DEV Community

Cover image for Join me in building a community-maintained fork of the Quill Editor ๐Ÿ™Œ
Jan Kรผster ๐Ÿ”ฅ
Jan Kรผster ๐Ÿ”ฅ

Posted on

Join me in building a community-maintained fork of the Quill Editor ๐Ÿ™Œ

#opensource #webdev #javascript #community

TL;DR - Quill is abandoned, I want to build a community fork

Quill is a flexible and modular rich text editor which gained popularity in the recent years. With the rise of AI-based code inspections, we get new CVEs reported regularly. Quill is no exception here, looking at the list of open issues related to recent CVEs and open pull requests to fix them.

Is Quill abanndoned? ๐Ÿ˜ช

The big question is now: "Is Quill already abandonware?". Maintainer silence regarding issues, PRs and discussions - even related to security topics - and also no answers from direct messages on socials shows a clear indicator that the maintainers do not care or shifted focus.

Let the community take over ๐Ÿ™Œ

Me and many others do rely on this package, as there are few to no alternatives that provide the same level of text delta handling (and which do not introduce the complexity of OT/CRDT algorithms).

My proposal: if enough people join me, showing me their willingness to contribute to a community fork, then I am eager to create a quill or and fork all relevant packages and start a Quill community.

My past experience in forming a security-aware community around a fork of OAuthJs should be of great help here:

GitHub logo node-oauth / node-oauth2-server

๐Ÿš€ The successor to oauthjs/oauth2-server. ๐Ÿ”’ Complete, compliant, maintained and well tested OAuth2 Server for node.js. Includes native async await and PKCE.

@node-oauth/oauth2-server

Complete, compliant and well tested module for implementing an OAuth2 server in Node.js.

Tests CodeQL Semantic Analysis Tests for Release Documentation Status Project Status: Active โ€“ The project has reached a stable, usable state and is being actively developed. npm Version npm Downloads/Week GitHub License

NOTE: This project has been forked from oauthjs/node-oauth2-server and is a continuation due to the project appearing to be abandoned. Please see our issue board to talk about next steps and the future of this project.

Installation

npm install @node-oauth/oauth2-server
Enter fullscreen mode Exit fullscreen mode

The @node-oauth/oauth2-server module is framework-agnostic but there are several officially supported wrappers available for popular HTTP server frameworks such as Express and Koa (not maintained by us) If you're using one of those frameworks it is strongly recommended to use the respective wrapper module instead of rolling your own.

Features

  • Supports authorization_code, client_credentials, refresh_token and password grant, as well as extension grants, with scopes.
  • Can be used with promises, ES6 generators and async/await (using Babel).
  • Fully RFC 6749 and RFC 6750 compliant.
  • Implicitly supports any form ofโ€ฆ
View on GitHub

Join the discussion

Building a community for a maintainable and sustainable fork ๐Ÿ™Œ #4803

jankapunkt avatar
jankapunkt posted on

Hey everyone,

my last attempt to build an official fork community was interrupted but I want to try again as the original maintainers seem to be unreliable, especially considering the unfixed CVEs ๐Ÿ’€

I would like to make a simple vote, please add your reactions:

Who would be willing to...

  • join a quill org that forks this and maintains this project under community rule? โ†’ vote with ๐Ÿ‘
  • to contribute either to code, documentation, or work on the module architecture (or all) โ†’ vote with ๐Ÿš€
  • to look into issues and PRs and help with triage and/or reviews โ†’ vote with ๐Ÿ‘€
  • work on community building โ†’ vote with ๐Ÿ˜„
  • sponsor devs โ†’ vote with โค๏ธ

I am eager to step up and prepare such things until the community gets momentum and manages itself democratically.

View on GitHub

Top comments (0)