Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Additional maintainers?.. #115

Closed
kibertoad opened this issue Sep 27, 2020 · 4 comments · Fixed by #118
Closed

Additional maintainers?.. #115

kibertoad opened this issue Sep 27, 2020 · 4 comments · Fixed by #118

Comments

@kibertoad
Copy link

Hi! I'm a maintainer of knex and we use your package. There were complaints of security vulnerabilities that transitively come from liftoff. Would you be open to accepting additional maintainers into your project in order to address the vulnerabilities?
@kibertoad
Copy link
Author

@phated

@phated
Copy link
Member

phated commented Sep 27, 2020

This project is going through a complete rewrite and then will be properly migrated to the @gulpjs organization.

@kibertoad
Copy link
Author

Thank you for the heads-up!

@kibertoad kibertoad mentioned this issue Sep 27, 2020
Closed
@kibertoad
Copy link
Author

@phated Would you be open to releasing a hotfix version if we provide a PR that would resolve current security warnings about liftoff? Our users keep complaining about security warnings they are getting, and we can't remove liftoff dependency without a semver major.

@kibertoad kibertoad mentioned this issue Nov 14, 2020
Closed
@phated phated mentioned this issue Oct 18, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

chore!: Normalize repository, dropping node <10.13 support gulpjs/liftoff
2 participants
@phated @kibertoad