Criteria list to import an open source Module

I have been working on projects in golang and importing open source go modules from github like places have been a usual phenomena of day today life for a golang developer. I think that there should be a list of criteria to be considered before importing such module into a project.
any such a list maybe helpful for any golang developer, while evaluating multiple open source modules.
could someone point me to any such list if exists or lets add to the following:

  1. existing security issues( declared or scanning result)
  2. age of last development activities
  3. Rating( not sure about it)
  4. how latest golang version is supported
  5. no hard coded golang version dependancies

Please add the criteria in the list

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.