56

When we publish a package to npm, it will show us some data such as popularity, quality, and maintenance in the search page (The example image is blow). I just wonder how npm calculates the quality? Really appreciate if someone can give some clue.

enter image description here

You can see this if you look on the search page. See the right side of search page: npm search for "react"

zero298
  • 25,467
  • 10
  • 75
  • 100
Kevin
  • 1,271
  • 9
  • 14
  • No, it does not show that. Are you looking at some package's Readme? – SLaks Apr 16 '18 at 21:36
  • If we search some packages, we will see those images in the search list. – Kevin Apr 16 '18 at 22:10
  • This is flat out, too broad. You are, in the broadest terms, asking us how to write software to calculate code metrics. That is, definitively, off-topic according to the reason: "Questions asking us to recommend or find a book, tool, software library, tutorial or other off-site resource are off-topic for Stack Overflow". – zero298 Apr 16 '18 at 22:23
  • 5
    Hi zero298, I am just asking what kind of criteria the npm is using to calculate the quality. – Kevin Apr 16 '18 at 22:29
  • 1
    I think you can read it from here https://www.npmjs.com/package/package-quality#measuring-quality – Mohhamad Hasham Apr 16 '18 at 21:50

2 Answers2

78

Edit, january 2020: NPM does not show "Powered by npms.io" anymore. I don't know if this is still accurate.

Original answer

npm shows these graphs in search results, but they do not calculate these values themselves. If you look below the search results, you'll see "Powered by npms.io".

According to this service, they don't inspect the code, but use the following metrics to measure code quality:

  • Has README? Has license? Has .gitignore and friends?
  • Is the version stable (> 1.x.x)? Is it deprecated?
  • Has tests? What's their coverage %? Is the build passing?
  • Has outdated dependencies? Do they have vulnerabilities?
  • Has custom website? Has badges?
  • Are there linters configured?

Source: https://npms.io/about

blex
  • 24,941
  • 5
  • 39
  • 72
  • 5
    Thank you. It is what I am looking for. I should look at that page more carefully. You have a nice day. – Kevin Apr 16 '18 at 22:31
  • When checking npm.io, this code might be of help to understand npm's package quality evaluation: https://github.com/npms-io/npms-analyzer/blob/master/lib/scoring/score.js – Benny Code Feb 11 '20 at 11:10
  • Currently, the numbers are different (which is a pity). My quality score of https://npms.io/search?q=%40mliebelt%2Fpgn-parser is 83 (quality) and 100 (maintenance), but on npm (https://www.npmjs.com/search?q=pgn-parser), the score is 53 and 33. I think the values are old, and not computed any more at all. – mliebelt Mar 12 '21 at 08:18
  • 5
    See the discussion here https://github.com/npm/feedback/discussions/66 to understand the current state. So npms.io is not used any more, and the metrics are not open / not clearly defined. – mliebelt Mar 12 '21 at 08:25
2

Quality includes considerations such as the presence of a README file, stability, tests, up-to-date dependencies, custom website, and code complexity.

https://docs.npmjs.com/searching-for-and-choosing-packages-to-download

everett1992
  • 2,351
  • 3
  • 27
  • 38