jrihtarsic commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1412070804
##
src/main/java/org/apache/xml/security/keys/KeyInfo.java:
##
@@ -361,6 +362,23 @@ public void add(DEREncodedKeyValue derEncodedKeyValue) {
jrihtarsic commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1412061158
##
src/main/java/org/apache/xml/security/keys/OriginatorKeyInfo.java:
##
@@ -0,0 +1,59 @@
+/**
+ * Licensed to the Apache Software Foundation
hboutemy opened a new pull request, #248:
URL: https://github.com/apache/santuario-xml-security-java/pull/248
after #77 , one issue remains in 4.0.0 and 4.0.1: working directory is
stored in generated source
seanjmullan commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1411253184
##
src/main/java/org/apache/xml/security/keys/content/AgreementMethodImpl.java:
##
@@ -0,0 +1,324 @@
+/**
+ * Licensed to the Apache Software
seanjmullan commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1411251273
##
src/main/java/org/apache/xml/security/keys/KeyInfo.java:
##
@@ -361,6 +362,23 @@ public void add(DEREncodedKeyValue derEncodedKeyValue) {
seanjmullan commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1411248446
##
src/main/java/org/apache/xml/security/keys/OriginatorKeyInfo.java:
##
@@ -0,0 +1,59 @@
+/**
+ * Licensed to the Apache Software Foundation
coheigea commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1410834465
##
src/main/java/org/apache/xml/security/encryption/AgreementMethod.java:
##
@@ -88,6 +91,22 @@ public interface AgreementMethod {
*/
seanjmullan commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1410830573
##
src/main/java/org/apache/xml/security/encryption/AgreementMethod.java:
##
@@ -88,6 +91,22 @@ public interface AgreementMethod {
*/
coheigea commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1410803624
##
src/main/java/org/apache/xml/security/encryption/AgreementMethod.java:
##
@@ -88,6 +91,22 @@ public interface AgreementMethod {
*/
seanjmullan commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1410793725
##
src/main/java/org/apache/xml/security/encryption/AgreementMethod.java:
##
@@ -88,6 +91,22 @@ public interface AgreementMethod {
*/
seanjmullan commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1410793725
##
src/main/java/org/apache/xml/security/encryption/AgreementMethod.java:
##
@@ -88,6 +91,22 @@ public interface AgreementMethod {
*/
coheigea commented on PR #240:
URL:
https://github.com/apache/santuario-xml-security-java/pull/240#issuecomment-1829502160
4.0.1 is in maven central now
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above
coheigea merged PR #247:
URL: https://github.com/apache/santuario-xml-security-java/pull/247
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail:
coheigea opened a new pull request, #247:
URL: https://github.com/apache/santuario-xml-security-java/pull/247
(no comment)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
coheigea merged PR #245:
URL: https://github.com/apache/santuario-xml-security-java/pull/245
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail:
coheigea commented on PR #240:
URL:
https://github.com/apache/santuario-xml-security-java/pull/240#issuecomment-1823879687
I'm calling a vote on 4.0.1 today with the fix
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and
coheigea commented on PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#issuecomment-1820411710
It's working now thanks @jrihtarsic
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL
jrihtarsic commented on PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#issuecomment-1819723155
Hi @coheigea
I tried with the latest Zulu JDK version 11.0.21 and Oracle OpenJDK 11.0.19
and I could not repeat the issue. (See the version details below). But I
dependabot[bot] closed pull request #246: Bump actions/dependency-review-action
from 3.1.0 to 3.1.3
URL: https://github.com/apache/santuario-xml-security-java/pull/246
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
dependabot[bot] commented on PR #246:
URL:
https://github.com/apache/santuario-xml-security-java/pull/246#issuecomment-1818955810
Looks like actions/dependency-review-action is no longer a dependency, so
this is no longer needed.
