Automic VaultAutomic Vault

brew

使用 Homebrew 安装 xmlsectool

查看 xmlsectool 的安装路径、可执行文件、元数据以及面向 AI 代理工作流的安全说明。

安装

其他安装命令

macOS

Homebrew已验证 · 100%
brew install xmlsectool

local Homebrew formula metadata

概览

软件包摘要

Check schema validity and signature of an XML document

命令和别名

  • xmlsectool

历史

项目历史与用法

xmlsectool is a Shibboleth Java command-line tool for downloading XML, checking well-formedness and schema validity, verifying XML signatures, and creating enveloped XML signatures. Its main cultural home is SAML metadata operations rather than generic XML editing.

项目历史

The tool grew inside the Shibboleth ecosystem as a deployer utility for XML security work. Its documentation is organized by major supported series, with V3 now archived and V4 identified as the current supported line.

Version 2.0.0 was announced in June 2016 as a new stable release based on the Shibboleth v3 Identity Provider software stack. That release was intended as a drop-in replacement for most 1.2.0 users, while moving the tool to Java 7 or later, making SHA-256 the default signing digest, and blacklisting SHA-1 by default.

Version 4.0.0 was released on 2025-04-16. The V4 documentation states that V4 is the only supported release line, requires Java 17, removes options deprecated in V3, and adds a --version option.

采用历史

xmlsectool's adoption follows Shibboleth and SAML federation operations: operators need to validate and sign metadata, verify downloaded metadata, and sometimes use token-backed signing credentials. Its presence in the Shibboleth announcement channel and deployer documentation shows it is maintained as operational security tooling, not just an example program.

使用方式

Typical use cases include validating SAML metadata schemas, verifying XML signatures before trusting metadata, signing SAML 2.0 metadata with explicit reference ID handling, selecting digest and signature algorithms, and using PKCS#11-backed credentials through Java security providers.

为什么软件包爱好者会关心

xmlsectool is the kind of security package that package nerds care about because it turns a hard-to-compose Java XML security stack into one auditable command. The package boundary is useful: a CLI can be pinned, upgraded, scripted, and documented independently of an identity provider deployment.

时间线

  • 2016-06-28: Shibboleth announced xmlsectool 2.0.0 and the end of 1.x support.
  • 2025-04-16: xmlsectool 4.0.0 was released as the current stable release.
  • 2025-04-16: Security maintenance for xmlsectool 3.0.0 and earlier ceased, making V4 the only supported release.

Related projects

  • Related projects and technologies include Shibboleth Identity Provider, Shibboleth Service Provider, SAML 2.0 metadata, XML Signature, Apache Santuario-style XML security libraries, Java security providers, and PKCS#11 hardware tokens.

安全态势

风险级别:绿色

narrow executable package without higher-risk signals.

风险分类器

绿色 风险 · 低 置信度 · appliance

原因

  • narrow executable package without higher-risk signals

信号

  • metadata:no-higher-risk-signals

安装行为

  • formula 元数据中未记录 Homebrew post-install 钩子。
  • Homebrew bottle 元数据适用于 1 个平台目标。
  • 安装时包含 1 个运行时依赖。

建议审查

在无人值守的代理使用前,请检查该工具是否读取明文凭据、写入远程状态、发布制品或调用插件。

可执行文件

已安装的可执行文件

命令类型暴露范围备注
xmlsectoolcli全局可执行文件

新鲜度

版本和新鲜度

这些信号区分页生成时间、软件包管理器活动和上游发布比较。只有存在证据 URL 和可比较版本时,才会提示版本落后。

页面生成时间2026-07-08
管理器版本4.0.0
管理器更新时间2026-06-22
本地数据OK
上游not checked
检测到的最新版本未检测到

https://wiki.shibboleth.net/confluence/display/XSTJ3/xmlsectool+V3+Home

安装元数据

软件包元数据

软件包键brew:xmlsectool
版本4.0.0
软件包管理器Homebrew
软件包管理器页面https://formulae.brew.sh/formula/xmlsectool
主页https://wiki.shibboleth.net/confluence/display/XSTJ3/xmlsectool+V3+Home
仓库https://git.shibboleth.net/git/xmlsectool
上游文档https://shibboleth.atlassian.net/wiki/spaces/XSTJ4/overview
许可证Apache-2.0
源码归档https://shibboleth.net/downloads/tools/xmlsectool/4.0.0/xmlsectool-4.0.0-bin.zip
最后更新2026-06-22T14:06:42-07:00
Pulseupdated
依赖openjdk
Bottle可用 (于 all)
Homebrew post-install未定义
服务未声明

注册表事实

源数据库详情

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Namexmlsectool
Version Scheme0
Revision0
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • stable

来源线索

由仓库数据生成

此页面由 av-webscripts/generate-pkg-sqlite.py 生成的私有软件包 SQLite 工件提供。

使用的来源

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated package history
  • package relationship graph
  • package version freshness
  • package-page enrichment