Expensify · grgia · Nov 9, 2023 · Nov 7, 2023 · Nov 7, 2023 · Nov 7, 2023
@@ -0,0 +1,22 @@
+---
+name: New Library Request
+about: Use this when you want to propose adding a new library to package.json (dev-dependencies excluded)
+labels: Weekly, AutoAssignerAppLibraryReview
+---
+In order to properly evaluate if a new library can be added to `package.json`, please fill out this request form. It will be automatically assigned someone from our review team that will go through and vet the library.
+
+Note: This is only for production dependencies. While we don't want people to add packages to dev-dependencies willy-nilly, we recognize that there isn't as great of a need there to secure them.
+
+# Name of library:
+
+## Details
+- Link to package:
+- Problem solved by using this package:
+- Number of stars in GH:
+- Number of monthly downloads:
+- Number of releases in the last year:
+- Level of activity in the repo:
+- Alternatives:
+- Are security concerns brought up and addressed in the library's repo?
+- How many dependencies does this lib use that will be brought into our code?
+- What will the effect be on the bundle size of our code?