ruby-saml 1.12.3 → 1.13.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA256:
-  metadata.gz: e6df1fb5db61569b11ce73e3151ae3219c435be967a5f419b8e65750b49754d5
-  data.tar.gz: 21610b15b73a43d72364c9967bc4da29625275250656bcf253e12e391c1929af
+SHA1:
+  metadata.gz: ded4e8f9560644f26e90079ecf0021f81fb8fb90
+  data.tar.gz: 034e0d8ee8d11aa443435b20d071015dfbcf5161
 SHA512:
-  metadata.gz: 5e61a0bf5ac8028b356ab2edb614c710c3f590e0fef82812418d87e50ad81f360d56b9ff02b24c810323a2c39937318904292d4a23e4cd096c142f814537eb86
-  data.tar.gz: 102d27888bbc4edd3fd89fda071c16fca3bbd3cf2e9283c66c6fc499ef1e6d2cb6b05481d2798809f920a5d99d6722d9d97422d1fe61765337362280603b9fbe
+  metadata.gz: 957e2b7598309e9b770019902f28bdec07a28a19a77abfb7e72d503ab3c8b4c57138451d3bb0bced671aca4d454d6637821a3931e91e6f4d79ef4d5d1a91a25e
+  data.tar.gz: 74d06dcdc7ba3f3c0dc797ad3e329987f0bd32bfc5b0bdee62f9c081688dd97bb4892ef42de795c09c59b2c48487b673476a6dd12aedca0770b600c770e2c4b7

data/.github/workflows/test.yml

@@ -0,0 +1,25 @@
+name: ruby-saml CI
+
+on: [push, pull_request]
+
+jobs:
+  test:
+    name: Unit test
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ubuntu-latest, macos-latest]
+        ruby-version: [2.1.9, 2.2.10, 2.3.8, 2.4.6, 2.5.8, 2.6.6, 2.7.2, 3.0.1, jruby-9.1.17.0, jruby-9.2.17.0, truffleruby]
+    runs-on: ${{ matrix.os }}
+    steps:
+      - uses: actions/checkout@v2
+      - name: Set up Ruby ${{ matrix.ruby-version }}
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: ${{ matrix.ruby-version }}
+
+      - name: Install dependencies
+        run: bundle install
+
+      - name: Run tests
+        run: bundle exec rake

data/{changelog.md → CHANGELOG.md}

@@ -1,12 +1,22 @@
-# RubySaml Changelog
-
-### 1.12.3 (Sep 10, 2024)
-* Fix for critical vulnerability CVE-2024-45409: SAML authentication bypass via Incorrect XPath selector
-
-### 1.12.2 (Apr 08, 2022)
-* [575](https://github.com/onelogin/ruby-saml/pull/575) Fix SloLogoutresponse bug on LogoutRequest
-
-### 1.12.1 (Apr 05, 2022)
+# Ruby SAML Changelog
+
+### 1.13.0 (Sept 06, 2021)
+* [#611](https://github.com/onelogin/ruby-saml/pull/601) Replace MAX_BYTE_SIZE constant with setting: message_max_bytesize
+* [#605](https://github.com/onelogin/ruby-saml/pull/605) :allowed_clock_drift is now bidrectional
+* [#614](https://github.com/onelogin/ruby-saml/pull/614) Support :name_id_format option for IdpMetadataParser
+* [#611](https://github.com/onelogin/ruby-saml/pull/611) IdpMetadataParser should always set idp_cert_multi, even when there is only one cert
+* [#610](https://github.com/onelogin/ruby-saml/pull/610) New IDP sso/slo binding params which deprecate :embed_sign
+* [#602](https://github.com/onelogin/ruby-saml/pull/602) Refactor the OneLogin::RubySaml::Metadata class
+* [#586](https://github.com/onelogin/ruby-saml/pull/586) Support milliseconds in cacheDuration parsing
+* [#585](https://github.com/onelogin/ruby-saml/pull/585) Do not append " | " to StatusCode unnecessarily
+* [#607](https://github.com/onelogin/ruby-saml/pull/607) Clean up
+* Add warning about the use of IdpMetadataParser class and SSRF
+* CI: Migrate from Travis to Github Actions
+
+### 1.12.2 (Apr 08, 2021)
+* [#575](https://github.com/onelogin/ruby-saml/pull/575) Fix SloLogoutresponse bug on LogoutRequest
+
+### 1.12.1 (Apr 05, 2021)
 * Fix XPath typo incompatible with Rexml 3.2.5
 * Refactor GCM support