Learn R Programming

riskmetric

riskmetric is a collection of risk metrics to evaluate the quality of R packages.

This package is in experimentation. Final considerations about design are being considered, but core concepts are considered final.

Background

The risk of using an R package is evaluated based on a number of metrics meant to evaluate development best practices, code documentation, community engagement and development sustainability. We hope to provide a framework to quantify risk by assessing these metrics. This package serves as a starting point for exploring the heterogeneity of code quality, and begin a broader conversation about the validation of R packages. Primarily, this effort aims to provide some context for validation within regulated industries.

We separate three steps in the workflow to assess the risk of an R package using riskmetric:

  1. Finding a source for package information (installed package or CRAN/git source) pkg_ref()
  2. Assessing the package under validation criteria pkg_assess()
  3. Scoring assessment criteria pkg_score()

The results will be assembled in a dataset of validation criteria containing an overall risk score for each package as shown in the example below.

Installation

You can install riskmetric from CRAN with:

install.packages("riskmetric")

Or from GitHub using devtools with:

devtools::install_github("pharmaR/riskmetric")

Example

Scrape metadata locally or remotely, then assess that metadata and score it to estimate risk. For each package, derive a composite measure of risk, or a collection of individual scores which can be easily used to generate validation reports.

library(dplyr)
library(riskmetric)

pkg_ref(c("riskmetric", "utils", "tools")) %>%
  pkg_assess() %>%
  pkg_score()

The {riskassessment} application

riskassessment is a full-fledged R package containing a shiny front-end that augments the utility of riskmetric. The application's goal is to provide a central hub for an organization to review and assess the risk of R packages, providing handy tools and guide rails along the way. The app uses a local database to store & display:

  • all riskmetric metrics, including package risk scores over time
  • organization-wide metric weighting, plus rules to automate org decisions

(whether to endorse/ prohibit the pkg)

  • package-level user dialogue on the perceived risk, to facilitate communication

& notes

To learn more about riskassessment, please browse the user guide or consider taking the demo app for a spin.

Get Involved

We have a bi-weekly sprint meeting for developers to discuss the progress.

riskmetric is centrally a community project. Comfort with a quantification of risk comes via consensus, and for that this project is dependent on close community engagement. There are plenty of ways to help:

  • Share the package
  • File issues when you encounter bugs
  • Weigh in on proposed metrics, or suggest a new one
  • Help us devise the best way to summarize risk into a single score
  • Help us keep documentation up to date
  • Contribute code to tackle the metric backlog

Copy Link

Version

Install

install.packages('riskmetric')

Monthly Downloads

779

Version

0.2.5

License

MIT + file LICENSE

Issues

121

Pull Requests

10

Stars

171

Forks

33

Maintainer

Eli Miller

Last Published

March 6th, 2025

Functions in riskmetric (0.2.5)

assess_export_help

Assess a package for availability of documentation for exported values
assess_has_examples

Assess a package for the presence of example or usage fields in function documentation
assess_has_vignettes

Assess a package for the presence of Vignettes files
assessment_error_throw

Error handler for assessments to throw error immediately
assess_r_cmd_check

Assess a package's results from running R CMD check
dec_mutations_count

decrement the number of allowed mutations
metric_score.pkg_metric_downloads_1yr

Defining an Assessment Scoring Function
assess_remote_checks

Assess package checks from CRAN/Bioc or R CMD check
assess_has_website

Assess a package for an associated website url
assess_last_30_bugs_status

Assess how many recent BugReports have been closed
assess_exported_namespace

Assess a package's results from running R CMD check
assessment_error_as_warning

Error handler for assessments to deescalate errors to warnings
assessment_error_empty

Error handler for assessments with safe fallback
determine_pkg_source

Determine the intended source of a new package
format_assessment_message

Assessment console printing formatter
.tools

Accessor for tools namespace
firstS3method

Find the S3 method that will be evaluated when an S3 generic is called by an object of class classes
examples_from_dir

Build logical vector for Rd objects with example or usage fields discovered in a given directory
assess_license

Assess a package for an acceptable license
cache_behaviors

List of available caching behaviors with metadata, including default and annotations for building documentation
metric_score.pkg_metric_export_help

Score a package for availability of documentation for exported values
assess_reverse_dependencies

Generate list of Reverse Dependencies for a package
assess_size_codebase

Assess a package for size of code base
examples_from_pkg

Build logical vector for Rd objects with example or usage fields discovered in a given package
capture_expr_output

Capture side effects issued by an evaluated expression
assess_news_current

Assess a package for an up-to-date NEWS file
filter_rd_db

Filter a simple database of Rd objects in a package for files with example fields
metric_score.pkg_metric_has_maintainer

Score a package for inclusion of an associated maintainer
metric_score.pkg_metric_has_examples

Score a package for the presence of a example or usage fields
if_not_null_else

If not NULL else
metric_score.pkg_metric_has_news

Score a package for the presence of a NEWS file
get_pkg_ref_classes

Walk the pkg_ref class hierarchy to match a single subclass to a class path
get_package_dependencies

Gets available packages from necessary repository and filters for package of interest
pkg_assess

Apply assess_* family of functions to a package reference
metric_score.pkg_metric_has_source_control

Score a package for inclusion of an associated source control url
pkg_ref_cache

S3 generic to calculate a `pkg_ref` field
available_pkg_ref_fields

A helper function for retrieving a list of available fields, identified based on implementation of a pkg_ref_cache method for a given class.
parse_dcf_dependencies

