I have been meaning to post this early but there is a problem now with the secure patch for OpenCart that means my release no longer works. As of 1.4.1, the developer made a change to how all the links are made, well rather than running the links through a function which can re-write the URL (which my patch added a random token too). The change he made was to make every URL static therefore I am no longer able to add the token to every URL automatically, but to add the token manually to every link which I am deciding against doing from a pure maintenance level (and a nightmare to upgrade).
The only reason why I could see the developer to make this change is to kill the development of my patch. I now have a few options and would love to hear any feedback on which path to take.
1. Revert back to 1.4.0 and no longer do anymore upgrades.
2. Delete the project so it no longer exists.
3. For someone else to takeover who has the time to do any maintenance required (which I don’t have).
Personally I think the developer of OpenCart has lost the plot and I believe people should look at other options that have a more dynamic development process, and a team who knows what they are doing.
Update: I have since deleted the repo’s on GitHub as the code no longer works and I am unable to fix all the security issues.