In ropenscilabs/defender: Check Package for Potential Security Violations
rOpenSci Unconf 18 Project : defender
knitr::opts_chunk$set(
collapse = TRUE,
comment = "#>",
fig.path = "README-"
)
defender 
The goal of defender is to do static code analysis on other R packages to check for potential security risks and best practices. It provides checks on multiple levels:
- [x] static code analysis without installing the package
- [ ] more thorough but potentially dangerous checks with installation / in Docker container
The checks do not tell you whether something is harmful but rather they flag code that you should double-check before running / loading the package.
Installation
You can install defender from github with:
# install.packages("devtools")
devtools::install_github("ropenscilabs/defender")
Example
System calls in R scripts
You can check for system calls in any directory locally available:
defender::summarize_system_calls("../testevil")
You can also include additional elements to flag as dangerous:
sc <- defender::system_calls("poll")
defender::summarize_system_calls("../testevil", calls_to_flag = sc)
System-related imports in NAMESPACE
You can check the NAMESPACE file in a package for dangerous imports:
defender::check_namespace("../testevil")
You can also include additional elements to flag as dangerous:
di <- defender::dangerous_imports("processx::poll")
defender::check_namespace("../testevil", imports_to_flag = di)
Collaborators
- Ildi Czeller @czeildi
- Karthik Ram @karthik
- Bob Rudis @hrbrmstr
- Kara Woo @karawoo
ropenscilabs/defender documentation built on May 11, 2022, 9:10 a.m.
R Package Documentation
Browse R Packages
We want your feedback!
Note that we can't provide technical support on individual packages. You should contact the package authors for that.
rOpenSci Unconf 18 Project : defender
knitr::opts_chunk$set( collapse = TRUE, comment = "#>", fig.path = "README-" )
defender
The goal of defender is to do static code analysis on other R packages to check for potential security risks and best practices. It provides checks on multiple levels:
- [x] static code analysis without installing the package
- [ ] more thorough but potentially dangerous checks with installation / in Docker container
The checks do not tell you whether something is harmful but rather they flag code that you should double-check before running / loading the package.
Installation
You can install defender from github with:
# install.packages("devtools") devtools::install_github("ropenscilabs/defender")
Example
System calls in R scripts
You can check for system calls in any directory locally available:
defender::summarize_system_calls("../testevil")
You can also include additional elements to flag as dangerous:
sc <- defender::system_calls("poll") defender::summarize_system_calls("../testevil", calls_to_flag = sc)
System-related imports in NAMESPACE
You can check the NAMESPACE file in a package for dangerous imports:
defender::check_namespace("../testevil")
You can also include additional elements to flag as dangerous:
di <- defender::dangerous_imports("processx::poll") defender::check_namespace("../testevil", imports_to_flag = di)
Collaborators
- Ildi Czeller @czeildi
- Karthik Ram @karthik
- Bob Rudis @hrbrmstr
- Kara Woo @karawoo
R Package Documentation
Browse R Packages
We want your feedback!
Note that we can't provide technical support on individual packages. You should contact the package authors for that.
Embedding an R snippet on your website
Add the following code to your website.
For more information on customizing the embed code, read Embedding Snippets.