We are using go-ldap for parsing Distinguished Names (DN) of a trust policy's trustedIdentities field. Although we are using a single function from this library, this dependency is bringing bunch of additional dependencies unrelated to what notation does. We can remove the dependency and just copy the code that we need. But, we need to figure out a way to give attribution to go-ldap. Also, if we remove the dependency, we need to have a mechanism to pull the relevant updates, security patches periodically. This issue is to track how we are going to proceed with this dependency as we approach RC1 launch.
We are using go-ldap for parsing Distinguished Names (DN) of a trust policy's
trustedIdentities
field. Although we are using a single function from this library, this dependency is bringing bunch of additional dependencies unrelated to what notation does. We can remove the dependency and just copy the code that we need. But, we need to figure out a way to give attribution togo-ldap
. Also, if we remove the dependency, we need to have a mechanism to pull the relevant updates, security patches periodically. This issue is to track how we are going to proceed with this dependency as we approach RC1 launch.