-
Notifications
You must be signed in to change notification settings - Fork 236
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Project dead? #262
Comments
Kinda dead, i'm still using this a lot. for this PR #229 |
Probably best to fork and have it maintained elsewhere. What do you think @AshanFernando |
My company literally can't use this in its current state as it has dependencies with known critical vulnerabilities. Such a shame, because it's literally just a matter of merging some of the dependabot PRs. |
@estahn It seems, we need to reorganize and find a new set of maintainers. Please +1 for this thread if you would like to volunteer as a maintainer so that we can take the project forward. |
Probably the worst possible solution from a community perspective, but I ended up re-writing a lean version of this plugin in TS, implementing just the docker version of starting DynamoDB and the migrations mechanism, and put it in one of my company's private library monorepos. We're busy migrating away from Serverless, so I'm probably not well placed to act as maintainer, and my company is really weird about open-sourcing things. Given the 35k weekly downloads, there must be some folk out there who would be ideal maintainers. |
👍🏽 |
+1 |
We're in the same position. Also: +1 👍 |
@kalanchoej @OPthyago @yoelfme I've added you as maintainers. |
Great if the project has a new set of maintainers! Can we expect a new release soonish fixing the most obvious vulnerable dependencies? |
I'm talking with @AshanFernando about it @terozio. |
for people struggling with critical vulnerabilities: I'm forcing safe versions of problematic dependencies of
|
Any hope of progress here? |
For anyone struggling with this, I've gotten serverless offline + dynamodb local working with the following:
Relevant dependencies from my package.json:
Works totally fine now. @AshanFernando @OPthyago At a bare minimum could you update the dynamodb-localhost dependency here? |
Any maintained forks? |
It's a shame this thread didn't get the project back alive. There is a maintained fork that has committed to ongoing longer-term maintenace (Disclaimer: I am a contributor to this fork): Solution: You can use serverless-dynamodb, a maintained fork. It is a drop-in replacement for this package, and is updated to fix this bug. This is a drop-in replacement for
Of course, it's all still open-source and MIT licensed. Ownership of this new package sits with a registered charity, that is committed to maintaining the package into the future and is open to contributions from the community. In any case would be open to feedback on the fork - can drop create an issue in that repository or email me (address on profile). |
14 PRs, no real activity for ~1.5 years, is this project still alive? Need new contributors/maintainers?
If so, please let the community help! This project has 35,000 weekly downloads on NPM so I'm sure there'll be a lot of interest in keeping it alive.
The text was updated successfully, but these errors were encountered: