More Than 25 Years of CRAN

CRAN is the package repository that makes R possible — over 20,000 packages maintained by volunteers using processes that have evolved organically over 25 years. Hornik and Ligges provide a rare institutional history of one of the most successful examples of distributed software governance, detailing how submission checks, automated testing, and human oversight create quality at scale. The paper addresses the same sustainability crisis Eghbal identified in open source: volunteer maintainers facing exponential growth in submissions with linear growth in human resources. For product leaders, CRAN represents a middle path between the chaos of npm and the control of app stores — a governed commons that maintains quality without central authority. The institutional design lessons extend beyond package management to any platform that must balance openness with reliability.