Update strategies on R min deps check workflow #959

	name: Audit Dependencies 🕵️‍♀️

	on:
	push:
	branches:
	- main
	pull_request:
	types:
	- opened
	- synchronize
	- reopened
	- ready_for_review
	branches:
	- main
	workflow_dispatch:
	workflow_call:
	inputs:
	package-subdirectory:
	description: Subdirectory in the repository, where the R package is located.
	required: false
	type: string
	default: "."

	jobs:
	audit:
	runs-on: ubuntu-latest
	container:
	image: ghcr.io/insightsengineering/rstudio_4.3.1_bioc_3.17:latest
	name: oysteR scan 🦪
	if: >
	!contains(github.event.commits[0].message, '[skip audit]')
	&& github.event.pull_request.draft == false
	steps:
	- name: Checkout repo 🛎
	uses: actions/checkout@v3

	- name: Run oysteR scan on dependencies 🔍
	run: \|
	tryCatch(
	expr = {
	dependencies_scan = oysteR::audit_description(
	dir = ".",
	fields = c("Depends", "Imports", "Suggests"),
	verbose = TRUE
	)
	print(as.data.frame(
	dependencies_scan[c(
	"package",
	"version",
	"vulnerabilities",
	"no_of_vulnerabilities"
	)]
	))
	},
	error = function(e) {
	message('🚨 Caught an error!')
	print(e)
	}
	)
	shell: Rscript {0}
	working-directory: ${{ inputs.package-subdirectory }}

	- name: Run oysteR scan on renv.lock 🔒
	run: \|
	tryCatch(
	expr = {
	if (file.exists("renv.lock")) {
	renv_lock_scan = oysteR::audit_renv_lock(dir = ".", verbose = TRUE)
	print(as.data.frame(
	renv_lock_scan[c(
	"package",
	"version",
	"vulnerabilities",
	"no_of_vulnerabilities"
	)]
	))
	} else {
	print("No renv.lock file, not scanning.")
	}
	},
	error = function(e) {
	message('🚨 Caught an error!')
	print(e)
	}
	)
	shell: Rscript {0}

Provide feedback