Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Intention to Archive the Project #121

Open
eddiezane opened this issue Jan 27, 2025 · 3 comments
Open

Intention to Archive the Project #121

eddiezane opened this issue Jan 27, 2025 · 3 comments
Assignees
@GUI @kristjan @tyrauber @eddiezane

Comments

@eddiezane
Copy link
Owner

TLDR: This gem hasn’t had active maintainers in years, and efforts to transition it to Twilio SendGrid have failed. Considering archiving to prevent it from rotting further—open to suggestions but cautious of supply chain attack potential.

Hi everyone,

I originally created this gem in 2014 as a proof of concept while working at SendGrid. Rails had just introduced new extension hooks for ActionMailer, and I was excited to explore the possibilities.

After I moved on from SendGrid and stopped working with Rails, the project continued to grow, thanks to the incredible contributions of @kristjan, @GUI, and @tyrauber, who stepped in as maintainers to keep the gem alive.

The last release was on February 16, 2021. While it’s clear from open issues and pull requests that the gem is still actively used—with over 5M lifetime downloads (3M for the latest version)—it hasn’t had active maintainers in some time.

I’ve made multiple attempts to transition the project to Twilio SendGrid over the past 4 years, but unfortunately, all efforts have been unsuccessful. Given the increasing risks around supply chain attacks, I’m uncomfortable leaving the gem unmaintained or transferring it to unknown individuals.

At this point, I believe archiving the repository is the best course of action, but I’m open to hearing other ideas or feedback.

Thank you to everyone who has used, supported, or contributed to this gem over the past 11 years!
@eddiezane eddiezane pinned this issue Jan 27, 2025
@kristjan
Copy link
Collaborator

I'm pinging @apartmentlist to see if it's still in use there and maybe they want to pick it up. Else archiving sounds reasonable to me; it certainly hasn't gotten any love in a while.

@tyrauber
Copy link
Collaborator

tyrauber commented Jan 27, 2025
edited
Loading

Hey @eddiezane, I appreciate you creating this library. It's been quite useful for rails apps using Sengrid. While Sengrid's ruby libraries can accomplish more directly, a lot of glue code has to be written to accomplish the same feature set.

Are you considering yanking the gem? What are your concerns in regards to supply chain attacks? Is that due to the code itself, or generalized concerns about new maintainers and the lack of maintenance?

As much as I will probably regret this, I know of several projects currently using the library in production. I find myself in the unfortunate position of probably either needing to fork and maintain, or assist in the migration away from this library. Given the lack of easy alternatives, I could see that migration being a pain. I think with 3 million downloads for the last version, it's probably worth me updating and maintaining the library myself.

Edit: With that being said, I'd be quite happy if @apartmentlist wanted to take over.

@kristjan
Copy link
Collaborator

@apartmentlist confirmed they stopped using it some time back. Sounds like it might be yours if you still need it @tyrauber 😄

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@GUI GUI

@kristjan kristjan

@tyrauber tyrauber

@eddiezane eddiezane

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@GUI @kristjan @tyrauber @eddiezane