Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove rc dependency #164

Open
goatandsheep opened this issue Dec 15, 2021 · 2 comments
Open

Remove rc dependency #164

goatandsheep opened this issue Dec 15, 2021 · 2 comments
Labels
pull request welcome A pull request is welcome

Comments

@goatandsheep
Copy link

Would you want to want to switch to maintained forks like run-con?
@vweevers
Copy link
Member

Thanks for taking the initiative. Note that in the context of prebuild-install, the fork doesn't fix known bugs and rc has no open vulnerabilities. I'm aware though of GHSA-g2q5-5433-rhrf. I doubt that moving ownership from one person to another single person is the long-term solution to protect against supply chain attacks. Switching dependencies here could be good for the short term, were it not for the fact that rc is not essential here. If we're gonna spend any time on this (prebuild-install itself has a replacement) it should be to just remove rc.

@vweevers vweevers changed the title rc not being maintained Remove rc dependency Dec 16, 2021
@vweevers vweevers added the pull request welcome A pull request is welcome label Dec 16, 2021
@ralphtheninja
Copy link
Member

+1 for removing rc altogether

@jasonnutter jasonnutter mentioned this issue Mar 22, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
pull request welcome A pull request is welcome
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ralphtheninja @vweevers @goatandsheep