Skip to content

Security/code/domain review of inlcolor

Review of inlcolor [Complete]

This issue is intended to provide a review covering the "Administrative Security Review", "Code Review", and "Domain Review" criteria as outlined by software management and described in IM OSQI 2019-01.

Administrative Security Review

I confirm that this repository does not contain any:

  • Personally identifiable information (PII)
  • Absolute file system paths
  • Internal server host names or IP addresses
  • Usernames/passwords

Code Review

I confirm that this repository meets or exceeds code quality as it pertains to:

  • Coding standards
  • Unit tests passing
  • User input cleansing
  • Optimizations

Domain Review

I confirm that the outputs produced by this code:

  • align with expected results
  • are scientifically sound/accurate

Other Comments

  • I think some sort of information should be added to the changelog (NEWS.md), even if it is just the date and release of this reviewed version
  • DOI in README does not currently resolve to anything, I assume this will be populated after the release process but I wanted to flag this as something that needs to happen in the future
  • Similar comment about this not being on CRAN, obviously that can't happen until software is approved for public circulation, but that is an outstanding to-do item
  • I couldn't figure out why this was the case, but there's some unexpected formatting (line breaks) in the "Value" section of the rendered documentation for the get_colors() function: image
  • Check the permissions for the deployed documentation, I did not have access to it (but built and viewed the documentation locally)
  • Can it be made clear, either in the README or within the data-raw subdirectory where (i.e., how was it inherited into this project) the Apache 2.0 license has come from and which files it pertains to?
  • This is likely due to my unfamiliarity with USGS processes, but if this was a JOSS review, I would have to ask about the contributors / authors. The repository contributors list only names Jason Fisher, again I'm not sure what USGS policy is on this, but normally I'd ask what contributions were made by non-code contributor authors
  • I'd be curious to know what inspired the creation of this package. It's pretty nifty, but I also imagine color map / color palette generation packages exist for R, why is a new one needed? (or why is a "custom" one needed?)
Edited by Hariharan, Jayaram Athreya