Closed groenroos closed 2 years ago
soulteary
commented
2 years ago I agree with your views and opinions, because I also spent a long time sorting out and solving the problems in the old version of maildev.
But frankly speaking, there is no good choice at present, it is better to build the maildev v2.x version together.
btw: I came across this pr by searching, recently maildev updated a new version, I recommend you to use the new version @groenroos
groenroos
commented
2 years ago @soulteary Thanks for reaching out, and for resurrecting maildev, it's great to see! ⭐️
I'm keen on upgrading to 2.x to avoid finding and implementing an alternative; however, it doesn't seem to be available on npm yet. Do you have an idea of when it will be?
soulteary
commented
2 years ago Don't mention it. @groenroos
I will keep reminding the npm maintainers to update the project's packages as soon as possible, but we have time difference, so it may take a day or two...
groenroos
commented
2 years ago Alright - I (or at least Dependabot) will keep my eyes peeled! Thanks! 👍
soulteary
commented
2 years ago Hahaha I will sync your last situation
We use
maildevto test email capabilities in theNotificationslib.However, the
maildevpackage seems unmaintained, with multiple dependencies with security alerts, that have not been resolved or even acknowledged for over a year: maildev/maildev#352, maildev/maildev#356, maildev/maildev#359, maildev/maildev#362, maildev/maildev#374While I don't think these security alerts will compromise using Sapling (as
maildevis only a dev dependency for unit testing), I'm spending an outsize amount of time dealing with Dependabot security alerts and npm audits because of this.Identify a suitable alternative for
maildev, and refactor theNotificationstest suite to eliminate the dependency.