hello,
i like to know if this module is still developed and maintained. I ask this because there are several critical bugs allready for long time unclosed.
Also i would like to know how secure it is to use the development version.

Comments

pillarsdotnet’s picture

Title: Is the Module still maintained? » Is the Supercron module abandoned?
MisterSpeed’s picture

No, we are still working on 2.x

pillarsdotnet’s picture

Any reason you haven't responded to this patch? (I posted it in multiple issues, but have since closed all the others as duplicates.)

#749606-16: Path to supercron.php incorrectly determined by the module code

MisterSpeed’s picture

The issue is that we are trying to make it so that there is one code base for D6 and D7 going forward, and the tiniest of glue/wrapper around that. The patch works well under D6.

pillarsdotnet’s picture

Gotcha. That's basically what I'm doing with my modules, too. Good luck.

mbria’s picture

Take a look to module description: http://drupal.org/project/supercron

This module is abandoned due to a security issue the maintainer never fixed. See SA-2012-006 for details.

If you want to use this module, your options are:

  • Choose another, actively maintained module instead
  • Fix the module and then contact the security team to have your version reviewed and the project handed over to you following the abandoned project process
  • Hire someone to fix the security bug so the module can be re-published (see this guide on how to hire a Drupal site developer)
mbria’s picture

Priority: Normal » Critical
MisterSpeed’s picture

We responded to the request for correction (sent on December 26th) with a statement to the effect that we were working on it; this is hardly a statement of abandonment. I find this response to be completely opposed to the facts, and completely incompatible with the proper workings of an open source community.

We have invested a lot of manpower for a small shop in this module and do not welcome any other individuals (or competing companies) taking it over willy-nilly against our stated desire and basic prima facie evidence.

greggles’s picture

Status: Active » Closed (duplicate)

There were no companies that took this over and the action was not done "willy-nilly." It was an action taken by the independent, volunteer run Drupal Security Team. following our standard process. I'm responding to the rest of the security related topics in #1411952: Security Issue SA-CONTRIB-2012-006 so marking this issue as a duplicate of that.