Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update python3-saml requirement from <1.16,>=1.15 to >=1.15,<1.17 #797

Merged
merged 1 commit into from
Feb 26, 2024
Merged

Update python3-saml requirement from <1.16,>=1.15 to >=1.15,<1.17 #797

merged 1 commit into from
Feb 26, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 19, 2024

Updates the requirements on python3-saml to permit the latest version.

Release notes

Sourced from python3-saml's releases.

SAML Python3 Toolkit v1.16.0

  • #364 Improve get_metadata method from Parser, allowing to set headers
  • Fix WantAuthnRequestsSigned parser
  • Fix expired payloads used on tests
  • Updated content from docs folder
Changelog

Sourced from python3-saml's changelog.

1.16.0 (Oct 9, 2023)

  • #364 Improve get_metadata method from Parser, allowing to set headers
  • Fix WantAuthnRequestsSigned parser
  • Fix expired payloads used on tests
  • Updated content from docs folder

1.15.0 (Dec 27, 2022)

  • #317 Handle unicode characters gracefully in python 2
  • #338 Fix WantAuthnRequestsSigned parser
  • #339 Add Poetry support
  • Remove version restriction on lxml dependency
  • Updated Django demo to 4.X (only py3 compatible)
  • Updated Travis file. Forced lxml to be installed using no-validate_binary
  • Removed references to OneLogin from documentation

1.14.0 (Feb 18, 2022)

  • #297 Don't require yanked version of lxml.
  • #298 Add support for python 3.10 and cleanup the GHA.
  • #299 Remove stats from coveralls removed as they are no longer maintained.

1.13.0 (Jan 28, 2022)

  • #296 Add rejectDeprecatedAlgorithm settings in order to be able reject messages signed with deprecated algorithms.
  • Set sha256 and rsa-sha256 as default algorithms
  • #288 Support building a LogoutResponse with non-success status
  • Added warning about Open Redirect and Reply attacks
  • [##274](onelogin/python3-saml#274) Replace double-underscored names with single underscores
  • Add at OneLogin_Saml2_Auth get_last_assertion_issue_instant() and get_last_response_in_response_to() methods
  • Upgrade dependencies

1.12.0 (Aug 13, 2021)

  • #276 Deprecate server_port from request data dictionary

1.11.0 (Jul 23, 2021)

  • #261 Allow duplicate named attributes, controlled by a new setting
  • #268 Make the redirect scheme matcher case-insensitive
  • #256 Improve signature validation process. Add an option to use query string for validation
  • #259 Add get metadata timeout
  • #246 Add the ability to change the ProtocolBinding in the authn request.
  • #248 Move storing the response data into its own method in the Auth class
  • Remove the dependency on defusedxml
  • #241 Improve AttributeConsumingService support
  • Update expired dates from test responses
  • Migrate from Travis to Github Actions

1.10.1 (Jan 27, 2021)

  • Fix bug on LogoutRequest class, get_idp_slo_response_url was used instead get_idp_slo_url

1.10.0 (Jan 14, 2021)

  • Added custom lxml parser based on the one defined at xmldefused. Parser will ignore comments and processing instructions and by default have deactivated huge_tree, DTD and access to external documents
  • Destination URL Comparison is now case-insensitive for netloc

... (truncated)

Commits
  • 6988bda Release 1.16
  • 50a4d40 Fix CI Lint (#380)
  • 28b753e Add test for encrypted attributes
  • 59db3ca Add py3.11 and py3.12 to CI
  • 9e16580 Bump django from 4.1.7 to 4.1.10 in /demo-django (#378)
  • b52ffd7 Bump tornado from 6.0.3 to 6.3.3 in /demo-tornado (#377)
  • 34d07c8 Bump django from 4.0.8 to 4.1.7 in /demo-django (#348)
  • 6e67a9c Remove print from test
  • feb0d1d Fix more payloads
  • ea3a6d4 Set NotOnOrAfter to year 2993 so payloads not expire and tests keep working
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Update python3-saml requirement from <1.16,>=1.15 to >=1.15,<1.17
5f609ff 
Updates the requirements on [python3-saml](https://github.com/SAML-Toolkits/python3-saml) to permit the latest version.
- [Release notes](https://github.com/SAML-Toolkits/python3-saml/releases)
- [Changelog](https://github.com/SAML-Toolkits/python3-saml/blob/master/changelog.md)
- [Commits](SAML-Toolkits/python3-saml@v1.15.0...v1.16.0)

---
updated-dependencies:
- dependency-name: python3-saml
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Feb 19, 2024
@petrjasek petrjasek merged commit 3279d17 into develop Feb 26, 2024
15 checks passed
@petrjasek petrjasek deleted the dependabot/pip/python3-saml-gte-1.15-and-lt-1.17 branch February 26, 2024 10:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@petrjasek petrjasek petrjasek approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@petrjasek