Crate maintenance status

[0rzech]

I wanted to ask whether this crate is still maintained.

• The last commit is from over 2 years ago and the crate depends on old libraries which is increasingly becoming a problem.
• The crate depends on rand 0.8 which has had two minor releases since then: 0.9 and 0.10, and its maintainer finds it more and more difficult to backport necessary changes: Patch RUSTSEC-2026-0097 for rand 0.8 rust-random/rand#1770. A PR that migrates cookie to a newer rand version is unanswered: Update rand to 0.9 #242 .
• An offer to help with maintenance remains unanswered: How can we help make a new release? #244 .
• The crate owner seems to have been absent for a long time: Basic project maintenance #236 .

This is not a laundry list of complaints. It's a FLOSS project without funding and it's understandable that it may become unmaintained at any time, but perhaps it would be better to raise a RUSTSEC unmaintained issue at this point?

[SergioBenitez]

I didn't intend to leave this crate without maintenance; thank you for the ping. I've worked through the backlog of issues and PRs and believe I have merged or implemented everything reasonably requested. I'd like to do a final thorough review (of new code, and to consider whether any other breaking changes should be made now) before pushing a new release, however, and any help in that direction would be greatly appreciated.