Think about dependency scanning for vulnerabilities

[thomasyu888]

Is your feature request related to a problem? Please describe.
Part of compliance is security for our applications, and part of security is code or dependency scanning. There is a package called oysteR that does this. I created an renv environment for this application and scanned the dependencies.

Unsure if this will be required for compliance.

Describe the solution you'd like
Unsure - this is just an example.

> oysteR::audit_renv_lock()
ℹ Using cached results for 66 packages

── Calling sonatype API: https://www.sonatype.com/ ──

→ No Sonatype tokens found
ℹ Calling API: batch 1 of 1

── Vulnerability overview ──

ℹ 78 packages were scanned
ℹ 62 packages were found in the Sonatype database
ℹ 0 packages had known vulnerabilities
ℹ A total of 0 known vulnerabilities were identified
ℹ See https://github.com/sonatype-nexus-community/oysteR/ for details.
# A tibble: 78 × 8
   package            version type  oss_package  description   reference   vulnerabilities no_of_vulnerabi…
   <chr>              <chr>   <chr> <chr>        <chr>         <chr>       <list>                     <int>
 1 Rcpp               1.0.8.3 cran  pkg:cran/Rc… "Rcpp:  Seam… https://os… <list [0]>                     0
 2 commonmark         1.8.0   cran  pkg:cran/co… "commonmark:… https://os… <list [0]>                     0
 3 crayon             1.5.1   cran  pkg:cran/cr… "crayon:  Co… https://os… <list [0]>                     0
 4 fresh              0.2.0   cran  pkg:cran/fr…  NA           https://os… <list [0]>                     0
 5 glue               1.6.2   cran  pkg:cran/gl… "glue:  Inte… https://os… <list [0]>                     0
 6 jsonlite           1.8.0   cran  pkg:cran/js… "jsonlite:  … https://os… <list [0]>                     0
 7 magrittr           2.0.3   cran  pkg:cran/ma… "magrittr:  … https://os… <list [0]>                     0
 8 rlang              1.0.2   cran  pkg:cran/rl… "rlang:  Fun… https://os… <list [0]>                     0
 9 sass               0.4.1   cran  pkg:cran/sa…  NA           https://os… <list [0]>                     0
10 shinydashboardPlus 2.0.3   cran  pkg:cran/sh… "shinydashbo… https://os… <list [0]>                     0
# … with 68 more rows
> audit = oysteR::audit_renv_lock()
ℹ Using cached results for 78 packages

── Vulnerability overview ──

ℹ 78 packages were scanned
ℹ 62 packages were found in the Sonatype database
ℹ 0 packages had known vulnerabilities
ℹ A total of 0 known vulnerabilities were identified
ℹ See https://github.com/sonatype-nexus-community/oysteR/ for details.

How important is this feature? Select from the options below:
• 🏝 Low (For now) - Depends on the hard requirements for compliance.

When will use cases depending on this become relevant? Select from the options below:
• Long-term - 6 months - 1 year - Will know more once we learn more about compliance (fedRAMP, etc)

Additional context
Add any other context or screenshots about the feature request here.
Additional context
Add any other context or screenshots about the feature request here.