--
This is an automated message from the Apache Git
coheigea commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1398738315
##
src/main/java/org/apache/xml/security/keys/derivedKey/KeyDerivationMethodImpl.java:
##
@@ -0,0 +1,108 @@
+/**
+ * Licensed to the Apache
github-advanced-security[bot] commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1398732391
##
src/main/java/org/apache/xml/security/keys/derivedKey/KeyDerivationMethodImpl.java:
##
@@ -0,0 +1,108 @@
+/**
+ * Licensed
github-actions[bot] commented on PR #246:
URL:
https://github.com/apache/santuario-xml-security-java/pull/246#issuecomment-1818114772
Dependency Review
✅ No vulnerabilities or license issues found.Scanned Manifest Files
dependabot[bot] commented on PR #244:
URL:
https://github.com/apache/santuario-xml-security-java/pull/244#issuecomment-1818114197
Superseded by #246.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to
dependabot[bot] closed pull request #244: Bump actions/dependency-review-action
from 3.1.0 to 3.1.2
URL: https://github.com/apache/santuario-xml-security-java/pull/244
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
dependabot[bot] opened a new pull request, #246:
URL: https://github.com/apache/santuario-xml-security-java/pull/246
Bumps
[actions/dependency-review-action](https://github.com/actions/dependency-review-action)
from 3.1.0 to 3.1.3.
Release notes
Sourced from
narras-oss commented on PR #240:
URL:
https://github.com/apache/santuario-xml-security-java/pull/240#issuecomment-1816655403
This particular pull request (which is merged) is what I am referring to as
the fix, either 3.0.4 or 4.0.1 (next release) would work.
--
This is an automated
coheigea commented on PR #240:
URL:
https://github.com/apache/santuario-xml-security-java/pull/240#issuecomment-1815825408
@narras-oss What release do you specifically need a fix in?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to
narras-oss commented on PR #240:
URL:
https://github.com/apache/santuario-xml-security-java/pull/240#issuecomment-1815519461
@coheigea Is there an ETA for next release ? We are unable to upgrade to
latest version to get the CVE fix until this fix included (other than
copy-pasting this
jrihtarsic commented on PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#issuecomment-1814298829
Hi @coheigea
I would be grateful if you could take a look at it and provide me with your
feedback, particularly on the architecture of the implementation.
github-actions[bot] commented on PR #245:
URL:
https://github.com/apache/santuario-xml-security-java/pull/245#issuecomment-1813697229
Dependency Review
✅ No vulnerabilities or license issues found.Scanned Manifest Files
dependabot[bot] opened a new pull request, #245:
URL: https://github.com/apache/santuario-xml-security-java/pull/245
Bumps [org.bouncycastle:bcprov-jdk18on](https://github.com/bcgit/bc-java)
from 1.76 to 1.77.
Changelog
Sourced from
github-actions[bot] commented on PR #244:
URL:
https://github.com/apache/santuario-xml-security-java/pull/244#issuecomment-1807380159
Dependency Review
✅ No vulnerabilities or license issues found.Snapshot Warnings
⚠️: No snapshots were found for the head SHA
dependabot[bot] opened a new pull request, #244:
URL: https://github.com/apache/santuario-xml-security-java/pull/244
Bumps
[actions/dependency-review-action](https://github.com/actions/dependency-review-action)
from 3.1.0 to 3.1.2.
Release notes
Sourced from
phax commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1389324757
##
src/main/java/org/apache/xml/security/encryption/params/ConcatKeyDerivationParameter.java:
##
@@ -43,15 +43,15 @@ public class
jrihtarsic commented on PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#issuecomment-1805595216
@coheigea the PR is ready for review.
@phax thanks again for already provided comments and suggestions for
improvements.
