We often turn to open source or proprietary packages for adding functionality to our apps. Here are some key points and questions to ask when selecting your next dependency. This list can help compare multiple packages to determine which fits our needs better. The goal is to find well thought out packages because our apps depend on them.
Documentation is often the first place we look when there are questions. If the package is well documented then developing a solution will be easier.
- Does documentation exist?
- Is the documentation up-to-date?
An active community signals to us this package is adopted and being used by other people. Finding whether the community is active should be easy. My go to places are:
- Stackoverflow (Are people asking questions about this package? Are the questions answered?)
- GitHub (When was the last time the package was updated? How many issues exist? Do the maintainer(s) respond to issues? How many pull requests? Do the maintainer(s) respond to pull requests? Does the package follow semantic versioning? How many stars?)
- Package specific forum (Does it exist? Is the forum active?)
If the community is actively helping other people it’s a good sign. The chances of getting help with an active community are higher than if there was little to no community.
Often times the package won’t meet our requirements 100% so we must add additional functionality.
- How easy is it to build a module?
- Are there hooks or events to add additional functionality without modifying core code?
Well tested code can lead to less defects. Depending on a package that isn’t tested is risky.
- Does the code base have tests?
- How much of the code base is covered by the tests?
- Are the critical parts of the package tested?