Shibboleth Developer's Meeting, 2023-04-21

Call Administrivia

09:00 Central US / 10:00 Eastern US / 15:00 UK / 17:00 FI

Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2023-05-05. Any reason to deviate from this?

60 to 90 minute call window.

Call Details

This week's call will use the Zoom system at GU, see ZoomGU for access info.

AGENDA

• https://shibboleth.atlassian.net/browse/JSSH-27

• Standardize on IllegalStateException when calling a method that returns a non-null when in a state during which it’s null.

  • Agreed to, may revisit the Component state exceptions

• Disposition of XACML code?

  • Add deprecation warning to the configuration step of all the providers for these to flag it as going away for V6.

• RP 1.0.0, OP 3.4.0, Config 1.0.0, and Commons 2.2.0 schedule

  • Freeze by 4/30, plan to release shortly after.

Attendees:

Brent

Daniel

Henri

Final items, non-resolved lacking documentation and/or test on real deployment:

• https://shibboleth.atlassian.net/browse/JOIDC-142

• https://shibboleth.atlassian.net/browse/JOIDC-144

• https://shibboleth.atlassian.net/browse/JOIDC-149

• https://shibboleth.atlassian.net/browse/JOIDC-150

Since OP 3.4 requires IdP 4.3.0 anyway:

• https://shibboleth.atlassian.net/browse/JOIDC-151

Ian

John

• https://shibboleth.atlassian.net/browse/SSPCPP-969

  • Not much progress to report

• Bumped Rocky 8 and 9 images

Marvin

Phil

• https://shibboleth.atlassian.net/browse/JCOMOIDC-66

  • Merged in. OP, config, and RP fixed up to work with the required XML and test class changes

• RP cleanups.

Rod

• Null cleanup

  • OpenSAML tests remove failures

  • OpenSAML & IdP start to reduce warnings

• Misc bugs and tasks

  • Jetty-base for 10.0.14 and 10.0.15 (and attendant Windows IdP Release)

  • https://shibboleth.atlassian.net/browse/JMVN-50

  • https://shibboleth.atlassian.net/browse/IDP-2078

  • https://shibboleth.atlassian.net/browse/IDP-2088

  • &c

Scott

• Completed null cleanup of OpenSAML minus some tests and the XACML modules.

  • Occurred to me that another possibly useful annotation for tests (for yellow) would be NonnullBeforeTest or something like that.

• Note NonnullElements can apply to packages now. If it shows up, that means someone has reviewed the package and made sure all collections are nonnull unless annotated otherwise.

• Replacing Collections and Arrays.asList where possible

• Reviewing live but immutable views of internal state; many cases also return Collections.emptyXXX at the same time, which is inconsistent.

  • Suggest we review all Unmodifiable cases and ensure Live or NotLive is stated (and we really should avoid Live…)

  • https://shibboleth.atlassian.net/browse/JSATTR-12

• Working on IdP backlog

Tom

• TODO update all-the-Javas

• Work on Tomcat tests

• Work on OIDC tests

Other