devise_saml_authenticatable icon indicating copy to clipboard operation
devise_saml_authenticatable copied to clipboard

Published 20 hours ago verified publisher icon apokalipto

Fix garbage component issue of ruby-saml and rexml

Open klouvas opened this issue 4 years ago • 3 comments

Issue: https://github.com/apokalipto/devise_saml_authenticatable/issues/201

klouvas avatar Sep 06 '21 09:09 klouvas

Hi @klouvas, thanks for the contribution! I don't think this requires a fix on our end—applications can update their version of ruby-saml without needing to update this gem.

adamstegman avatar Sep 06 '21 15:09 adamstegman

@adamstegman It could be resolved by manually bumping the ruby-saml or updating the rexml gem. Wouldn't it be better to upgrade the ruby-xml of the devise_saml_authenticatable to latest stable to resolve all related issue and keep the gem dependencies up to date?

klouvas avatar Sep 07 '21 12:09 klouvas

If there's a security issue, definitely! But for anything else, it's not our responsibility, and in fact we'd be breaking compatibility with applications using older versions of ruby-saml.

adamstegman avatar Sep 07 '21 15:09 adamstegman