Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Long story super short:
We have an on-going internal discussion to get this resolved but this is the current state of affairs, nothing has really progressed since we (core maintainers) first raised the access issue internally in late September.
Key immediate issues:
Key long-term issues:
I reached out again to the founder in question yesterday (October 20th) to see if we can get any progress as we have both Microsoft (in #13500) and Greensock [GSAP] (in my Twitter DMs), who are both "big players", asking what's going on.
I actually got a response that they're going to sort something so that we (core maintainers) at least have access to merge PRs in this repo, nothing more though so far...
We (core maintainers) now (October 22nd) have access to merge PRs on cdnjs/cdnjs but the auto-update bot is still offline (as was originally described in this issue), so merging new and updated package.json PRs will achieve nothing as there is no bot to detect them and pull in new assets. We are still working internally to resolve this.
I followed up internally again on the 29th October regarding the two current key issues (auto-update & repo access). This issue has then made it to the front page of HackerNews (1st November) and still there has not been any progress internally, just radio silence. I'm really sorry we haven't got this sorted yet. :(
One of our founders has reappeared and granted Cloudflare full owner access to the cdnjs org to get things fixed. I believe that Cloudflare are going to have one of their engineers work to get things back up and running again. You can see the full comment from Zack below: #13524 (comment)
@jimaek with the little access & control that I have, I'm not sure that there is currently much we can do.
Though, if we ever do reach a point where we have the access needed, it may be an idea to consider simply creating a worker on cdnjs.cloudflare.com that maps traffic to jsDelivr, to put an end to this mess.
I'm not really sure how any of the internal infrastructure works, but has there been an attempt to contact Cloudflare? The assets are served from a Cloudflare domain, so they might be able to help out with creating a worker and remapping traffic to jsDelivr, without commit access to all the repos or the bot.
I work at Cloudflare on the team which supports CDNJS. To be very clear, any site using CDNJS will continue to get the files it relies on without interruption. We're committed to keeping CDNJS updated, performant, and reliable, for as long as the Internet chooses to use it.
We have engineers currently working with the CDNJS team to get the updating happening again. Once that is completed we can start thinking about the best long-term model to ensure projects stay updated without another incident like this. We deeply appreciate the patience and help from the CDNJS team, the users of CDNJS, and of course @MattIPv4, as this gets sorted.
Sorry for the inconvenience caused here, never mean to harm the project or Cloudflare.
It's really a ... hard decision to make to step down and take a rest, on a project I spent so much time and varies of resources on it, actually, I'm a little bit tired, too many things need to be done, resources are really limited, only few contributors get involved into it, instead, so many people take it as granted ...
Anyway, yes, we're working with Cloudflare right now to see how we can get it sorted, I hope it won't take too long.