Hi, I understand the repo’s development’s indeed still happening, but perhaps at least security releases could be done? eg: electron release 28.x.* was at EOLife in May (current stable is v33.0.2).
I’m guessing this yarn.lock is where it’s pinned in the logseq repo (github /logseq/logseq/blob/53d8c5a3c6b43fbff0f8de2a32d09e284ef72fcb/yarn.lock#L2649 (sorry discourse won’t allow more than than two links))?
update: logseq’s been removed from nixos (biggest package maintenance ecosystem I know of) for this very security concern of this thread.
Thanks for raising this issue @jakotay (and sorry for taking so long to reply).
All work is currently focused on the “DB branch”, which will be merged back into main soon. There, electron has been been updated to v31.7.5:
Edit: I see there’s an issue with this version as well, so I’ve flagged the issue with @tienson based on the comment below. He told me that the electron version will be updated again.
Edit 2: Electron will be updated soon, in time for the new local builds:
Is there a timeline? As distros are removing logseq for lack of maintenance, it would be helpful to know if this is days, weeks, or months.
I see in other comments that there’s no date. But for those of us on distros where logseq is being removed, it would be good to have some idea.
Sorry, I really can’t give a timeline because I don’t know. I’m hoping for weeks, but it wouldn’t be the first time I’m wrong 
I’m a dev too, so I understand 
.
As a user workarounds in that general time frame are OK.
I agree. It would be great to have a sort of intermediate release for the sake of having logseq in nixpkgs again.
I don’t think you’ll have solved this issue until finally mark a new release Electron version in use is outdated and marked insecure · Issue #11644 · logseq/logseq · GitHub
(I think logseq has always used release tags, so this is to be expected: downstreams will have been dutifully watching waiting for those numbers to continue bumping)