as this string is substituted inside a character class on the regexp, and the - character is considered a range operator unless it appears in the first position in the class, causing preg_replace to throw an error and signature validation to fail:
preg_replace(): Compilation failed: invalid range in character class at offset 8
This has already been fixed in the file you link. As you can see the - has been properly escaped there. Were you perhaps using an old version of the library?
on file https://github.com/robrichards/xmlseclibs/blob/master/src/Utils/XPath.php
this constant
should be changed to this:
as this string is substituted inside a character class on the regexp, and the
-
character is considered a range operator unless it appears in the first position in the class, causing preg_replace to throw an error and signature validation to fail: