FS#75490 - electron12, electron13, electron14, electron16 are unsupported and vulnerable packages
Attached to Project:
Community Packages
Opened by Nemo (captn3m0) - Tuesday, 02 August 2022, 09:38 GMT
Last edited by Bruno Pagani (ArchangeGabriel) - Saturday, 20 August 2022, 20:47 GMT
Opened by Nemo (captn3m0) - Tuesday, 02 August 2022, 09:38 GMT
Last edited by Bruno Pagani (ArchangeGabriel) - Saturday, 20 August 2022, 20:47 GMT
|
Details
electron12, electron13, electron14, electron16 are all
vulnerable, not maintained, and unsupported. These should
not be included in the official repos.
Support Details: https://endoflife.date/electron There are only 2 packages that are dependent upon these old versions: - https://archlinux.org/packages/community/any/react-native-debugger - https://archlinux.org/packages/community/any/caprine Specifically, these are the old "embedded" chrome versions included in the current versions: - 12.2.3: chrome 96.0.4664.174 - 13.6.9: chrome 91.0.4472.164 - 14.2.9: chrome 93.0.4577.82 - 16.2.8: chrome 96.0.4664.174 The current stable version of chrome (which electron tracks) is 103.0.5060. Additionally, these are also using old versions of nodejs and openssl (both embedded). |
Closed by Bruno Pagani (ArchangeGabriel)
Saturday, 20 August 2022, 20:47 GMT
Reason for closing: Fixed
Additional comments about closing: Caprine updated, all electrons dropped to AUR (react-native-debugger is being worked on at https://github.com/archlinux/contrib/pul l/42).
Saturday, 20 August 2022, 20:47 GMT
Reason for closing: Fixed
Additional comments about closing: Caprine updated, all electrons dropped to AUR (react-native-debugger is being worked on at https://github.com/archlinux/contrib/pul l/42).
FS#75448(does even work with electron 20 !), and react-native-debugger likely dropped.