One thing that I usually check is if the npm package has more than 1 person with release rights. This implies that the trick factor isn’t gonna kill the project. It also implies that the maintainer has succeeded to build a trustable community around the package. I always check their github repo to see how many contributors it has and/or if there’s one boss developer who does the majority of the work. Number of open PRs and the feedback on PRs in general also tells about the attention the maintainer(s) give to the community. For me a bigger community equals to some sort of guarantee that it’ll not die soon and “given enough eyeballs all bugs are shallow”.



Sr. Staff Engineer, Knowledge Worker, MSc Systems Engineering, Tech Lead, Web Developer

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store