Contrib.social

Not covered by Security Advisory Policy

Open on Drupal.org β†’
Created on 23 November 2023, 12 months ago
Updated 27 November 2023, 12 months ago

Hi,
I am really excited to start testing this module as it is exactly what my client is asking for!
Thank you very much for sharing this.
However, my client is worried about the fact that the module is not yet covered by the security advisory policy.
Any plans to make it happen any time soon? Any thing you could highlight to reassure us about the security of this module?
Are you planning on maintaining this module for a long time, or did you just take the time to share what you've done so far and are not sure about the time you will have later on to maintain this...?
Thank you :)
Nicolas

πŸ’¬ Support request
Status

Active

Version

1.2

Component

Miscellaneous

Created by

πŸ‡«πŸ‡·France nicolas bouteille

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

  • Issue created by @nicolas bouteille
  • Comment 12 months ago β†’
    πŸ‡³πŸ‡΅Nepal sujan shrestha NepalπŸ‡³πŸ‡΅, Kathmandu

    Hi nicolas,

    Thank you for your enthusiasm and for raising valid concerns. I understand the importance of security and the need for a clear maintenance plan. Regarding the security advisory policy, I want to assure you that it's a priority for us. I'm actively working on getting the module covered by the policy, and I have plan to have this in place soon.

    As for the long-term maintenance of the module, I want to emphasize my commitment to providing ongoing support. I understand the significance of maintaining a reliable and secure module. I'm dedicated to addressing any issues that may arise and ensuring that the module remains up-to-date with evolving requirements. Your input is valuable, and I'm committed to delivering a reliable and secure solution. Thank you.

  • Comment 12 months ago β†’
    πŸ‡«πŸ‡·France nicolas bouteille

    Hi Sujan,

    Thank you for your quick reply. This is good to hear!
    I'm still exploring my options here so far. We have Commerce Stripe already installed and working but we want to offer more payment solutions.
    Unfortunately I cannot test and install your module to work aside Commerce Stripe that still requires stripe-php version 7 :/
    I see Commerce Stripe is now handling the Payment Element component though so I will probably give it a try, but I'm a bit skeptical about the fact that it is stuck on stripe-php v7 and also using API version 2019-12-03.
    By the way, I wrote a little something about it here:
    πŸ’¬ Why is stripe-php still stuck on version 7 and Stripe API on 2019-12-03? What does it imply? Active
    if you have any opinion on this I'd be happy to here about it. Maybe it is the reason why you decided to create you own module in the first place?

    Last question: can you confirm that your module is meant to work with https://stripe.com/payments/checkout ?

    So far it is not clear to me what I would eventually "lose" by using Stripe Checkout vs what Commerce Stripe gives me in terms of traceability of transactions, payment methods registered for each user, and so on. We also deal with subscriptions renewals and I have no idea yet if this is something I could still achieve with Stripe Checkout.

contrib.social Blog FAQ Discussions
Production build 0.71.5 2024