--
This is an automated message
phax commented on PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#issuecomment-1805500267
I like it ;-) Thanks @jrihtarsic for all the changes
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub
coheigea commented on PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#issuecomment-1805419921
Let me know please when this is ready for review
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and
jrihtarsic commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1385009645
##
src/test/java/org/apache/xml/security/testutils/JDKTestUtils.java:
##
@@ -0,0 +1,149 @@
+/**
+ * Licensed to the Apache Software Foundation
jrihtarsic commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1384980326
##
src/main/java/org/apache/xml/security/utils/KeyUtils.java:
##
@@ -0,0 +1,280 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF)
phax commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1384779511
##
src/main/java/org/apache/xml/security/utils/DERDecoderUtils.java:
##
@@ -0,0 +1,250 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF)
jrihtarsic commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1384940531
##
src/main/java/org/apache/xml/security/encryption/params/ConcatKeyDerivationParameter.java:
##
@@ -0,0 +1,105 @@
+/**
+ * Licensed to the
phax commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1384927066
##
src/main/java/org/apache/xml/security/encryption/XMLCipherUtil.java:
##
@@ -81,4 +94,212 @@ private static AlgorithmParameterSpec
phax commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1384926609
##
src/main/java/org/apache/xml/security/encryption/XMLCipherUtil.java:
##
@@ -81,4 +94,212 @@ private static AlgorithmParameterSpec
jrihtarsic commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1384920517
##
src/main/java/org/apache/xml/security/encryption/XMLCipherUtil.java:
##
@@ -81,4 +94,212 @@ private static AlgorithmParameterSpec
jrihtarsic commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1384919644
##
src/main/java/org/apache/xml/security/encryption/XMLCipherUtil.java:
##
@@ -81,4 +94,212 @@ private static AlgorithmParameterSpec
jrihtarsic commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1384909608
##
src/main/java/org/apache/xml/security/encryption/XMLCipherUtil.java:
##
@@ -81,4 +94,212 @@ private static AlgorithmParameterSpec
phax commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1384765287
##
src/main/java/org/apache/xml/security/encryption/XMLCipherUtil.java:
##
@@ -81,4 +94,212 @@ private static AlgorithmParameterSpec
phax commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1384763142
##
src/test/java/org/apache/xml/security/testutils/KeyTestUtils.java:
##
@@ -101,6 +104,15 @@ public static KeyPair generateKeyPair(KeyUtils.KeyType
jrihtarsic commented on PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#issuecomment-1798304706
@phax many thanks for all of the the comments. Let me know if you spot
anything else.
--
This is an automated message from the Apache Git Service.
To respond to
jrihtarsic commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1384737390
##
src/test/java/org/apache/xml/security/utils/KeyUtilsTest.java:
##
@@ -0,0 +1,93 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF)
jrihtarsic commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1384439467
##
src/main/java/org/apache/xml/security/utils/XMLUtils.java:
##
@@ -706,6 +706,27 @@ public static Element selectXencNode(Node sibling, String
jrihtarsic commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1384418125
##
src/main/java/org/apache/xml/security/keys/derivedKey/ConcatKDF.java:
##
@@ -0,0 +1,240 @@
+/**
+ * Licensed to the Apache Software Foundation
jrihtarsic commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1384395937
##
src/main/java/org/apache/xml/security/keys/content/DEREncodedKeyValue.java:
##
@@ -37,7 +37,9 @@
public class DEREncodedKeyValue extends
phax commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1383703120
##
src/test/java/org/apache/xml/security/utils/KeyUtilsTest.java:
##
@@ -0,0 +1,93 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under
phax commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1383701345
##
src/test/java/org/apache/xml/security/testutils/KeyTestUtils.java:
##
@@ -0,0 +1,125 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF)
phax commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1383700636
##
src/test/java/org/apache/xml/security/testutils/KeyTestUtils.java:
##
@@ -0,0 +1,125 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF)
