| 10 Sep 2025 |
 hexa | https://kb.cert.org/vuls/id/461364 no new release yet, releases look like code drops | 02:17:22 |
| hexa | * https://kb.cert.org/vuls/id/461364 no new release yet, releases look like code drops https://gitlab.com/hsleisink/hiawatha/-/commits/master?ref_type=HEADS | 02:17:32 |
| hexa | only maintainer was removed in 2019 and the package has been carried forth since by r-ryantm | 02:20:14 |
| hexa |
Hiawatha is no longer actively supported by the developer, but the developer acknowledges the vulnerabilities and has included mitigations and remediations to all three vulnerabilities in the next release.
| 02:20:34 |
 dish [Fox/It/She] | there aren't any consumers in nixpkgs, nor in any public config repos from a cursory glance at sourcegraph, so since there's no maintainers we could consider dropping | 02:23:29 |
| hexa | https://github.com/NixOS/nixpkgs/pull/441645 | 02:24:21 |
| hexa | same thought | 02:24:26 |
| dish [Fox/It/She] | 🫡 | 02:30:22 |
| dish [Fox/It/She] | considering a drop is technically breaking, add a nixpkgs release note maybe? | 02:30:55 |
