rust-bus crates are possibly unmaintained
#7013
Comments
|
FWIW, the original maintainer who closed down the rust-bus org has allowed crates that they were maintainers to new maintainers, so maybe they'd be open to new maintainers taking over rust-bus, as well? |
|
before we opened rust-lang/rfcs#3463, we discussed to also include the "Abandoned projects" concept from https://peps.python.org/pep-0541/, which would solve some parts of this problem. due to the pushback we already got on the RFC it seems unlikely for this to be implemented in the Rust ecosystem in the near future though.
we discussed this in the crates.io team meeting last week, but we do not see any necessity for immediate action from our side. as far as we can tell all of the crates should still have a regular (non-team/org) owner that can transfer permissions, if needed. |
|
Thank you for taking the time to discuss it! 👍🏽 |
|
Rust-bus was used a backup. The org didn't actively intervene, so the de-facto maintenance status of these crates hasn't changed. |
Just for the record, the 
|
Recreated orgs get a new GitHub ID, which makes it appear as an entirely different org in crates.io. |
54crates they maintained on crates.io are updated within the last year.The other
64crates have been updated the last time over more than a year ago. Which makes me think, that rust-bus maintainers could be one of the main maintainers of these crates, and it might be warranted to assume they are now unmaintained?I see no policy in removing maintainers from a crate on crates.io.
Does this problem warrant exceptional measures, as the impact on the ecosystem might be a bit more widespread?
The Github org seems to be not available anymore, but what happens, if the org gets deleted and some other people claim that name?
Related: #6949
CC rustsec/advisory-db#1756
The text was updated successfully, but these errors were encountered: