Link to more active fork

[mnoack]

Hi guys, the guy who manages the rails_xss gem (https://github.com/joloudov/rails_xss) has a much more active repo, and we're about to open a Pull Request for more fixes (Array.join).

Rather than have this looking like the official repo which is outdated perhaps it could have a readme pointing to this guy or have him/myself added to this repo? or even rebase off this guy and if possible monitor PR's? something along the lines?

Note: Yes unfortunately we still need rails_xss this as we use Radiant which is on rails2 so we can't just upgrade to rails3 yet.

[rafaelfranca]

cc @NZKoz

[mnoack]

@rafaelfranca @NZKoz I guess the absence of comments kind of re-enforces my point :)

[grosser]

👍 1 less project to baby-sit @rafaelfranca ;)

[rafaelfranca]

As this project is security related I'm not sure we will recommend our users to use a fork. This is why I cc'ed @NZKoz

[NZKoz]

Yeah, we've closed off this repository because we no longer offer any guarantees for 2.3 based apps, it's unsupported.

I think that linking to another repository might imply some level of security review which we simply haven't done.

[grosser]

"A maintained but not reviewed repo can be found here"

On Wed, Jan 8, 2014 at 11:53 AM, Michael Koziarski <[email protected]

wrote:

Yeah, we've closed off this repository because we no longer offer any
guarantees for 2.3 based apps, it's unsupported.

I think that linking to another repository might imply some level of
security review which we simply haven't done.

—
Reply to this email directly or view it on GitHubhttps://github.com//issues/21#issuecomment-31871358
.