You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
[Problem Description]
We are consuming crewjam/saml version 0.4.14, which is latest as of date. This package is scanned for security vulnerabilities and EOLs by blackduck scanner at our source.
The blackduck scanner has identified a Project EOL component, github.com/beevik/etree:v1.1.0, which is a transitive dependency of crewjam/saml version 0.4.14. This project is not maintained and thus EOLed much earlier.
[Request]
We wish to consume all the dependencies which are non-EOLed, to maintain good coding practices. Can this EOLed component be updated by crewjam contributors or replaced with some alternative with similar functionality, to reduce the EOL risk?
Let me know if any more information is needed for this issue.
The text was updated successfully, but these errors were encountered:
[Problem Description]
We are consuming crewjam/saml version 0.4.14, which is latest as of date. This package is scanned for security vulnerabilities and EOLs by blackduck scanner at our source.
The blackduck scanner has identified a Project EOL component,
github.com/beevik/etree:v1.1.0, which is a transitive dependency of crewjam/saml version 0.4.14. This project is not maintained and thus EOLed much earlier.[Request]
We wish to consume all the dependencies which are non-EOLed, to maintain good coding practices. Can this EOLed component be updated by crewjam contributors or replaced with some alternative with similar functionality, to reduce the EOL risk?
Let me know if any more information is needed for this issue.
The text was updated successfully, but these errors were encountered: