A scratchpad for a number of measures of software libraries focussing on areas that will guide users to make more informed decisions about whether to include a library within their own project.
See librariesio/libraries.io#1486 for more information and https://gist.github.com/BenJam/9e1d6276efabced6e3973137e6993b01 for a list of questions we are building these measures from. Measures here are in addition to those already gathered: https://docs.libraries.io/overview#sourcerank
- last release
- av. time between releases
- av. size of release: #commits/size of diff
- #commits since last release/diff size to last release
- #CVEs since last release (direct, dependency tree)
- #unpatched (checks for issues/commits tagged with CVE etc)
- scale: loc/#methods vs. #committers/contributors
- #dependencies (runtime/build)
- dependency complexity: loc/#methods in dependency tree
- dependency fluidity: %age pinned vs. open dependencies
- has a changelog
- changelog updated with each release
- test coverage %age and trend
- uses CI
- test pass/fail on current C
- #build errors reported
- #rate of build errors reported increase or decrease
- #warnings on CI
- documentation activity (#commits to codebase vs. #commits to documentation files)
- documentaiton coverage
- has a topic on StackExchange
- #questions on StackExchange
- av. time to answer a question on SE
- documentation location
- has a contributors file
- has a pr and issue template
- activity: rate of activity on project (against rate of ecosystem)
- activity distirbution (issues, labels, comments, prs, commits), since last release
- #publishers
- #committers
- distribution of commits (nth percentile by nth people)
- #contributors (inc. issues created, comments, prs, labels attached)
- distribution of contribution (nth percentile of all activity by nth people)
- rate of issue increase/decrease
- rate of pr increase/decrease
- #active branches vs. dead branches (>1 month without commits)
- av. time to comment on an issue
- av. time to close an issue
- av. time to close a pr
- av. time to fix a CVE
- av. time to roll updates to dependencies into master
- av. time to answer a SE question
- %tile of most dependend upon
- rate of dependency (versus rate of new projects added)
- #direct download count
- rate of download count (versus rate of new projects added)
notes: share of languages and change over time, licences included...