Allow the community to "self-monitor" the maintenance status

[CommanderStorm]

Hi,
I wanted to ask if something as discussed in rust-secure-code/wg#44 might be possibe or entirely out of scope:

Some sort of automation for determining the health of particular crates might be helpful in terms of determining what crates to mark as unmaintained, particularly one that emphasizes crates with large numbers of downloads or downstream dependencies. In general it'd be nice to have some sort of platform for doing analysis of the entire crates.io ecosystem.

Reason why this might be in scope:

• it would be really helpfull to be able to focus effort where it is needed most "where people are drowning/burning out"

Reason why this might be out of scope:

• The "maintenance status" might not be resolvable from just the crates info

[szabgab]

If I understand it correctly then it is definitely in scope for the Rust Digger. We are collecting information both from Crates.io and from the repositories of the projects.

So we could have some combination of
"importance":

• number of downloads
• number of direct dependencies
• number of total dependencies.
• etc..

and "activity":

• number of open issues
• number of PRs
• most recent commit
• number of committers
• "bus factor"
• etc.