Could we switch to xtaci/kcp-go and beego/beego?

fatedier / frp

A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.

Apache License 2.0

85.58k stars 13.26k forks source link

Could we switch to xtaci/kcp-go and beego/beego? #3907

Closed yuzibo closed 8 months ago

yuzibo commented 9 months ago

Describe the feature request

Hi, I am packaging the frp into Debian. But there are many packages which were not met. So may I ask here, could we try to switch fatedier/beego and fatedier/kcp-go to beego/beego&xtaci/kcp-go. Debian sponsor refers to package the origin upstream than the vendor package. But I am not sure this will reduce your maintainance burden also, like https://github.com/fatedier/beego/pull/1

Describe alternatives you've considered

No response

Affected area

[ ] Docs
[ ] Installation
[ ] Performance and Scalability
[ ] Security
[ ] User Experience
[ ] Test and Release
[ ] Developer Infrastructure
[ ] Client Plugin
[ ] Server Plugin
[ ] Extensions
[X] Others

fatedier commented 9 months ago

Currently, there is no way to directly switch to the original upstream version. The main reason for using the forked version is that the upstream version is not stable enough. There have been unexpected bugs caused by updates in the past. I do not want to invest too much effort in third-party libraries, especially when the current version already fully meets the requirements. Another reason is the need for certain functionalities that the original repository's author may not be willing to support.

https://github.com/fatedier/beego/pull/1 The CVE being fixed here is something we have never used before. We only use the logging library from it and will not make frequent changes due to other content.

Perhaps a better way in the future would be to look for alternative libraries or completely rewrite some of the content, but not now.

yuzibo commented 9 months ago

Thanks for clarifying. This is reason enough to convince them to use vendor libraries for the project. btw, please feel free to close the issue if this is not on your plan or to-do list.:)

github-actions[bot] commented 8 months ago

Issues go stale after 21d of inactivity. Stale issues rot after an additional 7d of inactivity and eventually close.

fatedier commented 8 months ago

https://github.com/fatedier/frp/pull/4009 The kcp-go package has been switched to the original upstream repository.

yuzibo commented 7 months ago

4009 The kcp-go package has been switched to the original upstream repository.

Oh, many thanks. This is really to reduce package work to Debian.