Join GitHub today
Deprecating the project #186
As everyone can see, this project is not updated for a long time.
Also OAuth best practices and extensions appear all the time, so this kind of library requires constant attention, which I cannot commit at this time.
So I am thinking of deprecating this project, mark it as readonly, and recommend other libraries on the README to warn people still coming here.
Looks like the better maintaned library is "ory/fosite", which as I remember started as a fork of OSIN (I think). Can someone recommend other libraries that I can link to?
@RangelReale here is my proposed plan, let me know if you agree (also what about RangelReale/osincli?):
The above should make it so that anyone using RangelReale/osin will not break, they will simply be frozen in time.
All issues and PRs will be left intact and will live at openshift/osin
Going forward, who do we tag to review issues and merge pull requests?
Because I'm about to use this package on a project, and I'll like to know who would be looking at stuff.
Also, is there any plans to review all the open pull requests and issues?
The relevant people already watch the repo.
Please don't. There are far better and more robust options out there such as ory/fosite, dex, etc.
That effort is better spent on a more active project.
Unless it is a security issue, I will likely close them.
As I noted above, we are not likely to implement any features. The repo is effectively in maintenance mode. The core of this repo is on the order of 650 LOC and likely does not suffice for most use cases. Also, please use OIDC as that adds a lot of the missing pieces to OAuth 2. I cannot think of any good reason for someone starting a new project to use this repo.