ropenscilabs / Notary
Licence: other
ππ¦ Signing & verification of R packages
Stars: β 48
Programming Languages
r
7636 projects
Projects that are alternatives of or similar to Notary
Rtimicropem
π· R Package for the Analysis of RTI MicroPEM Output Files π·
Stars: β 9 (-81.25%)
Mutual labels: r-package, rstats
Rdhs
API Client and Data Munging for the Demographic and Health Survey Data
Stars: β 22 (-54.17%)
Mutual labels: r-package, rstats
Hexagon
βοΈβΉβΆοΈ R package for creating hexagon shaped xy data frames.
Stars: β 40 (-16.67%)
Mutual labels: r-package, rstats
Tidymv
Tidy Model Visualisation for Generalised Additive Models
Stars: β 25 (-47.92%)
Mutual labels: r-package, rstats
Webmockr
R library for stubbing and setting expectations on HTTP requests
Stars: β 37 (-22.92%)
Mutual labels: r-package, rstats
Skimr
A frictionless, pipeable approach to dealing with summary statistics
Stars: β 889 (+1752.08%)
Mutual labels: r-package, rstats
Restez
π΄ π Create and Query a Local Copy of GenBank in R
Stars: β 22 (-54.17%)
Mutual labels: r-package, rstats
Cld2
R Wrapper for Google's Compact Language Detector 2
Stars: β 34 (-29.17%)
Mutual labels: r-package, rstats
Patentsview
An R client to the PatentsView API
Stars: β 18 (-62.5%)
Mutual labels: r-package, rstats
Rnaturalearthdata
to hold data used by rnaturalearth
Stars: β 8 (-83.33%)
Mutual labels: r-package, rstats
Chr
π€ Lightweight R package for manipulating [string] characters
Stars: β 18 (-62.5%)
Mutual labels: r-package, rstats
Proj
βοΈ [DEPRECATED] R wrapper for proj4js
Stars: β 5 (-89.58%)
Mutual labels: r-package, rstats
Icpsrdata
Reproducible data downloads from the ICPSR data archive
Stars: β 7 (-85.42%)
Mutual labels: r-package, rstats
Originr
Species origin data from the web in R
Stars: β 13 (-72.92%)
Mutual labels: r-package, rstats
Problems
Solutions (current)
GitHub
- Only install signed releases
- Verify release signatures
CRAN
- Reimagining integrity mirror integrity
notary : Signing and Verification of R Packages
Methods
More for users:
CRAN-ish
-
install_packages: Install and verify packages -
download_packages: Download and verify packages -
available_packages: Download and verify package indices
GitHub-ish
-
install_release: Validate that the current GitHub release is GPG signed and install it if so -
validate_release: Validate that the current GitHub release is GPG signed -
retrieve_release_signature: Retrieve the GitHub signing information for the latest release of a package -
get_tags: Retrieve a data frame of GitHub package tag (release) info
source()-ish
-
source_safe_sign: Source a file with verification -
sys_source_safe_sign: Source a file with verification
More for plumbers:
-
package_index_prepare: Prepare a package index
The Book of R [Security]
https://ropenscilabs.github.io/r-security-practices/index.html
A gif is worth a thousand words
Usage
library(notary)
library(tidyverse)
validate_release("hrbrmstr/hrbrthemes")
## Repo/Package: hrbrmstr/hrbrthemes (v0.3.0)
## Committer: Bob Rudis <[email protected]>
## GitHub Verified: TRUE
## GPG Fingerprint: 3773E53B2013A722FA67C6F02A514A4997464560
## Trusted peer: TRUE
## Timestamp: 2017-05-10 11:15:21
## Algorithm: RSA + SHA256
validate_release("ironholds/rgeolocate")
## Repo/Package: ironholds/rgeolocate (0.8.0)
## Committer: Oliver Keyes <[email protected]>
## GitHub Verified: FALSE
## GPG Fingerprint:
## Trusted peer:
## Timestamp:
## Algorithm: +
retrieve_release_signature("hrbrmstr/ggalt")
## Latest release is not signed or has not been verified
## NULL
glimpse(get_tags("hrbrmstr/hrbrthemes"))
## Observations: 2
## Variables: 9
## $ user <chr> "hrbrmstr", "hrbrmstr"
## $ repo <chr> "hrbrthemes", "hrbrthemes"
## $ tag <chr> "v0.3.0", "v0.1.0"
## $ committer <chr> "Bob Rudis", "boB Rudis"
## $ committer_email <chr> "[email protected]", "[email protected]"
## $ verified <lgl> TRUE, FALSE
## $ reason <chr> "-----BEGIN PGP SIGNATURE-----\n\niQIcBAABCAAGBQJZE1i5AAoJECpRSkmXRkVgYzAP/je9bp3imLA9LZPOF...
## $ signature <chr> "-----BEGIN PGP SIGNATURE-----\n\niQIcBAABCAAGBQJZE1i5AAoJECpRSkmXRkVgYzAP/je9bp3imLA9LZPOF...
## $ payload <chr> "tree d2959bd73ad3af822e7370553242fbf045438e8d\nparent 52539bf3dc91776c8cb988efdca6565b8b69...
get_tags("tidyverse/dplyr")
## # A tibble: 14 x 9
## user repo tag committer committer_email verified reason signature payload
## <chr> <chr> <chr> <chr> <chr> <lgl> <chr> <chr> <chr>
## 1 tidyverse dplyr v0.6.0-rc hadley [email protected] FALSE <NA> <NA> <NA>
## 2 tidyverse dplyr v0.5.0 hadley [email protected] FALSE <NA> <NA> <NA>
## 3 tidyverse dplyr v0.4.3 Romain Francois [email protected] FALSE <NA> <NA> <NA>
## 4 tidyverse dplyr v0.4.2 hadley [email protected] FALSE <NA> <NA> <NA>
## 5 tidyverse dplyr v0.4.1 hadley [email protected] FALSE <NA> <NA> <NA>
## 6 tidyverse dplyr v0.4.0 hadley [email protected] FALSE <NA> <NA> <NA>
## 7 tidyverse dplyr v0.3.0.1 Hadley Wickham [email protected] FALSE <NA> <NA> <NA>
## 8 tidyverse dplyr v0.3 hadley [email protected] FALSE <NA> <NA> <NA>
## 9 tidyverse dplyr v0.2.0 hadley [email protected] FALSE <NA> <NA> <NA>
## 10 tidyverse dplyr v0.1.3 hadley [email protected] FALSE <NA> <NA> <NA>
## 11 tidyverse dplyr v0.1.2 hadley [email protected] FALSE <NA> <NA> <NA>
## 12 tidyverse dplyr v0.1.2-cran-rc hadley [email protected] FALSE <NA> <NA> <NA>
## 13 tidyverse dplyr v0.1.1 Romain François [email protected] FALSE <NA> <NA> <NA>
## 14 tidyverse dplyr v0.1 hadley [email protected] FALSE <NA> <NA> <NA>
Code of Coduct
Please note that this project is released with a Contributor Code of Conduct. By participating in this project you agree to abide by its terms.
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].