ed25519
ed25519 copied to clipboard
dazoe
Project needs new maintainer
Hey bro!
You created something the community loves and needs. But leaving pull request unanswered and ignore issues is a horror!
Your repository is used by 1.4k other packages. Therefore please fix the issues! It is a pain in the ass for all developers out there getting errors just because someone thought it would be could to write some OSS and doesn't maintain it.
That's not how OSS should work!
cheers
@p3root whilst I completely agree that it's a shame this project hasn't been maintained since 2015. @dazoe is under no obligation to work for you or any other developer for free. If you want this project to be maintained, either do it yourself or find an alternative.
@ChildishForces!
Don't get me wrong. Every OSS library I use in a commercial way gets some kind of sponsoring from me (except big company projects), in form of money or working time. That's how OSS should work.
But if I own a repository with 1.4k dependencies and about ~70 dependents on NPM, I should handle that kind of power responsible.
A new maintainer should have been chosen a couple years earlier. Also don't forget to allow the mantainer to access the npm repository as well to publish new releases.
I would like to mantain this project, but only with support from other too.
@dazoe thanks for your fast response :)
I've noticed https://github.com/dazoe/ed25519/compare/master...gaoxiangxyz:master They have done a good job! @erikma has added the Node v12 compatibility as well.
It would be nice to check out if their code is safe and correct and merge it?
I have this one in use: https://github.com/pokt-network/ed25519/commit/351baecc4611bb014390b44c6bbee417ec1bd82d
More interesting is the conversion of curve25519. @volschin managed to replace nan with node api: https://github.com/volschin/node-curve25519/commit/80af96fc458998e576e5e8ac71810adf4524846b
This seems a lot more elegant and maybe run with node 13 & 14.
Note for those watching this issue, I accepted Dave's collaboration request on this repo, awaiting permissions to publish the package on npmjs.org. Please note I have a (very busy) day job in the software industry so this will be free time meaning high latency. Given that, my priority list for updates:
- Reduce or eliminate dependency on OpenSSL (#21 , #22 , changes in some forks)
- Node 12 & 14 support (synthesize various commits and PRs across the forks) for #23
- Add GitHub Actions based build, packaging, regression testing
- Reduce or eliminate build warnings that have increased since the code was created
I do not have permissions to add @erikma to the package on npmjs.org. the package is owned by an organization. I have reached out to npmjs support to try to resolve this.
@dazoe Any motion on the permissions issue? I'm merging changes from various forks and getting ready to push an update for Node 12.
One alternative if that's unresolvable is to publish under a new package name like "ed25519.new" under a new "ed25519" npmjs org, and advertise the change in as many places as possible. Far less satisfactory though as breaking package naming is a big deal.
Hey dudes, awesome this issue becomes adressed @erikma thank you for volunteering here :+1:
Was just thinking to volunteering here too, as I need the package really - all my systems use ed25519^^ and want to be able to easily deal with them in my nodejs scripts too.
Cheers!
@JhonnyJason Consider pinning this repo's source as a package reference in package-lock.json. I just did that as an experiment to validate recent commits for Node 12. See https://github.com/erikma/passport-sqrl/blob/1c8104419fbdf480bd61539a4c5ee2da2a0e3609/package.json#L39
have the npm issues been resolved? I see the version in package.json as 0.0.5, but npm is still at 0.0.4
Hey everyone, maybe you want to try https://github.com/Brooooooklyn/node-ed25519
