I treat picking uncommon OSS packages as adopting a bit of software. As I verify the tests look good, the build system, the api, the correctness, etc I also consider the code style and whether I (or my team) could maintain/patch it if needed. Adopting a bit of OSS is saving me some initial work, but doesnt absolve me of my responaibility to maintain it in the future. My business doesn't care whether the bug is one I wrote or one I greenlit externally, they just want the business app to work well.