We have multiple old versions of the DApp itself, the first website, the second website, Hall of Fame, Donation Leaderboard and many other abandoned projects on GitHub.
As subscriber to these repos I frequently get huge emails from dependabot about vulnerabilities that are present and we should make it clear that we are not using certain applications and services anymore.
What do you think?
Can we start archiving old repos?
That sounds like a good idea.
If they are archived, they can still be reviewed and referenced and forked right? And viewed under the organization’s Github?
The one thing I want to make sure of is that we’re not clearing any history of things we might want to reference in grant applications or elsewhere to prove that we did do something/worked on it.
“When a repository is archived, its issues, pull requests, code, labels, milestones, projects, wiki, releases, commits, tags, branches, reactions, code scanning alerts, comments and permissions become read-only.”
More information here 