I think that the size of the whole dependency tree should be used instead of number of directly dependent packages as it truly reflects how dependent your package is.
Also, this should not account base (and recommended?) packages - e.g. a foo package that depends on some unknown bar package only is more risker than baz package that depends on e.g. methods, tools and utils.
some code snipped that you might find useful
library(magrittr)
x <- pkgdepends::new_pkg_deps("dplyr")
x$resolve()
#> ℹ Loading metadata database
#> ✔ Loading metadata database ... done
#>
x$get_resolution()
#> # A data frame: 32 × 30
#> ref type direct directpkg status package version license needscompilation
#> <chr> <chr> <lgl> <lgl> <chr> <chr> <chr> <chr> <lgl>
#> 1 R6 stan… FALSE FALSE OK R6 2.5.1 MIT + … FALSE
#> 2 cli stan… FALSE FALSE OK cli 3.6.1 MIT + … FALSE
#> 3 dplyr stan… TRUE TRUE OK dplyr 1.1.2 MIT + … FALSE
#> 4 fansi stan… FALSE FALSE OK fansi 1.0.4 GPL-2 … FALSE
#> 5 gener… stan… FALSE FALSE OK generi… 0.1.3 MIT + … FALSE
#> 6 glue stan… FALSE FALSE OK glue 1.6.2 MIT + … FALSE
#> 7 lifec… stan… FALSE FALSE OK lifecy… 1.0.3 MIT + … FALSE
#> 8 magri… stan… FALSE FALSE OK magrit… 2.0.3 MIT + … FALSE
#> 9 pillar stan… FALSE FALSE OK pillar 1.9.0 MIT + … FALSE
#> 10 pkgco… stan… FALSE FALSE OK pkgcon… 2.0.3 MIT + … FALSE
#> # ℹ 22 more rows
#> # ℹ 21 more variables: priority <chr>, md5sum <chr>, sha256 <chr>,
#> # filesize <int>, built <chr>, platform <chr>, rversion <chr>,
#> # repotype <chr>, repodir <chr>, target <chr>, deps <list>, mirror <chr>,
#> # sources <list>, remote <list>, error <list>, metadata <list>, extra <list>,
#> # dep_types <list>, params <list>, sysreqs <chr>, cache_status <chr>
base_pkgs <- rownames(utils::installed.packages(priority = "high"))
x$get_resolution() %>%
dplyr::filter(!(package %in% base_pkgs)) %>%
dplyr::distinct(package) %>%
dplyr::count() %>%
dplyr::pull()
#> [1] 16
I think that the size of the whole dependency tree should be used instead of number of directly dependent packages as it truly reflects how dependent your package is. Also, this should not account base (and recommended?) packages - e.g. a
foo
package that depends on some unknownbar
package only is more risker thanbaz
package that depends on e.g.methods
,tools
andutils
.some code snipped that you might find useful
Created on 2023-08-16 with reprex v2.0.2