Why are Dependabot vulnerability fixes ignored?

omnidan / redux-undo

:recycle: higher order reducer to add undo/redo functionality to redux state containers

MIT License

2.91k stars 188 forks source link

Why are Dependabot vulnerability fixes ignored? #307

Closed dmathisen closed 1 year ago

dmathisen commented 1 year ago

I'm submitting a ...

[x] Bug report
[ ] Feature request
[ ] Docs update
[ ] Support request => Please do not submit support requests here, see note at the top of this template.

What is the current behavior/state of the project?

Is there a reason none of the Dependabot security vulnerabilities have been merged? Is this repo being maintained?

omnidan commented 1 year ago

hi @dmathisen - unfortunately, I am not using the project myself right now and currently do not have time to maintain it. Like mentioned in the README, I am always looking for maintainers willing to take over the project ☺️ If you are interested, please let me know.

dmathisen commented 1 year ago

@omnidan Thanks for the update. Sorry I missed that in the README. Understood. When I have time, I might try to dig in, update dependencies and fix my (and hopefully other) bugs. I'm glad to see that you're responsive (that's very reassuring), so I appreciate it. I hope to look into this a bit more next week and I'll be in touch. Thanks and talk soon.