Marc Aube has shared some thoughts about picking your project's dependencies and considerations to think about when building your applications.

If you work on any non-trivial project, chances are you'll install one or many external dependencies at some point. [...] However, you shouldn't bring any library in your codebase. While Packagist has, at the time of writing, around 60000 packages you could use in your project, most of them are not production quality. Here's a list of things to look for when choosing a generic library for a mission-critical project, in no particular order.

Among the things he suggests, there's tips like:

• Ensure it has a stable version
• That it's extensible
• It's active and maintained
• The license permits the intended use
• It has quality documentation

For each he offers a brief paragraph or two explaining the point and examples where appropriate of projects matching the topic.