phax commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1383699188
##
src/main/java/org/apache/xml/security/utils/XMLUtils.java:
##
@@ -706,6 +706,27 @@ public static Element selectXencNode(Node sibling, String
phax commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1383691978
##
src/main/java/org/apache/xml/security/utils/KeyUtils.java:
##
@@ -0,0 +1,284 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
phax commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1383685527
##
src/main/java/org/apache/xml/security/keys/derivedKey/DerivationAlgorithm.java:
##
@@ -0,0 +1,57 @@
+/**
+ * Licensed to the Apache Software
phax commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1383684343
##
src/main/java/org/apache/xml/security/keys/derivedKey/ConcatKDF.java:
##
@@ -0,0 +1,240 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF)
phax commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1383682400
##
src/main/java/org/apache/xml/security/keys/derivedKey/ConcatKDF.java:
##
@@ -0,0 +1,240 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF)
phax commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1383675427
##
src/main/java/org/apache/xml/security/keys/derivedKey/ConcatKDF.java:
##
@@ -0,0 +1,240 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF)
phax commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1383661569
##
src/main/java/org/apache/xml/security/keys/content/DEREncodedKeyValue.java:
##
@@ -37,7 +37,9 @@
public class DEREncodedKeyValue extends
phax commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1383659525
##
src/main/java/org/apache/xml/security/keys/content/AgreementMethodImpl.java:
##
@@ -0,0 +1,324 @@
+/**
+ * Licensed to the Apache Software
phax commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1383656964
##
src/main/java/org/apache/xml/security/keys/KeyInfo.java:
##
@@ -361,6 +366,16 @@ public void add(DEREncodedKeyValue derEncodedKeyValue) {
phax commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1383655155
##
src/main/java/org/apache/xml/security/encryption/params/KeyDerivationParameter.java:
##
@@ -0,0 +1,42 @@
+/**
+ * Licensed to the Apache Software
phax commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1383653848
##
src/main/java/org/apache/xml/security/encryption/params/ConcatKeyDerivationParameter.java:
##
@@ -0,0 +1,105 @@
+/**
+ * Licensed to the Apache
jrihtarsic commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1383295017
##
src/main/java/org/apache/xml/security/utils/KeyUtils.java:
##
@@ -0,0 +1,280 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF)
coheigea merged PR #243:
URL: https://github.com/apache/santuario-xml-security-java/pull/243
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail:
github-actions[bot] commented on PR #243:
URL:
https://github.com/apache/santuario-xml-security-java/pull/243#issuecomment-1793986498
Dependency Review
✅ No vulnerabilities or license issues found.Scanned Manifest Files
dependabot[bot] opened a new pull request, #243:
URL: https://github.com/apache/santuario-xml-security-java/pull/243
Bumps `junit.version` from 5.10.0 to 5.10.1.
Updates `org.junit.jupiter:junit-jupiter-engine` from 5.10.0 to 5.10.1
Release notes
Sourced from
coheigea commented on PR #240:
URL:
https://github.com/apache/santuario-xml-security-java/pull/240#issuecomment-1792583378
Backmerging to 3.0.x as well.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above
coheigea merged PR #240:
URL: https://github.com/apache/santuario-xml-security-java/pull/240
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail:
coheigea closed pull request #235: Downgrading some dependencies with known
vulns to see if caught by de…
URL: https://github.com/apache/santuario-xml-security-java/pull/235
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and
coheigea closed pull request #236: Downgrading Jetty for test
URL: https://github.com/apache/santuario-xml-security-java/pull/236
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific
coheigea merged PR #242:
URL: https://github.com/apache/santuario-xml-security-java/pull/242
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail:
github-actions[bot] commented on PR #242:
URL:
https://github.com/apache/santuario-xml-security-java/pull/242#issuecomment-1791890795
Dependency Review
✅ No vulnerabilities or license issues found.Scanned Manifest Files
--
This is an automated message from the Apache Git
coheigea opened a new pull request, #242:
URL: https://github.com/apache/santuario-xml-security-java/pull/242
(no comment)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
