Click here to Skip to main content
15,867,308 members

Survey Results

When you use code from a library such as NuGet, PIP, npm etc, what due dilligence do you do?

Survey period: 30 May 2022 to 6 Jun 2022

Let's assume you've checked that it actually works on your platform and in your language of choice.
OptionVotes% 
I check online reviews, download counts, comments.25840.76
I check the code repository (if there is one). Is it being maintained? How often are updates?25840.76
I'll review the code itself and ensure it smells OK9515.01
I check, and if necessary, review the licence19831.28
I'll review the dependencies: anything in there that looks odd?14823.38
I'll check licences of dependencies7812.32
I'll check for vulnerabilities, either through published audits or using audit tools and services467.27
I'll check out the author(s). What else do they write? Do they seem reliable?12319.43
I just use the code. If it does the job, it's in.14022.12
I don't use open source libraries10817.06
Respondents were allowed to choose more than one answer; totals may not add up to 100%



 
GeneralParanoid Pin
Eddy Vluggen4-Jun-22 7:50
professionalEddy Vluggen4-Jun-22 7:50 
GeneralState must be frozen and repeatable Pin
den2k881-Jun-22 2:08
professionalden2k881-Jun-22 2:08 
GeneralRe: State must be frozen and repeatable Pin
Nelek4-Jun-22 6:56
protectorNelek4-Jun-22 6:56 
GeneralWasn't sure how to answer Pin
Greg Utas31-May-22 12:31
professionalGreg Utas31-May-22 12:31 
GeneralAnother option needed Pin
MarkTJohnson31-May-22 10:30
professionalMarkTJohnson31-May-22 10:30 
GeneralDepends on download count Pin
#realJSOP31-May-22 6:02
mve#realJSOP31-May-22 6:02 
GeneralRe: Depends on download count Pin
0x01AA31-May-22 6:59
mve0x01AA31-May-22 6:59 
GeneralDownload count Pin
maze330-May-22 22:30
professionalmaze330-May-22 22:30 
GeneralRe: Download count Pin
Nelek4-Jun-22 6:54
protectorNelek4-Jun-22 6:54 
GeneralChecking the licenses is a minimum requirement for commercial code PinPopular
Daniel Pfeffer30-May-22 22:10
professionalDaniel Pfeffer30-May-22 22:10 
GeneralRe: Checking the licenses is a minimum requirement for commercial code Pin
Eddy Vluggen4-Jun-22 7:54
professionalEddy Vluggen4-Jun-22 7:54 
GeneralGet real low, possibly lay on my side, and avert my eyeballs upward and Pin
RedDk30-May-22 9:09
RedDk30-May-22 9:09 
GeneralRe: Get real low, possibly lay on my side, and avert my eyeballs upward and Pin
Chris Maunder30-May-22 10:12
cofounderChris Maunder30-May-22 10:12 
GeneralRe: Get real low, possibly lay on my side, and avert my eyeballs upward and Pin
RedDk30-May-22 10:41
RedDk30-May-22 10:41 
Yes, without any reason, my body revolves and sometimes, I think my left arm at the shoulder is degloving ...
GeneralRe: Get real low, possibly lay on my side, and avert my eyeballs upward and Pin
Desiree bryant21-Jul-22 15:00
Desiree bryant21-Jul-22 15:00 
GeneralRe: Get real low, possibly lay on my side, and avert my eyeballs upward and Pin
Daniel Pfeffer30-May-22 22:11
professionalDaniel Pfeffer30-May-22 22:11 
GeneralWhitesource... Pin
Andreas Mertens30-May-22 3:42
professionalAndreas Mertens30-May-22 3:42 
GeneralOWASP Dependency-Check Pin
RickZeeland30-May-22 1:59
mveRickZeeland30-May-22 1:59 
GeneralRe: OWASP Dependency-Check Pin
Chris Maunder30-May-22 2:41
cofounderChris Maunder30-May-22 2:41 
GeneralRe: OWASP Dependency-Check Pin
dan!sh 30-May-22 3:06
professional dan!sh 30-May-22 3:06 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.