Closed aaronbates closed 2 weeks ago
Hi @aaronbates, I have just merged a PR, and created a release that fixes the vulnerabilities. Since I don't use the import-map-deployer myself, community contributions are very appreciated.
We are actively using the import-map-deployer
and I will also come back here to give feedback.
Thanks to @lhtdesignde 's work upgrading to node 20, we're seeing the outstanding vulnerabilities resolved without any impact to functionality. I can't speak for the maintainers, but the deployer appears in good shape for now.
I plan to maintain this project passively as long as people are using it
Hi @joeldenning — first of all, a big thank you for all the amazing work you have done in bringing single-spa to the community. It's a great framework and has really helped microfrontend adoption at scale in production for companies like ours (DataCamp). Second, a thank you to all the other contributors to the project over the years for the same reasons.
Something we wanted to find out was how you saw the future of import-map-deployer in the context of the wider future of single-spa (Following notes at https://single-spa.js.org/blog/) and if it was something you envisaged would continue to receive active development?
Functionality wise, it does everything we need currently, but the context here is our need to run services on more recent versions of Node.js for security and stability reasons. Another issue referenced this last year https://github.com/single-spa/import-map-deployer/issues/157.
If you did see a future of continued development for import-map-deployer: we wanted to see if we could support that through contributions and/or sponsorship for single-spa? Please feel free to reach out to me directly if that could be helpful (you may still have my email address from the last time we spoke in 2021, if not I can email you) — thanks!