Is it abandoned project?

Question

Is it abandoned project?

stalkerg opened this issue a year ago · 4 comments

@dwolfhub sorry for tagging you but seems like we should know your plans.
Because a such project tied with security I think it dangerous use it without releases in last 4 years.

As I understand should be next changes:

Support new pythons up to 3.13 (ci, builds)
Drop python up to 3.8 (especial 2.7)
Probably move CI to GitHub.
Add type hints.
Fix security flaws - #70
Fix performance and etc like in #72
Word's list should be extended by local countries words (it's still alphabet but not English)

Because a such lib used in many other projects, I suppose it's important. Originally it was made (ported) by @gvanrossum when he worked in DropBox, maybe we can ask him what to do next.

Answer 1 · 2024-02-20T01:53:15.000Z

I was never involved in this project and have no plans for it.

Answer 2 · 2024-02-20T01:55:22.000Z

My apologize, I made this assumption base on https://github.com/dropbox/python-zxcvbn
(it's still not archive however)

Answer 3 · 2024-04-13T12:35:23.000Z

Would be nice to know what the plan is to know what to do with the Debian package, https://tracker.debian.org/pkg/python-zxcvbn.

Answer 4 · 2024-08-29T15:22:42.000Z

Possible replacement: https://github.com/fief-dev/zxcvbn-rs-py