Skip to contents

Detect if package within ecosystem has reported vulnerabilities

Source: R/query.R
is_pkg_vulnerable.Rd

Search the OSV database, by package name and its respective ecosystem, to determine if a vulnerability has ever been listed. If a package has been listed as impacted by a vulnerability this may warrant further queries to investigate specific versions that have been affected.

Usage

is_pkg_vulnerable(name, ecosystem, ...)

Arguments

name

Character vector of package names.

ecosystem

Character vector of ecosystem(s) within which the package(s) exist.

...

Any other parameters to pass to nested functions.

Value

A named vector of logical values indicating vulnerabilities.

Examples

if (FALSE) { # interactive()
is_pkg_vulnerable(c('dask', 'dplyr'), c('PyPI', 'CRAN'))
}