When I install some Linux app from, let’s say GitHub, I can feel how long without updates means the project is not maintained.
For example last commit being 5 years ago for GTK app is a long time and this is considered an abandoned repo. For super simple things like cowsay it’s not that simple but still I can feel it.
How is that with crates with Rust? I see a lot of parsers or web libraries that are not updated for a year, two years, three years… How old is too old?
Also, many of them have a version 0.x.x, so can I even consider them stable?
This hits the nail on the head.
Some crates, especially things like data structures, are just “finished” at some point.
Then again, if those kinds of crates have deps, the deps should be updated semi regularly.
Its good to use cargo-audit to find indirect security/safety issues.