Comments (4)
Hi @creative-ae,
No, Sails is not dead and is still maintained.
We recently celebrated the project's 11th birthday, and our last release was Sails 1.5.3 in August 2022.
You can read @mikermcneil's statement on the current state of Sails here: https://gist.github.com/mikermcneil/4e03180398298bd3bf22394a7b72d012
We also recommend checking out @mikermcneil's Sailsconf 2021 talk here: https://youtu.be/_T-UR9mU4-o
from sails.
@creative-ae Thanks for posting! We'll take a look as soon as possible.
In the mean time, there are a few ways you can help speed things along:
- look for a workaround. (Even if it's just temporary, sharing your solution can save someone else a lot of time and effort.)
- tell us why this issue is important to you and your team. What are you trying to accomplish? (Submissions with a little bit of human context tend to be easier to understand and faster to resolve.)
- make sure you've provided clear instructions on how to reproduce the bug from a clean install.
- double-check that you've provided all of the requested version and dependency information. (Some of this info might seem irrelevant at first, like which database adapter you're using, but we ask that you include it anyway. Oftentimes an issue is caused by a confluence of unexpected factors, and it can save everybody a ton of time to know all the details up front.)
- read the code of conduct.
- if appropriate, ask your business to sponsor your issue. (Open source is our passion, and our core maintainers volunteer many of their nights and weekends working on Sails. But you only get so many nights and weekends in life, and stuff gets done a lot faster when you can work on it during normal daylight hours.)
- let us know if you are using a 3rd party plugin; whether that's a database adapter, a non-standard view engine, or any other dependency maintained by someone other than our core team. (Besides the name of the 3rd party package, it helps to include the exact version you're using. If you're unsure, check out this list of all the core packages we maintain.)
Please remember: never post in a public forum if you believe you've found a genuine security vulnerability. Instead, disclose it responsibly.
For help with questions about Sails, click here.
from sails.
I've reported two vulnerabilities which really only require an update to the package.json to patch and never received a response after many months (and it's still not patched). Also there are multiple serious vulnerabilities with the client-side lodash library which can be viewed on Pagespeed, this has also not been patched. Most of the updates that are done are fixes to typos in the docs. Most of the updates to Waterline were done 3-5 years ago. And Sails.js core has 489 issues and in 2022 received about 19 updates (guess how many of them are updates to the docs)
I would say the project has been mostly abandoned. The Sails.js team seems to be working on FleetDM now.
from sails.
Hi folks! Thanks for your contributions.
Sails.js is alive
The Sails.js team seems to be working on FleetDM now.
Confirmed, at least for some of us. @eashaw and I are definitely working on Fleet.
We also maintain Sails.js.
Aside, shout-out: @DominusKelvin is also doing some great work in the community to make Sails.js easier to learn at https://sailscasts.com.
I would say the project has been mostly abandoned.
Thanks for sharing your perspective. I would disagree and say the project is mostly stable.
For example, we use Sails.js at Fleet, in production. Sails.js is also in use at Postman, Stripe, Amazon, and many others in production. Sails Flagship has current customers as well.
My Sailsconf talks in 2020 and 2021 have more info, and I'll be doing another talk at Sailsconf 2022. Hope that helps!
Why I'm locking this issue
I've been doing this open source thing for long enough now that I know how easy it can be for "foo is dead" issues to cause confusion and further questions, which can be a merry-go-round of misunderstandings and time investment for everyone involved, so I'm going to go ahead and close and lock this issue. (Please feel free to link to this reply for similar issues that open in the future!) If anything changes, I will let the community know. But to be clear, Eric and I are committed as ever to making sure critical bugs and vulnerabilities are addressed quickly, and we have a strong incentive to do so.
Sails continues to be the best way I know how to build scalable, maintainable apps quickly.
Re: issue #7228 specifically
I've reported two vulnerabilities which really only require an update to the package.json to patch and never received a response after many months (and it's still not patched).
Hi @sudo-apt-get-updates, Eric and I took a look at your issue months ago.
Unfortunately, we missed the step of following through on the response we planned to share with you in your issue. Sorry about that!
Fortunately, we did prioritize and then take action in relation to your issue at that time. We decided not to patch, and instead to update the docs. Since Sails.js applications are not typically deployed in the web root of Java applications, and since the best practice for Sails apps is to use S3 or another more scalable solution for file uploads (rather than uploading to disk, which only works easily for single-instance deployments)
This response closes #7228.
from sails.
Related Issues (20)
- Using the latest socket.io version HOT 3
- Waterline has very bad compatibility with PostgreSQL it's almost unusable HOT 3
- Connection unstable HOT 2
- Datastore selection for Archive model HOT 1
- getDatastore.manager issue in [email protected] HOT 9
- [email protected] captains-log dependency introduces ReDoS Vulnerability HOT 5
- Testing with Parasails HOT 1
- Sails.io - ECONNREFUSED in client HOT 5
- Put the new Mongo Pool Size config in sails-mongo HOT 6
- Dead link in README HOT 2
- Using CRSF set to true returns forbidden as response on api calls HOT 2
- @sailshq/lodash is not patched for all historic lodash prototype pollution bugs HOT 2
- Latest @sailshq/lodash reports its version incorrectly HOT 2
- find method in sails.js model HOT 1
- only req.on("close") is working HOT 1
- This is the most disgusting framework I've ever used! HOT 2
- This is the most disgusting framework I've ever used! HOT 2
- This is the most disgusting framework I've ever used! HOT 2
- Integrate search feature for mobile in sails documentation HOT 4
- Typo issue in customToJSON docs HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from sails.