Skip to content

build(deps): update python3-saml requirement from <1.17,>=1.15 to >=1.16.0,<1.17#1483

Open
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/pip/python3-saml-gte-1.16.0-and-lt-1.17
Open

build(deps): update python3-saml requirement from <1.17,>=1.15 to >=1.16.0,<1.17#1483
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/pip/python3-saml-gte-1.16.0-and-lt-1.17

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 27, 2026
edited
Loading

Updates the requirements on python3-saml to permit the latest version.

Release notes

Sourced from python3-saml's releases.

SAML Python3 Toolkit v1.16.0

  • #364 Improve get_metadata method from Parser, allowing to set headers
  • Fix WantAuthnRequestsSigned parser
  • Fix expired payloads used on tests
  • Updated content from docs folder
Changelog

Sourced from python3-saml's changelog.

1.16.0 (Oct 9, 2023)

  • #364 Improve get_metadata method from Parser, allowing to set headers
  • Fix WantAuthnRequestsSigned parser
  • Fix expired payloads used on tests
  • Updated content from docs folder

1.15.0 (Dec 27, 2022)

  • #317 Handle unicode characters gracefully in python 2
  • #338 Fix WantAuthnRequestsSigned parser
  • #339 Add Poetry support
  • Remove version restriction on lxml dependency
  • Updated Django demo to 4.X (only py3 compatible)
  • Updated Travis file. Forced lxml to be installed using no-validate_binary
  • Removed references to OneLogin from documentation

1.14.0 (Feb 18, 2022)

  • #297 Don't require yanked version of lxml.
  • #298 Add support for python 3.10 and cleanup the GHA.
  • #299 Remove stats from coveralls removed as they are no longer maintained.

1.13.0 (Jan 28, 2022)

  • #296 Add rejectDeprecatedAlgorithm settings in order to be able reject messages signed with deprecated algorithms.
  • Set sha256 and rsa-sha256 as default algorithms
  • #288 Support building a LogoutResponse with non-success status
  • Added warning about Open Redirect and Reply attacks
  • [##274](onelogin/python3-saml#274) Replace double-underscored names with single underscores
  • Add at OneLogin_Saml2_Auth get_last_assertion_issue_instant() and get_last_response_in_response_to() methods
  • Upgrade dependencies

1.12.0 (Aug 13, 2021)

  • #276 Deprecate server_port from request data dictionary

1.11.0 (Jul 23, 2021)

  • #261 Allow duplicate named attributes, controlled by a new setting
  • #268 Make the redirect scheme matcher case-insensitive
  • #256 Improve signature validation process. Add an option to use query string for validation
  • #259 Add get metadata timeout
  • #246 Add the ability to change the ProtocolBinding in the authn request.
  • #248 Move storing the response data into its own method in the Auth class
  • Remove the dependency on defusedxml
  • #241 Improve AttributeConsumingService support
  • Update expired dates from test responses
  • Migrate from Travis to Github Actions

1.10.1 (Jan 27, 2021)

  • Fix bug on LogoutRequest class, get_idp_slo_response_url was used instead get_idp_slo_url

1.10.0 (Jan 14, 2021)

  • Added custom lxml parser based on the one defined at xmldefused. Parser will ignore comments and processing instructions and by default have deactivated huge_tree, DTD and access to external documents
  • Destination URL Comparison is now case-insensitive for netloc

... (truncated)

Commits
  • 6988bda Release 1.16
  • 50a4d40 Fix CI Lint (#380)
  • 28b753e Add test for encrypted attributes
  • 59db3ca Add py3.11 and py3.12 to CI
  • 9e16580 Bump django from 4.1.7 to 4.1.10 in /demo-django (#378)
  • b52ffd7 Bump tornado from 6.0.3 to 6.3.3 in /demo-tornado (#377)
  • 34d07c8 Bump django from 4.0.8 to 4.1.7 in /demo-django (#348)
  • 6e67a9c Remove print from test
  • feb0d1d Fix more payloads
  • ea3a6d4 Set NotOnOrAfter to year 2993 so payloads not expire and tests keep working
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Apr 27, 2026
@dependabot dependabot Bot force-pushed the dependabot/pip/python3-saml-gte-1.16.0-and-lt-1.17 branch from 7c57583 to e7fe82e Compare May 4, 2026 06:50
@dependabot
build(deps): update python3-saml requirement
9f3af63 
Updates the requirements on [python3-saml](https://github.com/SAML-Toolkits/python3-saml) to permit the latest version.
- [Release notes](https://github.com/SAML-Toolkits/python3-saml/releases)
- [Changelog](https://github.com/SAML-Toolkits/python3-saml/blob/master/changelog.md)
- [Commits](SAML-Toolkits/python3-saml@v1.15.0...v1.16.0)

---
updated-dependencies:
- dependency-name: python3-saml
  dependency-version: 1.16.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/pip/python3-saml-gte-1.16.0-and-lt-1.17 branch from e7fe82e to 9f3af63 Compare May 11, 2026 10:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants