问题
When we publish a package to npm, it will show us some data such as popularity, quality, and maintenance in the search page (The example image is blow). I just wonder how npm calculates the quality? Really appreciate if someone can give some clue.
You can see this if you look on the search page. See the right side of search page: npm search for "react"
回答1:
npm does show these graphs in search results, but they do not calculate these values themselves. If you look below the search results, you'll see "Powered by npms.io".
According to this service, they don't inspect the code, but use the following metrics to measure code quality:
- Has README? Has license? Has
.gitignoreand friends? - Is the version stable (
> 1.x.x)? Is it deprecated? - Has tests? What's their coverage %? Is the build passing?
- Has outdated dependencies? Do they have vulnerabilities?
- Has custom website? Has badges?
- Are there linters configured?
Source: https://npms.io/about
Edit, january 2020: NPM does not show "Powered by npms.io" anymore. I don't know if this is still accurate.
来源:https://stackoverflow.com/questions/49866588/how-npmjs-com-calculates-the-code-quality