No Longer Maintained #632
Comments
|
Also happy to help with updating if the path forward is to carry on maintaining this project |
ghost
mentioned this issue
|
These are understandable concerns; right now our primary constraint is engineer bandwidth. We are discussing next quarter what our long term strategy is with respect to maintenance or archival. |
|
Hi @rhdesmond, Did you have any updates regarding the future of this project? My concern is that it appears to still be the main tool recommended by Google for creating vulnerability-based attestations: https://cloud.google.com/binary-authorization/docs/creating-attestations-kritis, but that does not feel right given it no longer appears active. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Situation
It looks like this Repository is no longer maintained and should be archived. While I fully understand how much work and effort goes into being an Open Source Maintainer, there are a lot of users that will not check if this tool is updated and secure and as this seems to be a security focused tool, lack of support and active maintainers means that users of this repository might become vulnerable when depending on this repository.
Proposed Fix
Mark this Repository as deprecated/archived with a note in the Readme
OR
Update the various libraries that Kritis depends on
The text was updated successfully, but these errors were encountered: