Define: Health&Risk/Healthy

srossross commented 3 months ago

The project has regular updates, a responsive community, low issue counts, and strong security practices. or maybe this is the default state unless an issue is found

Define what this means and where we are going to source the data for this

this should be defined like a simple if statement like if number_commits > 100 & project_age > 1year

karamba228 commented 3 months ago

if (bugtrack_url is not None and
        docs_url is not None and
        project_urls is not None and
        home_page is not None and
        maintainer is not None and
        maintainer_email is not None and
        releases_in_last_year > 3 and
        license is not None and
        (monthly_downloads_pypi > 1000 or monthly_downloads_conda > 1000) and
        github_stars > 100 and
        github_forks > 20):
        return True

siddheshghadi751 commented 3 months ago

For Health & Risk/Healthy : The package is stable and secure. It has good test coverage, no known vulnerabilities, and active issue resolution.

Edge Cases

Inactive but Stable Packages:- Some packages might be stable and not require frequent updates. These could be marked as "Legacy" but "Healthy" if they have no known issues and good test coverage.
Forked Packages:- Forked packages might inherit issues from the original repository. Consider evaluating both the fork and the original repository.

Parameters and Conditions for Health & Risk/Healthy

1. Security

Vulnerability Reports: No known vulnerabilities.
Security Updates: Regular security updates.

2. License

License Type: Open-source license (e.g., MIT, Apache 2.0).
License Compliance: No known license violations.

3. Community Activity

Issue Resolution Time: Issues are resolved quickly (e.g., within a week).
Pull Request Activity: Active pull request reviews and merges.

4. Maintenance

Maintainer Activity: Active maintainers.
Bus Factor: More than one active maintainer to reduce risk.

5. Popularity

Download Statistics: High and stable number of downloads.
Stars/Forks: High number of stars and forks on GitHub.

6. Documentation

Documentation Quality: Comprehensive and regularly updated.
API Documentation: Detailed API documentation available.

Explanation:

Security Condition: Checks if there are no known vulnerabilities and regular security updates.
License Condition: Checks if the license type is an open-source license.
Community Activity Condition: Checks if issues are resolved quickly and there is active pull request activity.
Maintenance Condition: Checks if there are active maintainers and a low bus factor.
Popularity Condition: Checks if the number of downloads is high and stable.
Stars/Forks Condition: Checks if the repository has a high number of stars and forks.
Documentation Condition: Checks if the documentation is comprehensive and there is detailed API documentation.

openteamsinc / Score