[
https://issues.apache.org/jira/browse/WSS-687?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17522463#comment-17522463
]
Rob Leland edited comment on WSS-687 at 4/14/22 5:48 PM:
---------------------------------------------------------
Just realized my suggestion does not address OpenSaml developers concern that
maven central could be poisoned.
In
[searching|https://issues.apache.org/jira/browse/MNG-2004?filter=-1&jql=project%20%3D%20Maven%20AND%20%20summary%20~%20repository%20%20%20AND%20(summary%20~%20artifact%20OR%20summary%20~%20%22group%22)%20order%20by%20updated%20DESC]
through mavens Jira I see that most organizations have a tightly controlled
repo and setup mirrors, I am going to keep searching.
was (Author: rleland):
Just realized my suggestion does not address OpenSaml developers concern that
maven central could be poisoned.
In searching through mavens Jira I see that most organizations have a tightly
controlled repo and setup mirrors, I am going to keep searching.
> Upgrade OpenSAML to v4.1.x
> --------------------------
>
> Key: WSS-687
> URL: https://issues.apache.org/jira/browse/WSS-687
> Project: WSS4J
> Issue Type: Task
> Components: WSS4J Core
> Affects Versions: 3.0.0
> Reporter: Misagh Moayyed
> Assignee: Colm O hEigeartaigh
> Priority: Major
>
> wss4j 2.5.0.SNAPSHOT currently uses OpenSAML v4.0.x. Current release of
> OpenSAML is 4.1.1 and wss4j should upgrade to this version. No breaking
> changes are expected.
> I can assist with a patch or pull request.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
