Category

Blog

The R Consortium Funds Three Projects in July

By Blog

by Joseph Rickert and Hadley Wickham

The Infrastructure Steering Committee (ISC) has approved funding for three of the thirteen proposed projects received during the most recent round of contributed proposals which closed on July 10th. The total amount awarded was just over $29,000. A brief description of each of these projects follows.

The R Documentation Task Force: The Next Generation R Documentation System

Andrew Redd received $10,000 to lead a new ISC working group, The R Documentation Task Force, which has a mission to design and build the next generation R documentation system. The task force will identify issues with documentation that currently exist, abstract the current Rd system into an R compatible structure, and extend this structure to include new considerations that were not concerns when the Rd system was first implemented. The goal of the project is to create a system that allows for documentation to exist as objects that can be manipulated inside R. This will make the process of creating R documentation much more flexible enabling new capabilities such as porting documentation from other languages or creating inline comments. The new capabilities will add rigor to the documentation process and enable the the system to operate more efficiently than any current methods allow. For more detail have a look at the R Documentation Task Force proposal (Full Text).

The task force team hopes to complete the new documentation system in time for the International R Users Conference, UseR! 2017, which begins July 4th 2017. If you are interested in participating in this task force, please contact Andrew Redd directly via email (andrew.redd@hsc.utah.edu). Outline your interest in the project, you experience with documentation any special skills you may have. The task force team is particularly interested in experience with documentation systems for languages other than R and C/C++.

Interactive data manipulation in mapview

The ISC awarded $9,100 to Tim Appelhans, Florian Detsch and Christoph Reudenbach the authors of the Interactive data manipulation in mapview project (Proposal) which aims to extend the capabilities of R for visualizing geospatial data by implementing a two-way data exchange mechanism between R and JavaScript. The central idea is to extend the capabilities of existing tools to enhance the user experience of interactively working with geospatial data by implementing mechanisms for two way data transfer. For example, although htmlwidgets has proven itself to be a powerful framework for enabling interactive, JavaScript based data visualizations, data flow from R to Javascript runs on a one-way street.  There is currently no way to pass manipulated data back into the user’s R environment. This project aims to first develop a general framework to provide a bridge between htmlwidgets and R to enable a workflow of R -> htmlwidgets -> R and then to use this framework to implement standard interactive spatial data manipulation tools for packages mapview and leaflet. The plan section of the project proposal provides considerable detail on the steps required to achieve the project’s goals.

If you would like to help and have strong R and JavaScript skills contact the authors directly via the email address provided in the links above.

R-Ladies Alignment and Global Expansion

The ISC awarded $10,000 to a team that includes members from both the London and San Francisco R-Ladies user groups (Gabriela de Queiroz, Chiin­Rui Tan, Alice Daish, Hannah Frick, Rachel Kirkham, Erin Ledell, Heather Turner, and Claudia Vitolo) to establish additional R-Ladies groups worldwide. The proposal (Full text) authors note that women are underrepresented in every role of the global R community; as leaders, package developers, conference speakers, conference participants, educators, and R users. They propose to address this issue through a series of practical actions that build on the success of the San Francisco and London R-Ladies groups in encouraging female participation. The team envisions the project unfolding in two phases. In the first phase, the team will identify the common elements contributing to the success of both existing R-Ladies groups, establish the “R-Ladies” brand and build a new centralized community infrastructure. The second phase will be devoted to managing the global expansion of the “R-Ladies” initiative through selective seeding of new groups around the world.

This is an ambitious project that will require a variety of technical skills (website design and development, Bookdown content development and graphic design, for example)  as well as expertise in marketing, public relations, social media communications and event organization. The R-Ladies are looking for help. If you are interested contributing your expertise or maybe starting a “R-Ladies” group in your area write to info@rladies.org.

Impact

Each of these projects has the potential to profoundly affect the R Community. R-Ladies will enlarge the community and strengthen the social fabric that binds it together. If successful, the R Documentation Task force will improve the environment for R package development and enrich the experience of every R user. The interactive data manipulation project has the potential to increase the synergy between R and JavaScript and set the direction for the development for interactive visualizations.

First Public Version of the r-hub Builder

By Blog

The r-hub builder is the first major project of the R consortium. It is an R package build and continuous integration service, open to all members of the R community.

Goals for R-Hub include:

  • simplify the R package development process: creating a package, building binaries and continuous integration, publishing, distributing and maintaining it;
  • encourage community contributions; and
  • pre-test CRAN package submissions to ease burden on CRAN maintainers.

