After a long hiatus of security fixes only the development of Etherpad has recently taken up speed again. But it seems to be nearly fully vibe coded with the help of Anthropic Claude and the amount of new features added makes it very unlikely that there is sufficient human code review.
I bring this up because as you probably know we host an instance of it over at https://pads.slrpnk.net/
Aside from the general issues with AI assisted code development and corporate capture through closed AI models like Claude, I consider it also a security risk as the NodeJS ecosystem (Etherpad is using that) is especially vulnerable to supply-chain attacks and AI halluciations make this issue significantly worse.
So basically this means we will probably have to shut down this service soon (stopping to update it is not a good option due to the many security issues found in NodeJS packages all the time), and look for an alternative.
If you have any important collaborative documents on our Etherpad instance, it would be good to export them in the near future. Best would be probably to export it as Markdown, as most alternatives seem to use that syntax.
As for alternatives, suggestions are welcome, but I did look into other options before (Hedgedoc, Cryptpad etc.) and was not so convinced by them either.
HedgeDoc seems like more of a replacement for Etherpad, with Cryptpad being “overkill” in terms of features, but I’d also be interested to know if there are other options available…
The problem with HedgeDoc seems mostly that the current 1.x version is basically abandoned, and the 2.x rewrite is stuck in development hell. Other than that, yes it would be a suitable replacement.
I’m not familiar with the development situation there, but that’s unfortunate. Maybe some of our talented solarpunks could lend their programming skills to making HedgeDoc 2.x a reality?