redmine_omniauth_saml icon indicating copy to clipboard operation
redmine_omniauth_saml copied to clipboard

Published 20 hours ago verified publisher icon chrodriguez

Use latest ruby-saml gem?

Open varenius opened this issue 4 years ago • 1 comments

I don't know much about ruby, or gems (yet), but when reading a bit it struck me that the gemfile for this module currently specifies gem 'ruby-saml', '~> 0.9.2' while there seems to have been a lot of important updates since this version (according to https://github.com/onelogin/ruby-saml#clock-drift which is now listing 1.11 as the latest version since more than 6 months.

For security reasons, I guess it would be worth updating the module to work with the most recent ruby-saml version?

Kind regards Eskil

varenius avatar Apr 22 '20 08:04 varenius

FYI: this works for me and fix some missing KeyDescriptor in metadata

gem 'ruby-saml', '>= 0.9.2'
gem 'omniauth', '>= 1.2.2'
gem 'omniauth-saml'

aligot-cblue avatar Dec 29 '20 12:12 aligot-cblue