-
Notifications
You must be signed in to change notification settings - Fork 165
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Upgrade xml-crypto #216
Comments
#215 should resolve this. |
We have seen the same issue, the new version Looking forward for an update where saml2-js will use new version of |
same issue for me, I can't manage to force xml-crypto 2.0.0 |
Same issue for me. Please resolve ASAP. |
I would recommend that you take a look at the issue i documented here to see if this upgrade resolve the issue I also discovered when upgrading the library |
https://www.npmjs.com/advisories/1583 it is a high vulnerability in the |
@mcab any update? |
Same issue for me. Is there any update on this? |
I have the same issue. |
Likewise, when will this be addressed. XML-Crypto v 2.0.0 has been out now for 4 months. How hard can it be to update the package.json file and test the functionality all still works wherever xml-crypto is loaded? |
xml-crypto needs to be upgraded as there is a security vulnerability that is addressed in version 2.x https://snyk.io/vuln/SNYK-JS-XMLCRYPTO-1023301.
saml2 is using version
^0.10.0
The text was updated successfully, but these errors were encountered: