[MODAES-19] Archive mod-aes Created: 09/Sep/22  Updated: 07/Oct/22  Resolved: 03/Oct/22

Status: Closed
Project: ARCHIVED: mod-aes
Components: None
Affects versions: 0.0.4
Fix versions: None

Type: Task Priority: P3
Reporter: Julian Ladisch Assignee: Julian Ladisch
Resolution: Done Votes: 0
Labels: security, security-reviewed
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original estimate: Not Specified

Issue links:
Duplicate
is duplicated by FOLIO-3240 Deprecate mod-aes github repo Closed
Sprint:
Development Team: EBSCO - FSE
RCA Group: TBD

 Description   

https://github.com/folio-org/mod-aes hasn't been maintained since April 2021.

It has multiple security vulnerabilies, for example Log4J.

Can this repository been archived? If yes, please convert this Jira into a task and execute the archive tasks explained on https://dev.folio.org/faqs/how-to-archive-repository/

Otherwise please upgrade all dependencies to supported versions and release a new mod-aes version.



 Comments   
Comment by Hongwei Ji [ 09/Sep/22 ]

Julian Ladisch, if I remember correctly, the decision was made to archive mod-aes. VBar and Matt Reno, can you confirm? Thanks.

Comment by Julian Ladisch [ 24/Sep/22 ]

VBar Can you confirm?

Comment by Julian Ladisch [ 24/Sep/22 ]

Matt Reno Can you confirm?

Comment by Craig McNally [ 29/Sep/22 ]

I asked around and couldn't find anybody that's actually using this module.  I suggest that we archive this for now.  If it turns out that someone is using it we can make the necessary fixes and unarchive it.

Comment by Julian Ladisch [ 29/Sep/22 ]

Vince wrote:

So having discussed it with Matt, in our opinion mod-aes can be archived. So you have confirmation from EBSCO.

Comment by David Crossley [ 03/Oct/22 ]

Done.

Generated at Thu Feb 08 22:26:14 UTC 2024 using Jira 1001.0.0-SNAPSHOT#100246-sha1:7a5c50119eb0633d306e14180817ddef5e80c75d.