this post was submitted on 18 Jul 2023
5 points (100.0% liked)
C Sharp
1526 readers
1 users here now
A community about the C# programming language
Getting started
Useful resources
- C# documentation
- C# Language Reference
- C# Programming Guide
- C# Coding Conventions
- .NET Framework Reference Source Code
IDEs and code editors
- Visual Studio (Windows/Mac)
- Rider (Windows/Mac/Linux)
- Visual Studio Code (Windows/Mac/Linux)
Tools
Rules
- Rule 1: Follow Lemmy rules
- Rule 2: Be excellent to each other, no hostility towards users for any reason
- Rule 3: No spam of tools/companies/advertisements
Related communities
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I only use packages that are from a reputable source and/or have a huge amount of downloads. It’s not a perfect system, but I’ve never had a problem so far.
If the downloads are low and I’ve never heard of the author, either a) I don’t need it and can build a solution myself or b) it’s a niche package that’s small enough that I can audit it by skimming the GitHub repo.
The normal common sense rules still apply - check for typos and any attempts to look like they’re a package or author that they’re not
Absolutely the same for me.
I have never, to my recollection, needed a large but niche packet that isn't either clearly reputable (wisdom of the masses) or verified by someone who's reputation is crucial (e.g. Microsoft).
I have on on many occasions used a small niche package though that was just a time saver. Something where I could either invest significant time in rolling my own solution out, or spend considerably less time checking out a small repo.