search

apple / swift-nio

Event-driven network application framework for high performance protocol servers & clients, non-blocking.
https://swiftpackageindex.com/apple/swift-nio/documentation
Apache License 2.0
7.98k stars 650 forks source link

announcement that NIO 1.x will not receive security updates anymore #2081

Open weissi opened 2 years ago

weissi commented 2 years ago

As of 1 May 2022, NIO 1.x will not receive security updates anymore should there be a vulnerability.

More than 3 years after its de-facto deprecation with the release of NIO 2.0.0 I think this is more than reasonable. This should however be communicated to the community, at the very least through the Swift Forums and probably via Twitter too.

Oh, and big NIO 1.x users like Vapor 3 (which uses NIO 1.x in Vapor's 3.x versions) should also be notified so they can notify their users.

weissi commented 2 years ago

CC @gwynne / @0xTim

Lukasa commented 2 years ago

This is a good idea.

0xTim commented 2 years ago

Vapor 3 has been EOL for a while now so this shouldn't be an issue. Would be good to add a post on the forums announcing the above though to make sure people are aware

weissi commented 1 year ago

@Lukasa / @glbrntt WDYT, I think we should pull the trigger on this.