Call for Maintainers #24

Closed
fgrehm opened this Issue May 11, 2015 · 2 comments

Comments

Projects
None yet
2 participants
@fgrehm
Owner

fgrehm commented May 11, 2015

Hey guys!

Life, as it tends to do, has progressed for me in such a way that I am no longer able to devote time to maintaining this plugin, especially as I no longer use it on a daily basis.

As such, this project has been neglected and I apologize for that. I am hoping there is someone who would be willing to step up and take over maintaining this project so it gets the attention it deserves. If you would like to do so, please respond with a comment explaining a bit about what you would like to do as a maintainer of this project. I'll then add one or more of those users as collaborators.

Cheers!

@alpha01

This comment has been minimized.

Show comment
Hide comment
@alpha01

alpha01 Apr 27, 2016

Collaborator

Hello @fgrehm

It's been almost a year, and it looks like nobody has stepped up on helping this project. I'm interested on becoming this plugin's maintainer. I rely on the functionally this plugin provides for our internal development notifications. The following are the changes made to my forked vagrant-notify repo devel branch https://github.com/alpha01/vagrant-notify/tree/devel

Bug Fixes:

  • vagrant suspend stops notification server. #18
  • Plugin causes VM boot to fail. #22

New features:

  • Notification server runs as a daemon (fork() has been removed so it's compatible with Windows). #25 #5 #14
  • Notification server information is displayed each time vagrant is started and halted.
  • New plugin command. Ability to view notification status, start, and stop. CLI
  • New send-notify scripts based on host system (Linux, OS X, and Windows)
  • vagrant suspend/resume stops/starts notification server respectively.
  • Windows support (beta) #5

Enhanced security:

MAJOR SECURITY FIX: Notification server will now only listen on localhost (127.0.0.1), this restricts communication to only between the VM and host system. Since the notification server doesn't do proper shell character escaping and the server binds to all active IPs, anyone using vagrant-notify version 0.4.0 and below is vulnerable to remote command execution.

Known Issues:

  • Running vagrant destroy on an active guest fails stop the notification server.
  • On rare occasions the notification server may stop receiving notifications if the host is suspended/hibernates. The notification server may need to be manually restarted if that's the case. vagrant notify --restart

Things To Do:

  • Ensure plugin also works with FreeBSD and Solaris guest VMs.
  • Add VMWare provider support
  • Proper notify-send shell escaping.

I still need to write new/update rpecs unit tests related to these newly changes before submitting a pull request. Let me know what do you think.

-Tony

Collaborator

alpha01 commented Apr 27, 2016

Hello @fgrehm

It's been almost a year, and it looks like nobody has stepped up on helping this project. I'm interested on becoming this plugin's maintainer. I rely on the functionally this plugin provides for our internal development notifications. The following are the changes made to my forked vagrant-notify repo devel branch https://github.com/alpha01/vagrant-notify/tree/devel

Bug Fixes:

  • vagrant suspend stops notification server. #18
  • Plugin causes VM boot to fail. #22

New features:

  • Notification server runs as a daemon (fork() has been removed so it's compatible with Windows). #25 #5 #14
  • Notification server information is displayed each time vagrant is started and halted.
  • New plugin command. Ability to view notification status, start, and stop. CLI
  • New send-notify scripts based on host system (Linux, OS X, and Windows)
  • vagrant suspend/resume stops/starts notification server respectively.
  • Windows support (beta) #5

Enhanced security:

MAJOR SECURITY FIX: Notification server will now only listen on localhost (127.0.0.1), this restricts communication to only between the VM and host system. Since the notification server doesn't do proper shell character escaping and the server binds to all active IPs, anyone using vagrant-notify version 0.4.0 and below is vulnerable to remote command execution.

Known Issues:

  • Running vagrant destroy on an active guest fails stop the notification server.
  • On rare occasions the notification server may stop receiving notifications if the host is suspended/hibernates. The notification server may need to be manually restarted if that's the case. vagrant notify --restart

Things To Do:

  • Ensure plugin also works with FreeBSD and Solaris guest VMs.
  • Add VMWare provider support
  • Proper notify-send shell escaping.

I still need to write new/update rpecs unit tests related to these newly changes before submitting a pull request. Let me know what do you think.

-Tony

@fgrehm

This comment has been minimized.

Show comment
Hide comment
@fgrehm

fgrehm May 4, 2016

Owner

WOW! Thats a lot of great work! Thanks a lot for putting this together. Yeah, feel free to open a PR once you feel like it is ready and I'll give you the needed superpowers so you can keep the project going! 🤘 🍻

Owner

fgrehm commented May 4, 2016

WOW! Thats a lot of great work! Thanks a lot for putting this together. Yeah, feel free to open a PR once you feel like it is ready and I'll give you the needed superpowers so you can keep the project going! 🤘 🍻

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment