PageRank is widely used in academic research to measure package importance in dependency graphs, but its core assumptions don't translate well to this domain. Unlike web links, dependency edges don't represent endorsements, resolution is constraint-solving not random walks, and the damping factor has no equivalent in package managers. The metric captures graph position, not package vitality — dead packages with stable inlinks score just as high as healthy ones. About 12% of the most-depended-on packages across 16 ecosystems are confirmed abandoned, yet remain highly ranked. Four distinct questions (criticality, exposure, vitality, substitutability) get collapsed into one scalar that only partially answers the first. A worked example shows how a package recommender built on PageRank trends can route projects from dead packages to other dead packages without detecting the problem. Better signals exist — like direct dependent counts — that convey the same information without the eigenvector computation.
Table of contents
PageRank’s assumptions #What the number measures #Four questions, one scalar #A worked example #Sort: