Merge pull request #31035 from Expensify/tgolen-library-review-template

Add a new template for requesting a library to be added in package.json
Expensify · Nov 9, 2023 · c3692a7 · c3692a7
2 parents 0df7409 + 6c12150
commit c3692a7
Showing 1 changed file with 22 additions and 0 deletions.
diff --git a/.github/ISSUE_TEMPLATE/NewLibraryRequest.md b/.github/ISSUE_TEMPLATE/NewLibraryRequest.md
@@ -0,0 +1,22 @@
+---
+name: New Library Request
+about: Use this when you want to propose adding a new library to package.json (dev-dependencies excluded)
+labels: Weekly, AutoAssignerAppLibraryReview
+---
+In order to properly evaluate if a new library can be added to `package.json`, please fill out this request form. It will be automatically assigned someone from our review team that will go through and vet the library.
+
+Note: This is only for production dependencies. While we don't want people to add packages to dev-dependencies willy-nilly, we recognize that there isn't as great of a need there to secure them.
+
+# Name of library:
+
+## Details
+- Link to package:
+- Problem solved by using this package:
+- Number of stars in GH:
+- Number of monthly downloads:
+- Number of releases in the last year:
+- Level of activity in the repo:
+- Alternatives:
+- Are security concerns brought up and addressed in the library's repo?
+- How many dependencies does this lib use that will be brought into our code?
+- What will the effect be on the bundle size of our code?