chore(deps): Bump signxml from 2.10.1 to 3.1.0

[dependabot]

Bumps signxml from 2.10.1 to 3.1.0.

Release notes

Sourced from signxml's releases.

v3.1.0

• Use distinct default for payload c14n. Fixes #217

• Deprecate SHA1

• Test and documentation improvements

v3.0.2

• Remove incorrect deprecation of xml-c14n11 URI

v3.0.1

• Mark SHA1 as deprecated

  • Aggregate verification settings in SignatureConfiguration dataclass

  • Mark all dataclasses in API as frozen

  • Add ability to assert expected signature location

  • Add ability to assert expected signature algorithms

  • Add ability to assert expected digest algorithms

  • Add MGF1 ("RSASSA-PSS without parameters") algorithm identifiers

  • Remove PSS ("RSASSA-PSS with parameters") and EdDSA algorithm identifiers (given low usage and no interop examples, we will not be implementing PSS parameters for now; EdDSA key info additionally has no standardized way to serialize it)

  • Add debug logging of canonicalization outputs

  • Documentation and formatting improvements

v3.0.0

• Add XAdES support

  • Migrate all configuration inputs to enums (string identifiers are still supported, but will be deprecated in a future version)

  • Migrate structured data inputs to dataclasses

  • Deprecate excise_empty_xmlns_declarations

  • Documentation and test infrastructure improvements

  • Clean up top level signxml and signxml.xades namespaces

  • Stop using default_backend for cryptography, it is no longer required

  • Drop Python 3.6 support (#200)

Changelog

Sourced from signxml's changelog.

Changes for v3.1.0 (2023-01-04)

• Use distinct default for payload c14n. Fixes #217

• Deprecate SHA1

• Test and documentation improvements

Changes for v3.0.2 (2022-11-28)

• Remove incorrect deprecation of xml-c14n11 URI

Changes for v3.0.1 (2022-11-27)

• Mark SHA1 as deprecated

• Aggregate verification settings in SignatureConfiguration dataclass

• Mark all dataclasses in API as frozen

• Add ability to assert expected signature location

• Add ability to assert expected signature algorithms

• Add ability to assert expected digest algorithms

• Add MGF1 (“RSASSA-PSS without parameters”) algorithm identifiers

• Remove PSS (“RSASSA-PSS with parameters”) and EdDSA algorithm identifiers (given low usage and no interop examples, we will not be implementing PSS parameters for now; EdDSA key info additionally has no standardized way to serialize it)

• Add debug logging of canonicalization outputs

• Documentation and formatting improvements

Changes for v3.0.0 (2022-11-13)

• Add XAdES support

• Migrate all configuration inputs to enums (string identifiers are still supported, but will be deprecated in a future version)

• Migrate structured data inputs to dataclasses

... (truncated)

Commits

• 115e9c1 v3.1.0
• b1cc95b Work around mypy errors
• 36f5506 Remove unnecessary test config flag
• 9bd6e9e Use distinct default for payload c14n. Fixes #217
• 18f5129 Fix lint error
• 533e33e Use threadpool in algorithms test case
• dfdd4a1 Add docs for SHA1 deprecation; reject empty configs
• 9c827a9 Implement SHA1 deprecation policy
• 5df7bfa Fix line length lint error
• fc9aa28 Fix supported Python versions in README (#215)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[qlty-cloud-legacy]

Code Climate has analyzed commit 321cb97 and detected 0 issues on this pull request.

View more on Code Climate.

[codecov]

Codecov Report

❗ No coverage uploaded for pull request base (develop@60362a0). Click here to learn what that means.
Patch coverage: 85.71% of modified lines in pull request are covered.

❗ Current head d314db7 differs from pull request most recent head 321cb97. Consider uploading reports for the commit 321cb97 to get more accurate results

Additional details and impacted files

@@            Coverage Diff             @@
##             develop     #428   +/-   ##
==========================================
  Coverage           ?   85.86%           
==========================================
  Files              ?       34           
  Lines              ?     2788           
  Branches           ?      356           
==========================================
  Hits               ?     2394           
  Misses             ?      256           
  Partials           ?      138           

Impacted Files	Coverage Δ
cl_sii/rtc/xml_utils.py	68.29% <66.66%> (ø)
cl_sii/libs/xml_utils.py	81.13% <100.00%> (ø)

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report in Codecov by Sentry.
📢 Do you have feedback about the report comment? Let us know in this issue.