It used to be a heuristic VCs would use to gauge popularity. You know how it is: if you have the revenue, talk about the revenue; if you only have the users, talk about the users; if you only have the stars, talk about the stars hehe

I agree, I am also interested in : date of most recent substantive commit; date of first commit; number of contributors.

I don't have hard and fast rules for how I interpret those values, it depends on my intentions but I find them useful things to consider.

Going back to the readme, nothing turns me off faster than a skeletal readme, it doesn't have to be "War and Peace" but it needs to be more than just how to install it.

But first and foremost you must find the interesting repositories. I frequently use the search where i filter by stars, last push and language.

A star is just a bookmark for me. It says nothing beyond "I may want to look at this again". When comparing two similar projects, I may look at the star counts to see which one is more popular but it's probably the last metric I'd consider.

Exactly. I stopped starring repos a long time ago and now just bookmark them instead.

I like to look at open PRs as well as closed issues. Sometimes closed issues reveal a lot about the attitude and expertise of the maintainers.

Sometimes, they are surreal stars for surrealist languages that zero people actually use:

https://github.com/TodePond/DreamBerd - 11.7k stars

rude. i use dreamberd

I didn’t mean to be, I genuinely didn’t know that people did that.

May I ask how/in what in context?

That doesn't mean that the stars are just because people like the company. People may find the technology interesting even if they have no intent of using it.

recent commits and community engagement are better indicators

I’d generally rather use a library that hasn’t needed to update in 5 years than something in active development.

Can you give me some examples? Because in my experience even very stable, very "foundational" libs and frameworks that I know about and use almost never go 5 years without any commit/change. There's always either a small bug fix, or some update to a build script, updated documentation, or something.

The only repos where that's not the case are usually very niche, and in that case it becomes very hard to judge if the library is just very stable or a minefield of bugs and undesired behavior that no one else reported because no one else is using it.

Being able to tell if something doesn’t need to be updated is a separate question. There’s many signs such as lacking external dependencies, but the point is such software exists not that there is an easy heuristic for finding it.

I think the best examples are the reference implementation of some algorithm. There’s generally room for improvement, but keeping it simple is the point.

Sounds good in theory. But almost every time I use one of these projects, it's in "abandoned" status and definitely needs attention. There is 1 project I can point to that I use that does not actually need any maintenance and another that honestly makes me _extremely_ nervous to use because of lack of maintenance.

the challenge is differentiating between "haven't need to update it in 5 years because it still solid and compatible with its ecosystem" vs "haven't updated it in 5 years because of any other reason"

openssl?