`rust-bus` crates are possibly unmaintained

[simonsan]

I just discovered https://github.com/rust-bus to be unmaintained and archived. They have a lot (possibly 118) of (now unmaintained?) crates on crates.io: https://crates.io/teams/github:rust-bus:maintainers

54 crates they maintained on crates.io are updated within the last year.
The other 64 crates have been updated the last time over more than a year ago. Which makes me think, that rust-bus maintainers could be one of the main maintainers of these crates, and it might be warranted to assume they are now unmaintained?

I see no policy in removing maintainers from a crate on crates.io.

In general, these policies are guidelines. Problems are often contextual, and exceptional circumstances sometimes require exceptional measures.

Does this problem warrant exceptional measures, as the impact on the ecosystem might be a bit more widespread?

The Github org seems to be not available anymore, but what happens, if the org gets deleted and some other people claim that name?

Related: #6949
CC rustsec/advisory-db#1756

[djc]

FWIW, the original maintainer who closed down the rust-bus org has allowed crates that they were maintainers to new maintainers, so maybe they'd be open to new maintainers taking over rust-bus, as well?

[Turbo87]

before we opened rust-lang/rfcs#3463, we discussed to also include the "Abandoned projects" concept from https://peps.python.org/pep-0541/, which would solve some parts of this problem. due to the pushback we already got on the RFC it seems unlikely for this to be implemented in the Rust ecosystem in the near future though.

Does this problem warrant exceptional measures, as the impact on the ecosystem might be a bit more widespread?

we discussed this in the crates.io team meeting last week, but we do not see any necessity for immediate action from our side. as far as we can tell all of the crates should still have a regular (non-team/org) owner that can transfer permissions, if needed.

[simonsan]

Thank you for taking the time to discuss it! 👍🏽

[kornelski]

Rust-bus was used a backup. The org didn't actively intervene, so the de-facto maintenance status of these crates hasn't changed.

[teor2345]

The Github org seems to be not available anymore, but what happens, if the org gets deleted and some other people claim that name?

Just for the record, the rust-bus organisation is currently archived, not deleted. So a new org with that name can't be created (at least for now).

https://github.com/rust-bus

[carols10cents]

The Github org seems to be not available anymore, but what happens, if the org gets deleted and some other people claim that name?

Recreated orgs get a new GitHub ID, which makes it appear as an entirely different org in crates.io.