What’s available

  • Linux builders for uploaded R source packages. You can watch the package check process in real time. Currently Debian and Fedora builders are available. Builds are performed in Docker containers, and new builders can be added easily.
  • Automatic detection of system requirements. We built a system requirements database that allows us to automatically install system software needed for R packages. Note that the database needs constant improvements, and if it fails for your R package, please let us know. See below.
  • Flexible package dependencies. You don’t need to have all your package dependencies on CRAN in order to use r-hub. We support devtools-styleRemotes fields in DESCRIPTION, so you can depend on GitHub, BitBucket, etc. packages. See more about this at https://cran.r-project.org/web/packages/devtools/vignettes/dependencies.html

Go to https://builder.r-hub.io to try the r-hub builder!

What’s coming?

Mostly everything else that was promised in the proposal The two major features that are coming soon are

  • Windows builds, and
  • The r-hub CI. You’ll be able to trigger builds from your GitHub repositories.

You can help

R Consortium Outlook 2016

By Blog

2016 is already shaping up to be another banner year for the R Project. The project is as active as ever, with the new R 3.2.4 just released (and R 3.3.0 following up very soon), and the milestone of 8,000 contributed packages was passed just last month (coincidentally, on the 16th anniversary of the release of R 1.0.0). Meanwhile, the popularity of the R language continues unabated: R was ranked #6 in IEEE’s Top Programming Languages of 2015, and it’s one of the fastest-growing languages on StackOverflow.

This popularity makes the mission of the R Consortium as important as ever: to support to the R community, the R Foundation, and everyone using, maintaining and distributing R software. Founded just last July, 2015 was a year of “spinning up” for the R Consortium: establishing a board, recruiting members, and setting a charter for the steering committee. With that groundwork behind us, 2016 will be a year of action. The Consortium will be distributing funds to community-nominated projects and soliciting more proposals, supporting the useR! 2016 conference in Stanford, and continuing to popularize R as the leading platform for data science research and applications.

The R Consortium recently welcomed Avant and Procogia as new Silver members. If your employer is a member of the R Consortium, we encourage you to show your support for our mission with this member badge. If not, please encourage your employer to become a member and provide their support as well.

We’ll have more news to share here in the blog in the coming weeks. In the meantime, we invite you to read the list of frequently-asked questions about the R Consortium, and follow the R Consortium on Twitter for the latest updates.

R Consortium Infrastructure Steering Committee (ISC) elects Chair

By Blog

by Joseph Rickert

This week, the Infrastructure Steering Committee (ISC) of the R Consortium unanimously elected Hadley Wickham as its chair thereby also giving Hadley a seat on the R Consortium board of directors. Congratulations Hadley!!

This is a major step forward towards putting the R Consortium in business. Not only is the ISC the group that will decide on what projects the R Consortium will undertake, but it will also be responsible for actually getting the work done. (Look here for the charter of the ISC. )

The whole process of funding, soliciting, selecting and executing projects will work something like this: The board of directors under the leadership of its chair, Richard Pugh of Mango Solutions, will establish a budget for projects. The ISC will solicit proposals for new projects both from R Consortium member companies and from the R Community at large.  With approval from the board, the ISC will decide which projects to fund. From there on, the ISC will assemble resources and manage the work. That’s the plan. The devil, of course, is in the details. There is much work to be done to put all of the necessary infrastructure in place, but Hadley’s election makes it possible for the ISC to begin bootstrapping the process.

So, while there is currently no formal proposal process in place, and the ISC and the R Consortium are not ready to begin the process of soliciting proposals from the public, it is not too early for the R Community to begin thinking about what work needs to be done. Now, is the time to begin thinking on a grand scale; well, at least on a scale that might be a bit more ambitious than creating a single R package.

What type of project might make the cut? I don’t want to set up any constraints here, or limit possibilities. But, just to pick one application area, it seems to me that that there were more than a few ideas kicked around in the HP Workshop on Distributed Computing in R held earlier this year that could be formulated into exciting and important projects. How about a unified interface for distributed computing in R?

If you have an idea for a project that you think would benefit the general R community but is more complicated than writing a simple package please start thinking about how you would write up your ideas, elaborating on the benefits to the R Community, technical feasibility, required resources etc. And, stayed tuned to R Consortium Announcements for information on when the proposal process will begin.

I’ll finish here by congratulating Hadley one more time, and state that I am very pleased to have the opportunity to work with him and the other members of the committee. I expect that with Hadley’s technical leadership, the guidance of the board of directors, and the participation of committed R users that the R Consortium will become an effective advocate and source of support for the R Community.

