Update opensaml related dependencies #44947
Assignees
Labels
:Delivery/Build
Build or test infrastructure
:Security/Security
Security issues without another label
Team:Delivery
Meta label for Delivery team
Comments
jkakavas
added
:Delivery/Build
|
Pinging @elastic/es-core-infra |
|
Pinging @elastic/es-security |
jkakavas
added a commit
to jkakavas/elasticsearch
that referenced
this issue
Jul 29, 2019
Add the maven repository of the shibboleth project in a couple of places ( x-pack:plugin and x-pack:qa subprojects ) so that we can upgrade opensaml and related dependencies to the latest version Relates: elastic#44947
|
We will still want to add the additional maven repo to our build since our artifactory is not public. |
Already did in #44972 |
jkakavas
added a commit
that referenced
this issue
Nov 23, 2019
Add a mirror of the maven repository of the shibboleth project and upgrade opensaml and related dependencies to the latest version available version Resolves: #44947
jkakavas
added a commit
to jkakavas/elasticsearch
that referenced
this issue
Nov 23, 2019
Add a mirror of the maven repository of the shibboleth project and upgrade opensaml and related dependencies to the latest version available version Resolves: elastic#44947
jkakavas
added a commit
that referenced
this issue
Nov 28, 2019
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The shibboleth project doesn't push their artifacts to maven central on purpose and that means that the packages that are hosted there (or on jcenter) are a little stale (3.3.0 vs 3.4.3 as of writing this ) and managed by 3rd parties. The shibboleth project offers their own maven repo but offers no guarantees wrt to performance and availability.
Now that we have an artifactory instance, we could cache the artifacts there so that we can upgrade to the latest version available.
The text was updated successfully, but these errors were encountered: