Products

Should I Use and Why Should I Use It?

Written by Drew Barontini on April 02, 2020

There are over one million packages indexed on NPM, the most popular package registry for JavaScript packages. While it's an indispensable resource for developers building applications β€” offering efficiency, convenience, and reliability β€” it's important to evaluate the impact of using any package in your project.

That's where Should I Use? comes in.

Should I Use? is a tool to help developers and product owners evaluate JavaScript packages through a baseline of criteria:

  • Is it at least a v1.0.0? A version of at least 1.0.0 (following semantic versioning) usually implies the package is ready for production.
  • Has there been a new release in the past six months? New releases within the past six months usually indicate the package is actively being developed.
  • Has there been a commit to the repo in the past six months? Maybe there hasn't been a release, but there is active work occurring in the project; the latest commits can tell us that.
  • Are there more than 100 weekly downloads? More than 100 weekly downloads indicate the package is being downloaded and used by the community.
  • Are there more than 10 contributors? Multiple contributors indicate the package is supported by multiple open-source contributors, which is desirable for seeking a package in active development.
  • Are there less than 40 dependencies? A lower reliance on external dependencies indicates there are less packages this particular package relies on, thus reducing overall complexity.
  • Is the ratio of issues closed/open and PRs opened/merged less than 2? This is a basic ratio to determine if issues are being opened/closed and Pull Requests opened/merged at a ratio that suggests responsiveness by maintainers. For example, if, in the past month, 5 issues are opened and 4 are closed, there is a strong indication of responsiveness and active development.
  • Is the size of the package within our performance budget? Overall package size is important, particularly in the JavaScript ecosystem where bundle size is growing steadily. We offer a direct link to BundlePhobia, an excellent resource for understanding the cost of adding a specific package to your project.

This criteria is the baseline we use at Differential β€” and the one we built into Should I Use? β€” but it's just that: a baseline. Are you okay with using pre-v1 packages? Go for it! Use your discretion when evaluating packages. There are no hard-and-fast rules, but it’s important to work from a baseline to help in the evaluation process.

While the primary goal of Should I Use? is to help developers and product owners evaluate JavaScript packages, we hope to draw attention to open-source packages in need of contributions. Is the package pre-v1 and in need of some support? Are there only a few contributors with several open issues? Maybe you're a developer who can help out! Open-source software is only as strong as the community behind it.

We hope this tool helps the ever-expanding JavaScript ecosystem to continue growing, improving, and leveraging open-source solutions to real-world problems. Let us know what you think! You can contact us at hello@differential.com.