Rough timeline for SPv3 code releases
cantor.2 at osu.edu
Tue Jun 12 15:17:50 BST 2018
Just so people are aware, the crank is starting to turn, albeit slowly and I'm out on vacation for the rest of this week so that will delay things a bit more, but we're about ready, it's just testing and documentation at this point.
I don't think it's high risk for me to freeze Santuario so I'm about there I think, but the caution I wanted to throw out is that this is a lock step upgrade of every library, because there are API changes throughout that make the whole thing interdependent. So even once I push out xml-security-c-2.0.0, you can't rebuild the old SP on it, and likewise for the rest.
With macports this would be a mess except that there are no dependent ports above xml-security-c that aren't just the SP, so instead of creating a mess of coflicting ports and moving to new names I'm just able to bump everything "at the end" and have it upgrade en masse.
All of the libraries are also going to require Xerces 3.2 BTW, which is less a code requirement than a forcing function to let me guarantee DTD handling is off in the code path the SP uses, and to ensure I get off Red Hat's broken version.
I don't know the Debian implications of all this, I just wanted to note it.
More information about the Pkg-shibboleth-devel