Open RyanL1997 opened 1 year ago
These are dev dependencies used for the SAML integration tests.
The problem is that 5.x of node-samlp
requires node >= 12: https://www.npmjs.com/package/samlp
and saml-idp
has not had a new version in 3 years: https://www.npmjs.com/package/saml-idp
The SAML integration tests have been causing many issues. I would like to see if there is a different IdP server that can be used.
[Triage] One of the SAML packages has not been updated for years. @RyanL1997 would you be willing to look into alternative solutions? This can then lead to a swap of libraries once we have further test coverage. Thank you.
Status update:
ejs: 2.5.5
xmldom: 0.7.9 from xml-crypto 2.0.0
and xml-crypto 2.1.3
, 0.7.0 from xml-encryption
1.2.1, 0.3.0 from saml-idp
1.2.1, 0.7.4 from saml
1.0.0. Directly used as version 0.3.0, 0.7.0, 0.7.4, and 0.7.9
forge: 0.10.0 directly and 1.3.1 directly. 1 from self-signed
2.0.1, 0.10.1 from xml-encryption
moment: 2.19.3 from saml
1.0 and directly.
async: 0.2.9 from saml
1.0.0
hbs: On latest version already
semver: Comes as version 5.3.0 from eslint-import-resolver-webpack@0.11.1
and version 5.6.0 from make-dir@2.0.0
This is the saml library that has all of the dependencies: https://github.com/cultureamp/local-saml-idp/tree/main.
Still cannot update it since we are on the newest version from 2021.
Description
Let us use this issue as a placeholder to capture some of the transient dependencies in 1.3 branch.
Here are the transient dependencies in 1.3/1.x branches that cannot be update.
The following saml-related dependencies cannot be updated:
Here are some other transient dependencies
What is your host/environment? security-dashboards-plugin 1.3 Branch
Reference
[1] : https://github.com/opensearch-project/security-dashboards-plugin/blob/1.3/yarn.lock#L2778 [2] : https://github.com/opensearch-project/security-dashboards-plugin/blob/1.3/yarn.lock#L2753 [3] : https://github.com/opensearch-project/security-dashboards-plugin/blob/1.3/yarn.lock#L3414 [4] : https://github.com/opensearch-project/security-dashboards-plugin/blob/1.3/yarn.lock#L2766 [5] : https://github.com/opensearch-project/security-dashboards-plugin/blob/1.3/yarn.lock#L2763 [6] : https://github.com/opensearch-project/security-dashboards-plugin/blob/1.3/yarn.lock#L2762 [7] : https://github.com/opensearch-project/security-dashboards-plugin/blob/1.3/yarn.lock#L2731 [8] : https://github.com/opensearch-project/security-dashboards-plugin/blob/1.3/yarn.lock#L2727 [9] : https://github.com/opensearch-project/security-dashboards-plugin/blob/1.3/yarn.lock#L1160 [10] : https://github.com/opensearch-project/security-dashboards-plugin/blob/1.3/yarn.lock#L1950