Unfortunately it’s an inexplicable acquired talent. I start with Search, but must work hard there because the search string there might be found in as many as hundreds of non-sorted packages as sub-strings, but more often only because the actual URLs desired are hiding within the ymp glop that as often as not causes unwanted and damaging TW repos to be added to Leap installations when the sole and obvious way to proceed, “Direct Install” aka YaST 1-Click, is selected.
The XFCE repository is listed on this page as a “semi-official repository” and I added it but I still can’t find the xfce-desktop package with zypper?
This I find to be probably the biggest weakness of openSUSE, locating, by URL, what repo, if any exists at all, contains desired software that is not in standard repos. This is largely offset by the vast assortment of software that is in the repos that zypper and yast can find, or already installed (by default).
If enough is known in advance about what is wanted, the desired end can often, if not fairly routinely, be found perusing http://download.opensuse.org/repositories/ in a web browser. So what I usually do is see what I can find via software search above, then take that finding to /repositories.
Is there some page with something like the repository tree with advices on which ones are guaranteed safe?
I’m pretty sure there is at least one, which will list only four: OSS, Non-OSS, Update and Update-NonOSS, plus their source and debug relatives. It comes down to how to interpret “safe”. It’s these four that are subject to the full openSUSE QA process required to proffer a “guarantee”.