Evaluating npm Packages
Before adding a dependency, invest a few minutes evaluating it. Every package you adopt becomes a long-term commitment — it affects bundle size, maintenance burden, upgrade paths, and security surface. This page provides a structured evaluation workflow. For security-specific vetting (supply chain, typosquatting, install scripts), see the npm Security Checklist.