Risk Assessment with Custom Configurations

Introduction

The assess_pkg_r_package() function in the risk.assessr package allows users to evaluate the risk of an R package. You can pass a custom risk configuration to control how risk levels are interpreted.

This vignette demonstrates:

Running the function with the default risk configuration
Running it with two different custom configurations

Load the Package

library(risk.assessr)
options(repos = c(CRAN = "http://cran.us.r-project.org"))

Example 1: Use Default Configuration

result_default <- risk.assessr::assess_pkg_r_package("stringr")

str(result_default$risk_analysis)

Example 2: Use Custom Configuration (Strict Code Coverage)


strict_coverage_config <- list(
  list(
    label = "code coverage",
    id = "code_coverage",
    key = "code_coverage",
    thresholds = list(
      list(level = "high", max = 0.9999),
      list(level = "low", max = NULL)
    )
  ),
  list(
    label = "popularity",
    id = "popularity",
    key = "last_month_download",
    thresholds = list(
      list(level = "high", max = 21200000),          
      list(level = "medium", max = 11200000),      
      list(level = "low", max = NULL)       
    )
  )
)

# Set the option
options(risk.assessr.risk_definition = strict_coverage_config)
result_strict <- risk.assessr::assess_pkg_r_package("stringr")

str(result_strict$risk_analysis)

Summary

The risk_config parameter allows you to tailor the risk scoring logic to your organization’s policies. You can use it to enforce stricter standards, accommodate internal tooling priorities, or meet compliance requirements.

Need a high-speed mirror for your open-source project?
Contact our mirror admin team at info@clientvps.com.