Merge pull request #125 from nhs-r-community/call-outs

Moved vulnerability to warning as investigated and added important ca…
nhs-r-community · Nov 15, 2024 · 7722cd2 · 7722cd2
2 parents 37a1020 + e65422c
commit 7722cd2
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 2 deletions.
diff --git a/statement-on-using-tools-r.qmd b/statement-on-using-tools-r.qmd
@@ -18,7 +18,7 @@ Although the current focus of this chapter is specific to R and its tools, we no
 -   To provide reassurance and explanation to colleagues and managers when R is being considered for use in some projects
 -   To support those new to R in understanding how the many packages and tools fit together
 
-## Introduction
+## Introduction {#intro}
 
 R uses [**packages**](#packages), which are small, reusable collections of code that allow users to create and use functions. These packages can be easily distributed so that users can adopt them in the code that they are writing. To illustrate, imagine that you run into a tricky problem programming problem. We can think of three different ways of solving this problem:
 

diff --git a/technical-r.qmd b/technical-r.qmd
@@ -1,7 +1,14 @@
 # Technical guidance - R {#tech-r}
 
 :::{.callout-important collapse=false appearance='default' icon=true}
-## R vulnerability
+## Updating software and packages
+
+It is good practice to update any software and for R this will include [R packages](#intro).
+If you have to rely upon an IT team to do this on your behalf feel free to share this guide with them to help explain what is needed.
+:::
+
+:::{.callout-warning collapse=false appearance='default' icon=true}
+## R vulnerability - awaiting analysis
 Published 29 April 2024 related to versions of R prior to 4.4.0  <https://nvd.nist.gov/vuln/detail/CVE-2024-27322>. 
 
 Remedial action suggested is to upgrade to 4.4.0 and only open rds files from trusted sources.