riskmetric is a collection of risk metrics to evaluate the quality of R
This package is in experimentation. Final considerations about design are being considered, but core concepts are considered final.
The risk of using an R package is evaluated based on a number of metrics meant to evaluate development best practices, code documentation, community engagement and development sustainability. We hope to provide a framework to quantify risk by assessing these metrics. This package serves as a starting point for exploring the heterogeneity of code quality, and begin a broader conversation about the validation of R packages. Primarily, this effort aims to provide some context for validation within regulated industries.
We separate three steps in the workflow to assess the risk of an R package using
- Finding a source for package information (installed package or CRAN/git source)
- Assessing the package under validation criteria
- Scoring assessment criteria
The results will be assembled in a dataset of validation criteria containing an overall risk score for each package as shown in the example below.
You can install
riskmetric from CRAN with:
Or from GitHub using
Scrape metadata locally or remotely, then assess that metadata and score it to estimate risk. For each package, derive a composite measure of risk, or a collection of individual scores which can be easily used to generate validation reports.
library(dplyr) library(riskmetric) pkg_ref(c("riskmetric", "utils", "tools")) %>% pkg_assess() %>% pkg_score()
We have a bi-weekly sprint meeting for developers to discuss the progress.
email@example.com be added to the meeting.
- Project Planning Meeting Structure
riskmetric is centrally a community project. Comfort with a quantification of
risk comes via consensus, and for that this project is dependent on close
community engagement. There are plenty of ways to help: