Closed rudyardrichter closed 1 year ago
bendrucker
commented
1 year ago Feel free to submit a PR if you're interested in contributing this. Otherwise, I don't think we need an open issue here, since "not maintained" is just a negative way to frame "done." If there are maintenance issues going unsolved that affect TFLint then it becomes an issue.
bendrucker
commented
1 year ago Not to say this might not change, but it'll likely be for user-facing motivations like subcommands versus an internal refactor because a module isn't getting any more updates.
rudyardrichter
commented
1 year ago Ok thank you! Just wanted to gauge if such a PR would be welcome.
"not maintained" is just a negative way to frame "done."
In this case, go-flags actually has open bugs and one issue to update a dependency past CVE-affected versions.
bendrucker
commented
1 year ago Fair enough, does the CVE apply to TFLint's usage? If so we should retitle this issue around that and fork/vendor/fix immediately, regardless of refactoring plans.
rudyardrichter
commented
1 year ago At a glance, I don't think it affects tflint; probably just a good idea to move away before other CLI-related work happens.
(This isn't really a feature proposal per se, apologies if this is the wrong format!)
Introduction
It appears that the go-flags project is no longer maintained. It would be nice to remove the dependency on go-flags.
Proposal
The current option parsing is probably simple enough to just use the standard library
flagpackage (though the parsing might look different with #1618).