narras-oss commented on code in PR #240:
URL:
https://github.com/apache/santuario-xml-security-java/pull/240#discussion_r1380827955
##
src/main/java/org/apache/xml/security/algorithms/implementations/SignatureBaseRSA.java:
##
@@ -62,7 +62,7 @@ public SignatureBaseRSA(Provider
seanjmullan commented on code in PR #240:
URL:
https://github.com/apache/santuario-xml-security-java/pull/240#discussion_r1380629008
##
src/main/java/org/apache/xml/security/algorithms/implementations/SignatureBaseRSA.java:
##
@@ -62,7 +62,7 @@ public SignatureBaseRSA(Provider
narras-oss commented on PR #240:
URL:
https://github.com/apache/santuario-xml-security-java/pull/240#issuecomment-1791243958
@coheigea and @seanjmullan We are unable to upgrade to 3.0.3 or 4.0.0 to get
the fix for CVE-2023-44483 because of this issue. Appreciate your attention to
this
seanjmullan commented on PR #240:
URL:
https://github.com/apache/santuario-xml-security-java/pull/240#issuecomment-1791262307
Sorry for the delay. I will take a look now.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and
coheigea merged PR #241:
URL: https://github.com/apache/santuario-xml-security-java/pull/241
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail:
github-actions[bot] commented on PR #241:
URL:
https://github.com/apache/santuario-xml-security-java/pull/241#issuecomment-1790872602
Dependency Review
✅ No vulnerabilities or license issues found.Scanned Manifest Files
--
This is an automated message from the Apache Git
coheigea opened a new pull request, #241:
URL: https://github.com/apache/santuario-xml-security-java/pull/241
(no comment)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
coheigea commented on PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#issuecomment-1788667659
@jrihtarsic Please see the codeql comments
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use
github-advanced-security[bot] commented on code in PR #234:
URL:
https://github.com/apache/santuario-xml-security-java/pull/234#discussion_r1378570296
##
src/main/java/org/apache/xml/security/keys/derivedKey/ConcatKDF.java:
##
@@ -0,0 +1,232 @@
+/**
+ * Licensed to the Apache
coheigea merged PR #233:
URL: https://github.com/apache/santuario-xml-security-java/pull/233
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail:
coheigea merged PR #232:
URL: https://github.com/apache/santuario-xml-security-java/pull/232
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail:
coheigea merged PR #239:
URL: https://github.com/apache/santuario-xml-security-java/pull/239
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail:
coheigea merged PR #238:
URL: https://github.com/apache/santuario-xml-security-java/pull/238
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail:
narras-oss opened a new pull request, #240:
URL: https://github.com/apache/santuario-xml-security-java/pull/240
The debug log message makes a call to Signature.getProvider() too early.
This causes Signature.chooseFirstProvider() to be called which matched the
first provider always
github-actions[bot] commented on PR #239:
URL:
https://github.com/apache/santuario-xml-security-java/pull/239#issuecomment-1784373172
Dependency Review
✅ No vulnerabilities or license issues found.Scanned Manifest Files
dependabot[bot] opened a new pull request, #239:
URL: https://github.com/apache/santuario-xml-security-java/pull/239
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from
2.3.0 to 2.3.1.
Release notes
Sourced from
github-actions[bot] commented on PR #238:
URL:
https://github.com/apache/santuario-xml-security-java/pull/238#issuecomment-1784368607
Dependency Review
✅ No vulnerabilities or license issues found.Scanned Manifest Files
dependabot[bot] opened a new pull request, #238:
URL: https://github.com/apache/santuario-xml-security-java/pull/238
Bumps
[org.cyclonedx:cyclonedx-maven-plugin](https://github.com/CycloneDX/cyclonedx-maven-plugin)
from 2.7.9 to 2.7.10.
Release notes
Sourced from
coheigea merged PR #237:
URL: https://github.com/apache/santuario-xml-security-java/pull/237
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail:
github-actions[bot] commented on PR #237:
URL:
https://github.com/apache/santuario-xml-security-java/pull/237#issuecomment-1778505633
Dependency Review
✅ No vulnerabilities or license issues found.Scanned Manifest Files
--
This is an automated message from the Apache Git
coheigea opened a new pull request, #237:
URL: https://github.com/apache/santuario-xml-security-java/pull/237
(no comment)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
301 - 400 of 754 matches
Mail list logo
