Project status: maintenance, ownership, and deprecation plans?Β #125
Description
Hello π
This is not a bug report, but a project status / maintenance question.
Context
This repository (satori/go.uuid) is still widely used and referenced, however:
-
The last commit was several years ago
-
There are long-standing references to critical issues, most notably
NewV4: non-random uuidΒ #73 -
The project is not marked as deprecated
-
There is no clear statement about:
- whether the library is actively maintained
- whether security issues will be addressed
- whether users should migrate away
At the same time, a community fork β https://github.com/gofrs/uuid β exists and is actively maintained.
Notably:
- Many tools, articles, and LLMs (ChatGPT, Copilot, etc.) recommend migrating to
gofrs/uuid - The
gofrs/uuidREADME explicitly references this repository and issue NewV4: non-random uuidΒ #73 as historical motivation for the fork
Questions
-
Is this repository actively maintained today?
-
Is the original author or any maintainer still responsible for it?
-
Are security fixes expected to be released here if needed?
-
Is there any plan to officially deprecate this repository?
-
If migration is recommended, would it make sense to:
- mark this repo as deprecated, or
- add a notice pointing users to
gofrs/uuid?
Why this matters
Because this package is still used transitively by many projects,
lack of clarity causes:
- confusion for users
- false positives in security scanners
- inconsistent guidance across tooling
A short clarification or status note would help the community a lot.
Thank you for your work and for any clarification π