search

kevva / bin-wrapper

Binary wrapper that makes your programs seamlessly available as local dependencies
MIT License
152 stars 65 forks source link

This package needs a new maintainer - or an archive-flag #79

Open infabo opened 3 years ago

infabo commented 3 years ago

This project is stale. No PRs merged since 2018, no commits since 2018. No communication on any issues by the repository-owner. I guess this project should be handed over to a new maintainer or at least should be marked "archived".

rogeriorc commented 2 years ago

@kevva ?

XhmikosR commented 2 years ago

@sindresorhus @1000ch: is there any chance we could update this package?

Most imagemin bin packages are using it and there are plenty of improvements we could make. I can make a few PRs later to help out.

1000ch commented 2 years ago

I would like to take over the maintainer of this package if I have a chance/permission.

XhmikosR commented 2 years ago

I made https://github.com/kevva/bin-wrapper/compare/master...XhmikosR:dev and seems to work good. I could use more eyes, but happy to open a PR.

XhmikosR commented 2 years ago

@1000ch I think the only solution would be if someone forked and published new scoped packages. I don't have the time to maintain these packages, but I've made PRs updating a lot of things:

Feel free to cherry pick the patches and publish new packages if you are up to it :)

Just drop a message here and the other repos so that people see it and switch.

kingthorin commented 2 years ago

@kevva can we get some of this moved along somehow? These pending updates are keeping downstream packages vulnerable which is quite disappointing.

genediazjr commented 2 years ago

How do we move forward from this in case @kevva is no longer available? Hi @sindresorhus, any chance we can have this updated to the latest dependencies? Thank you!

apepper commented 1 year ago

There is the fork https://www.npmjs.com/package/@mole-inc/bin-wrapper , but I don't know how well it is maintained.

brodo commented 1 year ago

Same here. This fork seems to be actively maintained.

kingthorin commented 1 year ago

The problem is dependency chains and getting other package maintainers to adapt.

XhmikosR commented 1 year ago

I just published @xhmikosr/bin-wrapper.

It doesn't help with other packages using the package out there, but at least if everything works well, the security vulnerabilities should be gone.

Note that I don't have the bandwidth to make any improvements, but if someone spots any new bugs in my packages, feel free to make a PR.