# RENV

## Dependencies

Threatrix RENV support requires RENV to be installed on the machine on which the Threat Agent is running. If not already installed, you may install RENV with the following command:

`R -e "install.packages(\"renv\")"`

## Setup

Threatrix RENV support requires an renv.lock file to be present in order to create the bill of materials. If one is not present, it may be created using the following instructions. Once created, it should be committed and managed with your other repository code.\
\
Create a file named `create-renv-lock` in the same directory as the `DESCRIPTION` file and add the following contents:

```
# R script for RENV dependency manager that creates package lock file

dependency.errors <- getOption("renv.config.dependency.errors")
install.transactional <- getOption("renv.config.install.transactional")
snapshot.validate <- getOption("renv.config.snapshot.validate")

options(renv.config.dependency.errors = "ignore")
options(renv.config.install.transactional = FALSE)
options(renv.config.snapshot.validate = FALSE)

renv::init(
    settings = list(snapshot.type = "explicit")
)
renv::snapshot(force=TRUE, type="explicit")


options(renv.config.dependency.errors = dependency.errors)
options(renv.config.install.transactional = install.transactional)
options(renv.config.snapshot.validate = snapshot.validate)
```

From the same directory with the create-renv-lock, run:\
`R --vanilla -s -q -f ./create-renv-lock`

An `renv.lock` file should be created and present in the same directory as your `DESCRIPTION` file. The `renv.lock` should be updated whenever your `DESCRIPTION` file is updated and committed to your source repo so that it's available with each scan.&#x20;

## Usage

No additional steps are necessary. Simply run Threatrix Threat Agent and it will create the associated bill of materials using RENV.

## Errors and Runtime Issues

### Timeouts During Executing

If you're seeing timeouts while running the Threat Agent in an environment with RENV, but without the required renv.lock file, we will attempt to create the renv.lock, which may lead to timeouts after 15 minutes.&#x20;

Best practice is to ensure that your team creates the necessary renv.lock and commits it to your repo so that our agent does not have to recreate with every scan.&#x20;


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.threatrix.io/integrations/dependency-managers/renv.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.