2 Comments
User's avatar
alok's avatar

The lone person in Nebraska is an unacceptable key person risk. I think a potential non-profit business model would be to identify widely used packages that have very few maintainers and staff them up. You could have targeted solicitations to companies based upon which packages they are likely to be using.

Expand full comment
sascha fedorenko's avatar

Imagine somebody bribing a developer of a popular package so that they add theirs as a dependency :) but looking at https://libraries.io/search?order=desc&platforms=npm&sort=dependents_count seems like we have some reasonable stats

Expand full comment