you use this at your own risk.
Sent from my phone. Please excuse my brevity.
On December 8, 2016 9:55:17 AM PST, Bert Gunter <bgunter.4567 at gmail.com> wrote:
>1. What does "Safe" mean???
>2. From the R banner on startup:
>"R is free software and comes with ABSOLUTELY NO WARRANTY."
>Don't think it could be clearer than that!
>"The trouble with having an open mind is that people keep coming along
>and sticking things into it."
>-- Opus (aka Berkeley Breathed in his "Bloom County" comic strip )
>On Thu, Dec 8, 2016 at 9:47 AM, Dimitri Liakhovitski
><dimitri.liakhovitski at gmail.com> wrote:
>> suddenly, I am being asked for a proof that R packages that are not
>> '"base" are safe. I've never been asked this question before.
>> Is there some documentation on CRAN that discusses how it's ensured
>> that all "official" R packages have been "vetted" and are safe?
>> Thanks a lot!
>> Dimitri Liakhovitski
>> R-help at r-project.org mailing list -- To UNSUBSCRIBE and more, see
>> PLEASE do read the posting guide
>> and provide commented, minimal, self-contained, reproducible code.
>R-help at r-project.org mailing list -- To UNSUBSCRIBE and more, see
>PLEASE do read the posting guide
>and provide commented, minimal, self-contained, reproducible code.
More information about the R-help