-
Notifications
You must be signed in to change notification settings - Fork 12
Submission Guidelines
We truly appreciate every submission. It is exciting to see our standards’ adoption and growth.
Above all else, we are aware of the time and effort that goes into developing software.
However, given the proliferation of supply-side attacks and the ease at which software can now be created, we need to set a baseline of real world usage became necessary moving forward.
The simple fact of the matter is that listing a project serves as a vouch, even if unintentionally. We simply cannot manually vet every release of every project we list to be safe. Even if we vet every line of code in the current release, nothing prevents a bad actor from pushing a new release packed with malware.
A baseline of real-world users, however, helps mitigate this. It is not a perfect solution, but it helps.
To put it frankly, a package to be listed needs real world users and more importantly, real notability.
Bluntly, indicators of real-world usage, including but not limited to:
- Adoption in real-world projects
- Evidence of production use
- Integration across multiple independent codebases
- Signs of use beyond passive interest
Put plainly, notability is what matters.
GitHub stars do not. Stars are easily gamed. They are not a reliable signal.
We have been asked many times to define a numerical threshold for notability. This will not be defined.
A fixed metric becomes a target, a target invites manipulation.
Judgment remains qualitative.
Please keep in mind we are under no obligation to list your package.
Our intention is not to exist as advertising or SEO farming.
Please be kind.