Status of the project & maintainer?

[tmikaeld]

I'm worried that something might have happened to the Maintainer, I see no activity since April 2018 except for some bot that's committing to a repo every month.

More than 350 projects on NPM depend entirely on this library, a lof of high-profile companies too, like Fabric, Microsoft, Bitcore, Wire, Mozilla etc.

And there's even a Vulnerability that's not addressed + pull requests that haven't been checked.

[davedoesdev]

https://twitter.com/davedoesdev/status/1237667966491205632

[tmikaeld]

@davedoesdev Seems to be only a bot that's active on the account.

[davedoesdev]

I'm going to deprecate https://github.com/davedoesdev/node-jsjws and move my projects to libsodium.
There are decent libsodium JS modules.

[davedoesdev]

I've deprecated node-jsjws now and moved to libsodium (sodium-native or sodium-plus) and jose.

[kjur]

Minerva vulnerability was mitigated in the 8.0.13 release today. Thanks.