starred/loggo
1
0
Fork 0
mirror of https://github.com/aurc/loggo.git synced 2026-04-26 16:35:55 +03:00
Code Issues 7 Projects Releases 5 Packages Wiki Activity

[GH-ISSUE #21] Security problem / Project maintenance status? #2

New issue
Closed
opened 2026-03-03 00:06:02 +03:00 by kerem · 2 comments
kerem commented 2026-03-03 00:06:02 +03:00
Owner
Copy link

Originally created by @pataquets on GitHub (Oct 8, 2024).
Original GitHub issue: https://github.com/aurc/loggo/issues/21

Hi @aurc.
Thanks for sharing this fine piece of software.
As I've found in a fork of your repo, there is allegedlly a security vulnerability which you might have not noticed.
Link to relevant commit in fork:
Bump go version to 1.21 everywhere, update vulnerable dependencies · Egor3f/loggo@2c5094e

Also, that leads me to wonder if the program is still maintained, if you're interested/able/etc to keep it or if you are no longer interested/able/etc (which would be prefectly fine in any case). However, if the latter is true, I'd like to suggest to post some sort of "seeking new maintainer (or co-maintainer)", or whatever formula you find appropriate to prevent this software to end up abandoned. There is also https://adoptoposs.org to post it.

In any case, thanks for sharing your work.

Originally created by @pataquets on GitHub (Oct 8, 2024). Original GitHub issue: https://github.com/aurc/loggo/issues/21 Hi @aurc. Thanks for sharing this fine piece of software. As I've found in a fork of your repo, there is allegedlly a security vulnerability which you might have not noticed. Link to relevant commit in fork: [Bump go version to 1.21 everywhere, update vulnerable dependencies · Egor3f/loggo@2c5094e](https://github.com/Egor3f/loggo/commit/2c5094e2eaa3effe0e11aca3874d4a552b5a0b3a) Also, that leads me to wonder if the program is still maintained, if you're interested/able/etc to keep it or if you are no longer interested/able/etc (which would be prefectly fine in any case). However, if the latter is true, I'd like to suggest to post some sort of "seeking new maintainer (or co-maintainer)", or whatever formula you find appropriate to prevent this software to end up abandoned. There is also https://adoptoposs.org to post it. In any case, thanks for sharing your work.
kerem closed this issue 2026-03-03 00:06:02 +03:00
kerem commented 2026-03-03 00:06:04 +03:00
Author
Owner
Copy link

@aurc commented on GitHub (Oct 9, 2024):

Hi @pataquets
Thanks for the bump! Can't believe how long has passed since the last update. I have updated all to the latest and greatest. Keep me posted if you have any feature requests!
Cheers
Aurelio

<!-- gh-comment-id:2401687617 --> @aurc commented on GitHub (Oct 9, 2024): Hi @pataquets Thanks for the bump! Can't believe how long has passed since the last update. I have updated all to the latest and greatest. Keep me posted if you have any feature requests! Cheers Aurelio
kerem commented 2026-03-03 00:06:04 +03:00
Author
Owner
Copy link

@aurc commented on GitHub (Oct 9, 2024):

Fixed - enabled auto vulnerability PRs

<!-- gh-comment-id:2403486873 --> @aurc commented on GitHub (Oct 9, 2024): Fixed - enabled auto vulnerability PRs
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
feature/go-1.26-ioutil-fix
feature/update-libs
feature/bump_vers
feature/web-client
v0.3.26
v0.3.25
v0.3.24
v0.3.23
v0.3.22
v0.3.21
v0.3.20
v0.3.19
v0.3.18
v0.3.17
v0.3.16
v0.3.15
v0.3.14
v0.3.13
v0.3.12
v0.3.11
v0.3.10
v0.3.9
v0.3.8
v0.3.7
v0.3.6
v0.3.5
v0.3.4
v0.3.3
v0.3.2
v0.3.1
v0.3.0
v0.2.14
v0.2.13
v0.2.12
v0.2.11
v0.2.10
v0.2.9
v0.2.8
v0.2.7
v0.2.6
v0.2.5
v0.2.4
v0.2.3
v0.2.2
v0.2.1
v0.2.0
v0.1.3
v0.1.2
v0.1.1
v0.1.0
Labels
Clear labels   
need more info

   
need more info

   
pull-request

Mirrored from GitHub Pull Request

No labels
need more info
need more info
pull-request
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/loggo#2
No description provided.