-
Notifications
You must be signed in to change notification settings - Fork 2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
is this project dead? #7269
Comments
@creative-ae Thanks for posting! We'll take a look as soon as possible. In the mean time, there are a few ways you can help speed things along:
Please remember: never post in a public forum if you believe you've found a genuine security vulnerability. Instead, disclose it responsibly. For help with questions about Sails, click here. |
Hi @creative-ae, You can read @mikermcneil's statement on the current state of Sails here: https://gist.github.com/mikermcneil/4e03180398298bd3bf22394a7b72d012 We also recommend checking out @mikermcneil's Sailsconf 2021 talk here: https://youtu.be/_T-UR9mU4-o |
I've reported two vulnerabilities which really only require an update to the package.json to patch and never received a response after many months (and it's still not patched). Also there are multiple serious vulnerabilities with the client-side lodash library which can be viewed on Pagespeed, this has also not been patched. Most of the updates that are done are fixes to typos in the docs. Most of the updates to Waterline were done 3-5 years ago. And Sails.js core has 489 issues and in 2022 received about 19 updates (guess how many of them are updates to the docs) I would say the project has been mostly abandoned. The Sails.js team seems to be working on FleetDM now. |
Hi folks! Thanks for your contributions. Sails.js is alive
Confirmed, at least for some of us. @eashaw and I are definitely working on Fleet. We also maintain Sails.js. Aside, shout-out: @DominusKelvin is also doing some great work in the community to make Sails.js easier to learn at https://sailscasts.com.
Thanks for sharing your perspective. I would disagree and say the project is mostly stable. For example, we use Sails.js at Fleet, in production. Sails.js is also in use at Postman, Stripe, Amazon, and many others in production. Sails Flagship has current customers as well. My Sailsconf talks in 2020 and 2021 have more info, and I'll be doing another talk at Sailsconf 2022. Hope that helps! Why I'm locking this issueI've been doing this open source thing for long enough now that I know how easy it can be for "foo is dead" issues to cause confusion and further questions, which can be a merry-go-round of misunderstandings and time investment for everyone involved, so I'm going to go ahead and close and lock this issue. (Please feel free to link to this reply for similar issues that open in the future!) If anything changes, I will let the community know. But to be clear, Eric and I are committed as ever to making sure critical bugs and vulnerabilities are addressed quickly, and we have a strong incentive to do so. Sails continues to be the best way I know how to build scalable, maintainable apps quickly. Re: issue #7228 specifically
Hi @sudo-apt-get-updates, Eric and I took a look at your issue months ago. Unfortunately, we missed the step of following through on the response we planned to share with you in your issue. Sorry about that! Fortunately, we did prioritize and then take action in relation to your issue at that time. We decided not to patch, and instead to update the docs. Since Sails.js applications are not typically deployed in the web root of Java applications, and since the best practice for Sails apps is to use S3 or another more scalable solution for file uploads (rather than uploading to disk, which only works easily for single-instance deployments) This response closes #7228. |
i was considering to start a new project using sails, however, seeing that the last update was in 2020, prevents me from using this project.
so the question is : is this project dead ?
The text was updated successfully, but these errors were encountered: