This project is currently not under active development

[bzvestey]

Hello everyone, we here at OneLogin wanted to let you know that this project is currently not under active development. We apologize for recent silence and continued wait, but we intend to resume maintenance in the future.

Note that I am unable to make any more changes to this repository, and I don't have someone I can forward you to at this time.

[kynx]

😢

Glad to hear you are intending to resume in future. This is a high quality library and would be very hard to replace. If there's anything us in the community can do to help in the meantime, reach out.

[bzvestey]

More conversation can be found on the java-saml project's issue here https://github.com/onelogin/java-saml/issues/388

[jessicaplant]

Hi - given this library is the de facto library for implementing SAML2 in PHP (top hit on Google, most others extend this, etc.) will there be more information forthcoming such as timelines? Is this library truly on hiatus or will it be axed in the future?

We're in the middle of a rebuild of our authentication system and this library being deprecated has thrown a huge spanner into our plans with mere months to the deadline. We're now stuck trying to decide whether to pivot and go for something entirely new or persevere/hope this library continues some time soon.

I'm aware of the handover of the libraries to someone who appears to be an independent developer (assuming I have that right?) and I'm aware of their history with OneLogin, but we're a little cautious about proceeding with that route. We've made our goal for security to be to use as much battle-tested, well maintained third party stuff as possible (never roll your own auth) and this could violate that principle for us.

To be clear, I understand OneLogin have no obligations to the open source community with these but it has left us, and I'm sure others, in a bit of a jam.

I appreciate your time with this, and thank you.

[mrmoss]

@jessicaplant - Working with the parent company of OneLogin to get this put under @pitbulk (the original creator/maintainer). As soon as there is a change, there will be an update on the repo. Sorry I can't give you more than that 😞

[eriktalvi]

Development Update. OneLogin is releasing these projects to a new organization with @pitbulk. This migration is actively happening and the priority is to make the transition as seamless as possible for end users of these repo/packages.

We expect that there are several questions that you all have and we are working with @pitbulk to answer those in our next update. Below are some answers we have for you now.

What is being changed? The repos/packages will no longer be officially supported and hosted by OneLogin. This means that they will not be in the OneLogin Github org but in a new org, SAML Tools. References to the repos being provided and supported by OneLogin Inc will be removed.

Which projects are being moved? All SAML repos will be moved. This includes: java-saml, python3-saml, wordpress-saml, moodle-saml, joomla-saml, drupal-saml, and dotnet-saml

When will this transfer happen? We expect this to be completed by the end of the year, Dec 31 2022.

Why is this transfer happening? OneLogin is releasing control of these open source repos so that these repos can maintained by community instead.

When will the next update be? To keep you all informed of status, we will give monthly updates of how the transfer is proceeding.

[eriktalvi]

Development Update. Although it may not seem like it, the last month had a lot of progress and the primary SAML Toolkit repos and packages have been transferred from OneLogin to this new SAML Toolkit Org.

@pitbulk now has all the access needed to maintain these toolkits and will be providing his own update.

There has been a lot of pent up demand for support on these repos and now that this transfer is finished you should expect to see a lot more progress on that!

There are still four repos (wordpress-saml, moodle-saml, joomla-saml, drupal-saml) left to transfer and these will be finished in the upcoming weeks.

Cheers!

[pitbulk]

I'm maintaining the PHP toolkit now, so removing this warning.