search

gatsby-uc / gatsby-plugin-s3

Deploy your gatsby site to a S3 bucket.
https://gatsby-plugin-s3.jari.io/
MIT License
210 stars 110 forks source link

Unmaintained & unable to contribute #422

Open davidrhoderick opened 1 year ago

davidrhoderick commented 1 year ago

I'd like to be able to contribute to this project. We are using it for our production publication flow and it is referenced to from Gatsby's documentation. However, it seems to virtually unmaintained as can be proven by looking at my & others' previous issues.

I would like to be able to contribute but by following the contributing guidelines at the bottom, that is not possible:

  1. I needed to remove the prepare script from the gatsby-plugin-s3/package.json because I don't have Snyk credentials. So only those who have those credentials can run the npx lerna bootstrap command without that change. I don't think this should be the default behavior for an open source project...
  2. I get a whole slew of Typescript errors if I try to run npx lerna run build.
  3. Running npx lerna run test results in all tests failing.

On top of it all, running npx lerna bootstrap returns 100 vulnerabilities (2 low, 34 moderate, 53 high, 11 critical), plus I get a note about the AWS SDK needing to be updated to version 3 as version 2 will go into maintenance mode this year. This desperately needs updating.

I'd love to just update this package from where you all left off and leave it linked to from the Gatsby documentation. I'd just like it if it had been left in at least a maintainable state by those who created it. Otherwise, we'll just have to fork it and reverse engineer it so it can be properly maintained moving forward.

sanfoobar commented 1 year ago

@davidrhoderick I know it's a long shot, but any progress on this request?

YoshiWalsh commented 1 year ago
  1. This project works with the free tier of Snyk.
  2. I can't reproduce any TypeScript errors with npx lerna run build, it works for me. I'm using TypeScript v3.8.3 as specified in the package-lock.json file. I'm on Windows 10.
  3. Running the test suite does require some preparation beforehand, see here.

I believe that the project is in a maintainable state, certainly more maintainable than it has been in the past. Unfortunately it's currently not being maintained, largely due to a lack of time and motivation.

I've started a conversation internally about the future of this project. I'll update this thread when we have some kind of plan.

YoshiWalsh commented 1 year ago

I've spoken to jariz and I'll be taking over governance of the project. I don't expect to have to have a lot of time to work on improvements myself, but I'll at least be able to review PR's and publish new versions to NPM. Perhaps it might've been better to transfer this to someone with a more active interest in the project, but in the open source community we rely on trust quite heavily, so I hope you can understand this decision.

Feel free to @ tag me if you need anything. If you continue to have issues running npx lerna run build, please open an issue with the specifics.