danmarsden
commented
1 year ago Hey Eric - this relates to the older version of the simplesaml external library we currently have in the plugin - we do need to update the plugin to use a newer simplesaml lib - if you want to help with this see the file here on the process:
https://github.com/catalyst/moodle-auth_saml2/blob/MOODLE_39_STABLE/.extlib/UPGRADE.md
Hi all, foolish question, upoloaded a new repo in github and th4e dependabot indicated a number of issues in .extlib.
Prototype pollution in webpack loader-utils Critical Development
5 opened 5 days ago • Detected in loader-utils (npm) • auth/saml2/.extlib/simplesamlphp/package-lock.json
There are a few more. I am wondering if I should not be including these files or if they are in fact issues that need to be corrected.
they all seem to be in package-lock.json.