bugtracker Drop JS dependencies on unmaintained KurentoForks

Kurento JavaScript code has several dependencies on custom forks that were originally stored on https://github.com/KurentoForks, but are now completely outdated, unmaintained, and are really not officially owned by the Kurento project itself. These repos were privately used by former contributors to do their work.

List of repos:

https://github.com/KurentoForks
https://github.com/KurentoReleases
https://github.com/KurentoLegacy

Of these, our current code only depends on the first one.

List of dependencies:

[ ] kurento-client-js/package.json:
"reconnect-ws": "KurentoForks/reconnect-ws#master"
[ ] kurento-client-js/package.json:
"qunit-cli": "KurentoForks/qunit-cli#0.2.1"
[ ] kurento-tutorial-node/kurento-module-tests-api/package.json:
"qunit-cli": "KurentoForks/qunit-cli#0.2.1"
[ ] kurento-tutorial-node/kurento-module-tests-api/package.json:
"qunit-reporter-junit": "KurentoForks/qunit-reporter-junit#1.0.3"
[ ] kurento-utils-js/package.json:
"qunit-reporter-junit": "KurentoForks/qunit-reporter-junit#1.0.3"

NOTE: This one can be skipped because kurento-utils-js is unmaintained and its usage is strongly discouraged anyway. Although if the usage from kurento-tutorial-node is resolved, maybe the same solution can be applied here.

Work tasks are:

Identify what are the custom changes done on each library with respect to the original upstream code.
See if the custom changes have been already implemented in upstream projects over time.
Decide if we can drop the custom changes, or create Pull Requests on upstream projects to conserve our changes.

Related issues:

https://github.com/Kurento/bugtracker/issues/356
https://github.com/Kurento/bugtracker/issues/373

Feb 20 '20 11:02 j1elo

KurentoForks/reconnect-ws

Status:

As of today, all commits in this repo are already submitted as a PR on upstream (which hasn't been accepted):

Fork commits: https://github.com/KurentoForks/reconnect-ws/commits/master
Upstream PR: https://github.com/jacobbubu/reconnect-ws/pull/1/commits

More info about KurentoForks/reconnect-ws

Depends on reconnect-core, another forked and unmaintained repo: KurentoForks/reconnect-core.
Depends on websocket-stream@~0.5.1, which itself depends on a vulnerable version of ws. Relevant issue: https://github.com/Kurento/bugtracker/issues/634
Relevant PR: https://github.com/KurentoForks/reconnect-ws/pull/2

Feb 20 '20 11:02 j1elo

This long-standing issue is still open. External contributions are welcome because our focus is put in the Java client and I personally cannot dedicate the time to investigate and learn the reasons that caused those forks and why they could not be easily replaced by their upstream versions.

Jan 18 '23 15:01 j1elo