Friday, November 29, 2024 From rOpenSci (https://ropensci.org/blog/2024/11/29/news-november-2024/). Except where otherwise noted, content on this site is licensed under the CC-BY license.
Dear rOpenSci friends, it’s time for our monthly news roundup!
You can read this post on our blog. Now let’s dive into the activity at and around rOpenSci!
Now open to non-rOpenSci package maintainers!
Making your first contribution to Open Source can be both empowering and intimidating. As such, we’re exited to announce a special series of activities to support first-time contributors! 🎉
Are you an package maintainer who would like to help someone make their first contribution? We limited our initial call to rOpenSci package maintainers, but we still have some room, so have decided to open this up to all package maintainers!
See our blog post for more details and how to sign up (by December 9th).
Thanks to optimized caching, the web front-end pages load much faster, making it even more fun to browse around the R ecosystem.
In her keynote Yanina Bellini Saibene invited the audience to reflect on how to measure the impact of our work in our communities. She shared two frameworks we use at rOpenSci and severals tool to measure different aspects of our work and our impact, not only with numbers, but with stories. Slidedeck.
We had a very nice and productive event during LatinR, with people registered from thirteen countries. Some people stayed for the whole event and others participated during some of the working sessions.
We discussed the GitHub workflow and the babelquarto and babeldown packages. We also reviewed the translation guidelines and started working on a Portuguese glossary for the translations.
Participants worked on reviewing the rOpenSci dev guide. As a result, we now have two more chapters with their first review started, two chapters with the second review under work, and five chapters merged with the complete translation. We also started the translation of our Code of Conduct. 🚀
We are very grateful to Pedro Faria, Beatriz Milz, Francesca Palmeira, Rafael Fontenelle, Ildeberto Vasconcelos, Samuel Carleial, and Ariana Cabral for their contributions during the Traslatón 🙏.
If you want to participate in this collaborative translation effort, please check out our project and add a comment to the pull request you would like to review.
All the resources for our first community call in português are now available on our website.
Check the video, speakers slides, and links to other resources related to translation efforts in the R Community.
Mark Padgham published a blog post about his allcontributors package, which provides a very easy way to acknowledge all contributions to your software.
Join us for social coworking & office hours monthly on first Tuesdays! Hosted by Steffi LaZerte and various community hosts. Everyone welcome. No RSVP needed. Consult our Events page to find your local time and how to join.
Tuesday, December 3rd, 09:00 Australia Western (01:00 UTC), “Getting Involved in the Antarctic/Southern Ocean rOpenSci Community” with cohosts Michael Sumner and Ben Raymond, and Steffi LaZerte.
Tuesday, January 14th, 14:00 European Central (13:00 UTC), “Working with Parquet in R” with cohosts Rainer M Krug, and Steffi LaZerte.
And remember, you can always cowork independently on work related to R, work on packages that tend to be neglected, or work on what ever you need to get done!
Discover more packages, read more about Software Peer Review.
The following twenty-one packages have had an update since the last newsletter: rsi (v0.3.1), allcontributors (v0.2.2), av (v0.9.3), comtradr (v1.0.3), FedData (v4.1.0), gitignore (v0.1.8.9000), GLMMcosinor (v0.2.1), jagstargets (1.2.2), lingtypology (v1.1.20v1), nodbi (v0.11.0), occCite (v0.5.9), osmapiR (v0.2.2), osmextract (v0.5.2), readODS (v2.3.1), ruODK (v1.5.1), spatsoc (v0.2.7), stats19 (v3.2.0), tarchetypes (0.11.0), targets (1.9.0), UCSCXenaTools (v1.6.0), and weathercan (v0.7.2).
There are twelve recently closed and active submissions and 7 submissions on hold. Issues are at different stages:
One at ‘5/awaiting-reviewer(s)-response’:
Four at ‘4/review(s)-in-awaiting-changes’:
rredlist, IUCN Red List Client. Submitted by William Gearty.
fireexposuR, Compute and Visualize Wildfire Exposure. Submitted by Air Forbes.
cancerprof, API Client for State Cancer Profiles. Submitted by Brian Park.
gigs, Assess Fetal, Newborn, and Child Growth with International Standards. Submitted by Simon Parker. (Stats).
