- Is it at least a v1.0.0? A version of at least 1.0.0 (following semantic versioning) usually implies the package is ready for production.
- Has there been a new release in the past six months? New releases within the past six months usually indicate the package is actively being developed.
- Has there been a commit to the repo in the past six months? Maybe there hasn't been a release, but there is active work occurring in the project; the latest commits can tell us that.
- Are there more than 100 weekly downloads? More than 100 weekly downloads indicate the package is being downloaded and used by the community.
- Are there more than 10 contributors? Multiple contributors indicate the package is supported by multiple open-source contributors, which is desirable for seeking a package in active development.
- Are there less than 40 dependencies? A lower reliance on external dependencies indicates there are less packages this particular package relies on, thus reducing overall complexity.
- Is the ratio of issues closed/open and PRs opened/merged less than 2? This is a basic ratio to determine if issues are being opened/closed and Pull Requests opened/merged at a ratio that suggests responsiveness by maintainers. For example, if, in the past month, 5 issues are opened and 4 are closed, there is a strong indication of responsiveness and active development.
This criteria is the baseline we use at Differential — and the one we built into Should I Use? — but it's just that: a baseline. Are you okay with using pre-v1 packages? Go for it! Use your discretion when evaluating packages. There are no hard-and-fast rules, but it’s important to work from a baseline to help in the evaluation process.