Definitely!
> On Apr 11, 2018, at 3:28 AM, Neil Bowers <neil.bow...@cogendo.com> wrote: > > Hi Moritz, > > I’m emailing you wearing my PAUSE admins hat. > > John Napiorkowski would like to get co-maint on Crypt::OpenSSL::RSA, so he > can do a bug fix release (see below). > > If you’re happy for him to have co-maint, I can give it to him on your > behalf. Is that ok? > > Cheers, > Neil > > >> Begin forwarded message: >> >> From: john napiorkowski <jjn1...@gmail.com> >> Subject: Wishing to adopt https://metacpan.org/pod/Crypt::OpenSSL::RSA >> Date: 10 April 2018 at 15:17:34 BST >> To: modules@perl.org >> >> Hi, >> >> My company (and apparently a number of people from the look of the bug >> queue) rely on this module (https://metacpan.org/pod/Crypt::OpenSSL::RSA) on >> the job. However there is a critical bug in it with an outstanding patch >> that the current maintainer doesn't seem interested in dealing with. Here's >> the testers reports: >> >> https://www.cpantesters.org/distro/C/Crypt-OpenSSL-RSA.html?oncpan=1&distmat=1&version=0.28&grade=3 >> >> As you can see its failing to install quite consistently over the past year >> plus, which is due to critical security fixes in open-ssl becoming the >> commonly default install on most servers. This security fixed version of >> open-ssl does not compile with the currently released CPAN code. >> >> Here's the bug report / patch from last year: >> >> https://github.com/monken/Crypt-OpenSSL-RSA/pull/18 >> >> As you can see the patch is trivial. >> >> When I emailed the current maintainer, cpan ID 'PERLER' he at first seemed >> willing to do one more emergency release to get us past the current crisis. >> He did indeed merge the PR but has not released the code to CPAN. In the >> email exchange I had with him he seems to indicate that he doesn't do Perl a >> lot anymore and had forgotten how to upload and prep a module for CPAN. I >> gave him instructions via email on how to do that and offered to pair on it >> if he was stuck, but I never heard back (that was 2 weeks ago). Its >> starting to look like this is not something the current maintainer wants to >> deal with or has time for. Additionally its not a long term solution since >> he has only comaint rights and can't transfer ownership to a willing >> maintainer should issues arise in the future. >> >> I also emailed the current 'first-come' author 'IROBERTS' who has not >> responded to emails for more than 6 weeks and from reviewing the record does >> not seem to be active in Perl / CPAN anymore (no uploads to CPAN in more >> than 10 years from what I can see). >> >> This module is actually fairly important as a number of other modules >> related to cryptography use it. Given that I think it needs a maintainer >> willing to do the basics and also one that will turn it over to someone else >> should s/he decide to retire (someone with first-come that is willing to >> migrate that authority to someone else when the time comes). I'd be very >> willing to become first come on this and release an update since my company >> uses it. My CPAN id is JJNAPIORK and I've got a pretty decent track record >> on CPAN of doing trustworthy releases. My plan would be to release quickly >> a patched version of this, and also it looks like from the github pull >> request record that there's a number of outstanding patches that could be >> merged as well. Also I will contact some of the people that send patches to >> this code and find out if they want comaint that way there's no longer a >> single point of failure on this. So I'm requesting that I be granted >> first-come on this module. >> >> Please let me know what else I should do to make this possible. >> >> Regards, >> >> John Napiorkowski (JJNAPIORK) > > Cogendo > > T: +44 7880 741899 > W: www.cogendo.com > M: neil.bow...@cogendo.com > > Cogendo is the trading name of Cogendo Limited, Registered in England & > Wales, company no. 8944534. > Registered office: 51 West Street, Marlow, Buckinghamshire. SL7 2LS. >
