-
Notifications
You must be signed in to change notification settings - Fork 65
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update dependencies due to CVEs #272
Conversation
Can you rebase? The failure in I don't get the other failures in master. I'm running on macOS. Can you share the errors, please? |
Unfortunately I merge the branch instead of rebasing first. I can open a new PR if you wish. For the test errors: I am using windows, but I could try Linux as well. testSignWithManifest
testVerifyWithManifest
testSignatureAlgorithms`xades4j.production.PropertyDataGeneratorNotAvailableException: Property data generation failed for SignatureTimeStamp: data object generator cannot be created
|
I've been running tests from the CLI using I couldn't find release notes for Santuario 3.0, which would be good to double-check. But I think we can go forward with this. I'll fix the failing tests later. Thanks! |
Thanks, a lot! |
is there a schedule when a new release can be expected? |
Not really. But since nothing else came up, I'll release a revision version with these upgrades. I'll do it early next week. |
The new version is released. May take a while to show up on central. |
Thank you very much. I am releasing my lib now as well. ;-) |
Some of the used dependencies are getting a bit old and security issues are found.
When I try to run the tests from master I am getting 4 fails:
xades4j.production.OtherSignerTests#testSignatureAlgorithms
xades4j.production.OtherSignerTests#testSignWithManifest
xades4j.verification.OtherVerifierTests#testVerifyWithManifest
xades4j.verification.XadesVerifierImplTest#testVerifyBESExtrnlResEnrichC
After the dependency upgrade the exact same tests fail. So I am pretty sure the upgrade would work.