Three at ‘3/reviewer(s)-assigned’:
mbquartR, Finding Manitoba Quarter Sections. Submitted by Alex Koiter.
sits, Satellite Image Time Series Analysis for Earth Observation Data Cubes. Submitted by Gilberto Camara.
fwildclusterboot, Fast Wild Cluster Bootstrap Inference for Linear Models. Submitted by Alexander Fischer. (Stats).
Two at ‘2/seeking-reviewer(s)’:
QuadratiK, A Collection of Methods Using Kernel-Based Quadratic Distances for. Submitted by Giovanni Saraceno. (Stats).
galamm, Generalized Additive Latent and Mixed Models. Submitted by Øystein Sørensen. (Stats).
Two at ‘1/editor-checks’:
pkgmatch, Find R Packages Matching Either Descriptions or Other R Packages. Submitted by mark padgham.
forcis, An R Client to Access the FORCIS Database. Submitted by Nicolas Casajus.
Find out more about Software Peer Review and how to get involved.
Looking for Maintainers to Support First-Time Contributors by Steffi LaZerte and Yanina Bellini Saibene. Announcing a Community Call and Coworking sessions to support first contributions.
Give Thanks with the allcontributors Package by Mark Padgham. The allcontributors package helps to given thanks to software contributions.
If you’re interested in maintaining any of the R packages below, you might enjoy reading our blog post What Does It Mean to Maintain a Package?.
hddtools, Hydrological Data Discovery Tools. Issue for volunteering.
circle, R client package for the Continuous Integration (CI) provider Circle CI. Issue for volunteering.
tic, Tasks Integrating Continuously: CI-Agnostic Workflow Definitions. Issue for volunteering.
USAboundaries (and USAboundariesdata), historical and contemporary boundaries of the United States of America . Issue for volunteering.
historydata, datasets for historians. Issue for volunteering.
Refer to our help wanted page – before opening a PR, we recommend asking in the issue whether help is still needed.
The bib2f package, for parsing BibTeX files into tibbles, would need some help! Issue for volunteering.
Some useful tips for R package developers. 👀
The recordings of talks at posit::conf(2024) are now available on YouTube. Particularly relevant for package developers are:
Why’d you load that package for? by Luis D. Verde Arregoitia.
Open-Source Initiatives in Pharma - What’s Out There and Why You Should Join by Nicholas Masel.
Art of R Packages: Forging Community with Hex Stickers by Hubert Halun.
Introducing Positron, a new data science IDE by Julia Silge, Isabel Zimmerman, Tom Mock, Jonathan McPherson, Lionel Henry, Davis Vaughan, and Jenny Bryan.
Contributing to the R Project by Heather Turner.
API-first package design — and learning patchwork in the process by Thomas Lin Pedersen.
“Please Let Me Merge Before I Start Crying”: And Other Things I’ve Said at The Git Terminal by Meghan Harris.
Mixing R, Python, and Quarto: Crafting the Perfect Open Source Cocktail by Alenka Frim & Nic Crane.
… and more! Happy watching.
Don’t miss the blog post Handling CRAN Requirements for Web API R Packages by James Balamuta!
Also relevant, this chapter of the HTTP testing in R book: CRAN- (and Bioconductor) preparedness for your tests.
If you were still using version 3 of the Artifacts action, upgrade as your workflows will start failing. Thanks to Hugo Gruson for pointing this out!
A tip by Jacob Wujciak-Jens: Github provides the dependabot service that can help you keep actions updated hassle free! Just add the following simple yaml file as .github/dependabot.yml in your repo and a friendly bot will open PRs to keep you workflows up to date!
version: 2
updates:
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "monthly"
open-pull-requests-limit: 10
Thanks to Zhian Kamvar for bringing up the article “ArtiPACKED: Hacking Giants Through a Race Condition in GitHub Actions Artifacts” in our slack workspace.
In Zhian’s words: if you upload an artifact that contains the .git/ directory of a cloned repo, the GITHUB_TOKEN is exposed.
While it expires at the end of the run, there is a small delay, which is long enough for a targeted attack.
The solution is to set persist-credentials: false for every actions/checkout run.
Thanks for reading! If you want to get involved with rOpenSci, check out our Contributing Guide that can help direct you to the right place, whether you want to make code contributions, non-code contributions, or contribute in other ways like sharing use cases. You can also support our work through donations.
If you haven’t subscribed to our newsletter yet, you can do so via a form. Until it’s time for our next newsletter, you can keep in touch with us via our website and Mastodon account.
