Remove GNU Social (unmaintained since Nov 2022, website down)

[nodiscc]

• No commits since 25 Nov 2022 https://codeberg.org/GNUsocial/gnu-social/commits/branch/v3
• Website down with SSL_ERROR_BAD_CERT_DOMAIN
• ref. Remove unmaintained projects, dead links awesome-selfhosted#3558

[Ki-er]

Website seems to be up > https://gnusocial.rocks/ but no commits since the site has come back up, id say fit for removal

[nodiscc]

In addition, some vulnerable composer packages:

$ ./trivy_0.41.0_Linux-64bit/trivy repo https://codeberg.org/GNUsocial/gnu-social
2023-08-25T13:17:53.453+0200	INFO	Need to update DB
2023-08-25T13:17:53.453+0200	INFO	DB Repository: ghcr.io/aquasecurity/trivy-db
2023-08-25T13:17:53.453+0200	INFO	Downloading DB...
39.12 MiB / 39.12 MiB [-------------------------------------------------] 100.00% 10.24 MiB p/s 4.0s
2023-08-25T13:17:58.641+0200	INFO	Vulnerability scanning is enabled
2023-08-25T13:17:58.641+0200	INFO	Secret scanning is enabled
2023-08-25T13:17:58.641+0200	INFO	If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2023-08-25T13:17:58.641+0200	INFO	Please see also https://aquasecurity.github.io/trivy/v0.41/docs/secret/scanning/#recommendation for faster secret detection
Enumerating objects: 61401, done.
Counting objects: 100% (61401/61401), done.
Compressing objects: 100% (11079/11079), done.
Total 61401 (delta 20655), reused 57092 (delta 18197), pack-reused 0
2023-08-25T13:18:05.631+0200	INFO	Number of language-specific files: 1
2023-08-25T13:18:05.631+0200	INFO	Detecting composer vulnerabilities...

composer.lock (composer)

Total: 6 (UNKNOWN: 0, LOW: 0, MEDIUM: 1, HIGH: 5, CRITICAL: 0)

┌─────────────────────────┬─────────────────────┬──────────┬───────────────────┬───────────────────────────────────────────────────────────┬─────────────────────────────────────────────────────────────┐
│         Library         │    Vulnerability    │ Severity │ Installed Version │                       Fixed Version                       │                            Title                            │
├─────────────────────────┼─────────────────────┼──────────┼───────────────────┼───────────────────────────────────────────────────────────┼─────────────────────────────────────────────────────────────┤
│ guzzlehttp/psr7         │ CVE-2023-29197      │ HIGH     │ 2.4.3             │ 1.9.1, 2.4.5                                              │ guzzlehttp/psr7 is a PSR-7 HTTP message library             │
│                         │                     │          │                   │                                                           │ implementation in PHP. ...                                  │
│                         │                     │          │                   │                                                           │ https://avd.aquasec.com/nvd/cve-2023-29197                  │
├─────────────────────────┼─────────────────────┤          ├───────────────────┼───────────────────────────────────────────────────────────┼─────────────────────────────────────────────────────────────┤
│ league/oauth2-server    │ CVE-2023-37260      │          │ 8.3.5             │ 8.5.3, 8.4.2                                              │ league/oauth2-server key exposed in exception message when  │
│                         │                     │          │                   │                                                           │ passing as a string and...                                  │
│                         │                     │          │                   │                                                           │ https://avd.aquasec.com/nvd/cve-2023-37260                  │
├─────────────────────────┼─────────────────────┼──────────┼───────────────────┼───────────────────────────────────────────────────────────┼─────────────────────────────────────────────────────────────┤
│ nyholm/psr7             │ GHSA-wjfc-pgfp-pv9c │ MEDIUM   │ 1.5.1             │ 1.6.1                                                     │ Improper Input Validation in nyholm/psr7                    │
│                         │                     │          │                   │                                                           │ https://github.com/advisories/GHSA-wjfc-pgfp-pv9c           │
├─────────────────────────┼─────────────────────┼──────────┼───────────────────┼───────────────────────────────────────────────────────────┼─────────────────────────────────────────────────────────────┤
│ phpseclib/phpseclib     │ CVE-2023-27560      │ HIGH     │ 3.0.17            │ 3.0.19                                                    │ Math/PrimeField.php in phpseclib 3.x before 3.0.19 has an   │
│                         │                     │          │                   │                                                           │ infinite loo ...                                            │
│                         │                     │          │                   │                                                           │ https://avd.aquasec.com/nvd/cve-2023-27560                  │
├─────────────────────────┼─────────────────────┤          ├───────────────────┼───────────────────────────────────────────────────────────┼─────────────────────────────────────────────────────────────┤
│ symfony/http-kernel     │ CVE-2022-24894      │          │ v6.1.6            │ 4.0.0, 4.2.0, 6.1.12, 2.1.0, 2.6.0, 2.7.0, 6.0.20, 2.4.0, │ Symfony is a PHP framework for web and console applications │
│                         │                     │          │                   │ 2.2.0, 3.2.0, 5.3.0, 3.3.0, 4.1.0, 4.4.0, 5.1.0, 5.2.0,   │ and a...                                                    │
│                         │                     │          │                   │ 5.4.20, 2.3.0, 3.1.0, 4.4.50, 4.3.0, 5.4.0, 6.2.6, 2.5.0, │ https://avd.aquasec.com/nvd/cve-2022-24894                  │
│                         │                     │          │                   │ 2.8.0, 3.0.0, 3.4.0                                       │                                                             │
├─────────────────────────┼─────────────────────┤          ├───────────────────┼───────────────────────────────────────────────────────────┼─────────────────────────────────────────────────────────────┤
│ symfony/security-bundle │ CVE-2022-24895      │          │ v6.1.3            │ 6.0.20, 2.1.0, 4.2.0, 4.4.50, 2.3.0, 2.7.0, 5.1.0, 5.4.0, │ Symfony is a PHP framework for web and console applications │
│                         │                     │          │                   │ 2.2.0, 3.1.0, 4.0.0, 2.5.0, 2.6.0, 6.2.6, 5.3.0, 3.4.0,   │ and a...                                                    │
│                         │                     │          │                   │ 4.4.0, 5.2.0, 3.2.0, 6.1.12, 2.4.0, 3.0.0, 3.3.0, 2.8.0,  │ https://avd.aquasec.com/nvd/cve-2022-24895                  │
│                         │                     │          │                   │ 4.1.0, 4.3.0, 5.4.20                                      │                                                             │
└─────────────────────────┴─────────────────────┴──────────┴───────────────────┴───────────────────────────────────────────────────────────┴─────────────────────────────────────────────────────────────┘