Parse DCF of description file
pkg_ref_class_hierarchy

The `pkg_ref` subclass hierarchy, used for pkg_ref object creation with a specified subclass
get_assessments

Get a specific set of assess_* functions for pkg_assess
memoise_cran_mirrors

Fetch CRAN Mirrors Info
riskmetric

riskmetric
pkg_ref_mutability_error

pretty printing for a pkg_ref mutability error caused by trying to do assignment within the pkg_ref without permission
get_assessment_columns

Helper for retrieving a list of columns which contain pkg_metric objects
inc_mutations_count

increment the number of allowed mutations
with.pkg_ref

Evaluate an expression in the context of a pkg_ref
metric_score.pkg_metric_last_30_bugs_status

Score a package for number of recently opened BugReports that are now closed
bare_env

evaluate an expression with a pkg_ref object reclassed as a bare environment object, used to sidestep pkg_ref assignment guardrails
metric_score.pkg_metric_license

Score a package for acceptable license
metric_score.pkg_metric_size_codebase

Score a package for number of lines of code
bug_report_metadata

Helper for structuring bug reports
memoise_bioc_mirrors

Fetch BioC Mirrors Info
with_unclassed_to

Evaluate an expression after first removing a range of S3 classes
metric_score.pkg_metric_remote_checks

Score a package based on R CMD check results run by BioC or CRAN
score_error_zero

Score error handler to silently return 0
metric_score.pkg_metric_has_vignettes

Score a package for the presence of a Vignettes file
metric_score.pkg_metric_covr_coverage

Score a package for unit test coverage
metric_score.pkg_metric_reverse_dependencies

Scoring method for number of reverse dependencies a package has
metric_score

Score a package metric
is_url_subpath_of

check if a url originates from a list of repo urls
news_from_dir

Build a list of NEWS files discovered within a given directory
pkg_ref_cache.bug_reports_url.pkg_source

Get the BugReports url
metric_score.pkg_metric_news_current

Score a package for NEWS files updated to current version
metric_score.pkg_metric_dependencies

Score a package for dependencies
[[.pkg_ref

Lazily instantiated, immutable metadata access
pkg_ref_cache.help.pkg_install

Cache a list of available help files as LaTeX objects
roxygen_cache_behaviors

Document both declare_cache_behavior parameters and options list
pkg_ref_cache.expression_coverage.pkg_source

Retrieve output of covr::package_coverage, tallied by expression
pkg_ref_cache.covr_coverage.pkg_source

Retrieve output of covr::package_coverage
metric_score.pkg_metric_has_website

Score a package for inclusion of an associated website url
metric_score.pkg_metric_has_bug_reports_url

Score a package for the presence of a bug report url
metric_score.pkg_metric_exported_namespace

Score a package for the number of exported objects
pkg_ref_cache.help.pkg_source

Cache a list of available help files as LaTeX objects
pkg_ref_cache.news.pkg_remote

Cache a list of NEWS files from a package reference
metric_score.pkg_metric_r_cmd_check

Score a package based on R CMD check results run locally
pkg_score

Score a package assessment, collapsing results into a single numeric
vignettes_from_html

Build a List of Vignettes Files Discovered Within a Package Website
print.with_eval_recording

Handle pretty printing of expression output
pkg_ref

Create a package reference
roxygen_score_family

Helper for creating a roxygen header from template for score.* functions
vignettes_from_dir

Build a List of Vignettes Files Discovered Within a Given Directory
pkg_metric

A helper for structuring assessment return objects for dispatch with the score function
score_error_NA

Score error handler to silently return NA
score_error_default

Default score error handling, emitting a warning and returning 0
remove_base_packages

Helper function to remove base and recommended packages
roxygen_assess_family_catalog

Helper for creating a roxygen itemized list for assess_* functions
suppressMatchingConditions

Suppress messages and warnings based on one or more regex matches
roxygen_assess_family

Helper for creating a roxygen header from template for assess_* functions
require_cache_behaviors

Stop if a function requires disabled behaviors
pkg_metric_eval

Evaluate a metric
pkg_ref_cache.bug_reports_host.default

Get the host name of a BugReports url
summarize_scores

Summarize a default set of assessments into a single risk score
use_assessments_column_names

reassign assignment list names with column_name attribute if available
verify_pkg_source

Verify a pkg_source when one is manually specified by the user
all_assessments

A default list of assessments to perform for each package
assess_downloads_1yr

Assess a package for the number of downloads in the past year
assess_dependencies

Assessment of dependency footprint for a specific package
allow_mutation

a wrapper to assert that a pkg_ref has been permitted to do an additional mutation, used to handle recursive initialization of cached fields
assess_has_bug_reports_url

Assess a package for the presence of a url field where bugs can be reported.
assess_has_news

Assess a package for the presence of a NEWS file
assess_has_maintainer

Assess a package for an associated maintainer
assess_covr_coverage

Assess a package code coverage using the `covr` package
assess_has_source_control

Assess a package for an associated source control url
as_pkg_metric_todo

A pkg_metric subclass for when pkg_metrics have not yet been implemented
as_pkg_metric_error

A subclass wrapping an error with an additional parent class
as_pkg_metric_na

A pkg_metric subclass for when metrics are explicitly not applicable
as_pkg_metric

Convert an object to a pkg_metric
as_pkg_metric_condition

A pkg_metric subclass for general metric evaluation conditions