auth0 / node-samlp

SAML Protocol support for node (only IdP for now)
MIT License
136 stars 117 forks source link

chore!: Fix dependency security issues #114

Closed tomauth0 closed 3 years ago

tomauth0 commented 3 years ago

Description

BREAKING CHANGE: This removes support for node versions 4, 6 & 8 - newer versions of mocha use async/await, causing tests to fail in older versions.

References

Addressing Issues: https://github.com/auth0/node-samlp/issues/106 https://github.com/auth0/node-samlp/issues/107

Addressing issues resolved in other PRs: https://github.com/auth0/node-samlp/pull/109

Testing

No functional changes introduced

Checklist

ziluvatar commented 3 years ago

I can see major upgrades on xml-crypto (direct dependency + saml dependency) and xml-encryption (saml dependency).

Could you mention what were the breaking changes in those libs? Would they affect the consumers of this library in any way (just in case we need to modify README with migration steps or similar)