You can write to the ISC at:  isc@r-consortium.org

Some facts about the R Consortium
Founded: June 19, 2015
Status: The R Consortium is organized as a Linux Foundation Collaborative Project
Member organizations: Alteryx, Google, Hewlett Packard, Oracle, Ketchum Trading, Mango Solutions, Microsoft, The R foundation, RStudio and Tibco
Board of Directors: David Smith (Microsoft), Hadley Wickham (RStudio), John Chambers (R Foundation), J.J. Allaire (RStudio), Louis Bajuk-Yorgan (Tibco) and Chair, Richard Pugh (Mango Solutions)
ISC Members: Hadley Wickham (RStudio), Joseph Rickert (Microsoft), Luke Tierney (R Foundation) and Stephen Kaluzny (Tibco)

Best Practices for Using R Securely

By Blog

The R Consortium was formed to serve the interests of the R user community, and to that end the members of the R Consortium would like to share some best practices for using R securely and safely. These recommendations are not unique to R: you should follow similar practices for any software you download from the Internet.

If you download R (or R packages) using an unencrypted Internet connection, there is a possibility that a malicious actor could modify the code in transit (or substitute their own file), if they have access to the connection linking you and the CRAN server delivering the code. (This is possible, for example, when you download R using an unsecured Wi-Fi network.) This could potentially give an attacker the same rights you have to execute code on your system.

To eliminate the possibility of such an attack, the R Consortium recommends all R users to always download R and R packages using an encrypted HTTPS connection from a secure server. This document describes steps you can take to configure your existing or new R installations to adhere to best practices for secure R use.

1. Always download R installers from a CRAN server using HTTPS

Every time you download R, make sure you are connected to the download site using a secure HTTPS connection. Check that the URL of the web page you are using to download R begins with “https://” (not “http://”) and that your browser reports the site to be secure. (Here are some ways you can check: http://info.ssl.com/article.aspx?id=10068.)

If you are downloading R from CRAN, the following CRAN mirrors support HTTPS and we recommend using one of them:

The above list is complete as of August 12, 2015. Check the list of CRAN Mirrors for other HTTPS mirrors added since then.

2. Check the MD5 checksums of R before you begin the installation.

When you download R, the same webpage should also provide the “md5 checksum” for the installation. (It will be a long string of letters and digits. Here’s an example — but remember, it will be different for every version of R: 9578948a99ee6b74ff10b71b0891b94c.) After you download the file to install R, you should generate another md5 checksum for the file you downloaded, and make sure it matches the checksum provided on the download site. (Here are instructions for doing so on WindowsLinux, and Mac OS X). If the checksums do not match, do not install R using that file.

3. Configure R for secure file downloads

When downloading files over the Internet (including R packages), R must be configured such that a secure, HTTPS-enabled web server may be used.  To configure R appropriately, add code to your .Rprofile or Rprofile.site file. The instructions vary depending on the version of R and operating system you use. Note that this is the default configuration for R 3.2.2, so you do not need to take any action for R 3.2.2 or any later version of R.

R 3.2.0 and R 3.2.1

Windows:

options(download.file.method = “wininet”)

OS X and Linux:

options(download.file.method = “libcurl”)

R 3.1 and earlier

Windows:

utils::setInternet2(TRUE)

options(download.file.method = “internal”)

OS X:

options(download.file.method = “curl”)

Linux:

options(download.file.method = “wget”)

4. Always download CRAN packages from a secure mirror

The same cautions apply to R packages. Always make sure you are using a CRAN mirror that supports HTTPS, such as one from the list given in point 1 above.

To configure R to automatically use a secure mirror, add the following code to your .Rprofile or Rprofile.site file, using the mirror of your choice (beginning with “https://”) in the first line.

securemirror <- “https://cran.r-project.org/

local({

r <- getOption(“repos”);

r[“CRAN”] <- securemirror

options(repos=r)

})

Note that you do not need to check md5 sums for packages: R automatically checks md5 checksums before it installs any package.

Summary

With these simple steps, you can eliminate one vector of attack for a malicious actor who can intercept your communications. The R Consortium recommends all R users follow this practice.

The R Consortium Begins its Mission

By Blog

Since the announcement of the R Consortium on June 30, the members of the Consortium have begun the mission of supporting the R project and the vast community of R users around the world. The first task was to appoint members of the Board of the R Consortium, and to that end we are pleased to announce the following board members:

JJ Allaire, RStudio

Louis Bajuk-Yorgan, Tibco

John Chambers, R Foundation

Richard Pugh, Mango Solutions

David Smith, Microsoft
We are also pleased to announce that Richard Pugh has been elected as President of the R Consortium board.

The next step is to form the Infrastructure Steering Committee, which will then select and oversee the various projects undertaken by the R Consortium on behalf of its members and the R Community. The R Consortium Board welcomes suggestions from the R Community of suitable projects pursue. We will publish a formal process for proposals soon, but in the meantime we welcome suggestions from anyone to info@r-consortium.org.