With flask-saml 0.2.0, I get the following depreciation warning:
/tmp/env/lib/python3.7/site-packages/flask_saml2/xml_parser.py:9
/tmp/env/lib/python3.7/site-packages/flask_saml2/xml_parser.py:9: DeprecationWarning: defusedxml.lxml is no longer supported and will be removed in a future release.
import defusedxml.lxml
DEPRECATED The module is deprecated and will be removed in a future release.
The module acts as an example how you could protect code that uses lxml.etree. It implements a custom Element class that filters out Entity instances, a custom parser factory and a thread local storage for parser instances. It also has a check_docinfo() function which inspects a tree for internal or external DTDs and entity declarations. In order to check for entities lxml > 3.0 is required.
With flask-saml 0.2.0, I get the following depreciation warning:
More information is provided at https://github.com/tiran/defusedxml#defusedxmllxml