Closed wgfm closed 1 year ago
Are we able to merge this? I am being affected by CVE-2020-14040.
It doesn't look like Scuttle is actively maintained at the moment. I don't have write permissions to this repository, so unfortunately I can't merge.
Hey all, I'm not with Redbox anymore and I don't have access to help you out here. I don't think this is being maintained by anyone.
I am working on a replacement to Scuttle, same idea just a better way to handle configuration/extendability. I think it should be open sourced this week or next, I can post it here if you guys are interested. Unfortunately I think the only other option is to fork this. @wgfm @dosullivan557
Hey @linjmeyer - that sounds great - if you could share once ready, that would be great!
@linjmeyer any update on the new version?
I'm maintaining a fork that has everything updated: https://github.com/kvij/scuttle @linjmeyer let me know if you are looking for someone to collaborate on your new project or would like to help maintain my fork in the mean time.
I don't have any updates sadly, we have a new tool internally where I work currently but open sourcing it seems unlikely at this point. I think using a maintained fork is your best bet. Thanks @kvij for forking it and updating!
I'm going to close this PR, as it is never going be merged. Also, I have moved companies and I have no stake in this anymore.
Sorry all this took so long, but we have opened sourced an alternative to scuttle here at The Aspen Group: https://github.com/tag-oss/rescuttle
Same idea, but it is a bit more flexible and easier to configure. Feel free to check it out!
The old version, 0.3.0, is vulnerable to CVE-2020-14040: https://nvd.nist.gov/vuln/detail/CVE-2020-14040
Resolves #51