FreshPorts -- security/py-signxml: Python XML Signature and XAdES library

Port details

py-signxml Python XML Signature and XAdES library

4.4.0 security =0 4.3.0Version of this port present on the latest quarterly branch.

Maintainer: sunpoet@FreeBSD.org

Port Added: 2025-09-07 23:12:22

Last Update: 2026-04-18 21:52:53

Commit Hash: 39a48d1

Also Listed In: python

License: APACHE20

WWW:

https://xml-security.github.io/signxml/

https://github.com/XML-Security/signxml

Description:

SignXML is an implementation of the W3C XML Signature standard in Python. This standard (also known as "XMLDSig") is used to provide payload security in SAML 2.0, XAdES, EBICS, and WS-Security, among other uses. The standard is defined in the W3C Recommendation XML Signature Syntax and Processing Version 1.1. SignXML implements all of the required components of the Version 1.1 standard, and most recommended ones. Its features are: - Use of a libxml2-based XML parser configured to defend against common XML attacks when verifying signatures - Extensions to allow signing with and verifying X.509 certificate chains, including hostname/CN validation - Extensions to sign and verify XAdES signatures - Support for exclusive XML canonicalization with inclusive prefixes (InclusiveNamespaces PrefixList, required to verify signatures generated by some SAML implementations) - Modern Python compatibility (3.9-3.13+ and PyPy) - Well-supported, portable, reliable dependencies: lxml and cryptography - Comprehensive testing (including the XMLDSig interoperability suite) and continuous integration - Simple interface with useful, ergonomic, and secure defaults (no network calls, XSLT or XPath transforms) - Compactness, readability, and extensibility

¦ ¦ ¦ ¦

Manual pages:

FreshPorts has no man page information for this port.

pkg-plist: as obtained via: make generate-plist

There is no configure plist information for this port.

USE_RC_SUBR (Service Scripts)

no SUBR information found for this port

Dependency lines:

${PYTHON_PKGNAMEPREFIX}signxml>0:security/py-signxml@${PY_FLAVOR}

To install the port:

cd /usr/ports/security/py-signxml/ && make install clean

To add the package, run one of these commands:

pkg install security/py-signxml
pkg install py311-signxml

NOTE: If this package has multiple flavors (see below), then use one of them instead of the name specified above.
NOTE: This is a Python port. Instead of py311-signxml listed in the above command, you can pick from the names under the Packages section.

PKGNAME: py311-signxml

Package flavors (<flavor>: <package>)

py311: py311-signxml

distinfo:

TIMESTAMP = 1775587594 SHA256 (signxml-4.4.0.tar.gz) = 038781783520e5d7bae4aa9c1e35f24fe9062730459da72009ce55126b56fa0f SIZE (signxml-4.4.0.tar.gz) = 1615052

Packages (timestamps in pop-ups are UTC):

py311-signxml
ABI	aarch64	amd64	armv6	armv7	i386	powerpc	powerpc64	powerpc64le
FreeBSD:13:latest	4.4.0	4.4.0	-	4.2.0_1	4.4.0	n/a	n/a	n/a
FreeBSD:13:quarterly	4.3.0	4.3.0	-	-	4.3.0	n/a	n/a	n/a
FreeBSD:14:latest	4.4.0	4.4.0	-	-	4.4.0	-	-	-
FreeBSD:14:quarterly	4.3.0	4.3.0	-	-	4.3.0	-	-	-
FreeBSD:15:latest	4.4.0	4.4.0	n/a	-	n/a	n/a	-	-
FreeBSD:15:quarterly	4.3.0	4.3.0	n/a	-	n/a	n/a	-	-
FreeBSD:16:latest	4.4.0	4.4.0	n/a	-	n/a	n/a	-	-

Dependencies

NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.

Build dependencies:

py311-hatch-vcs>=0 : devel/py-hatch-vcs@py311
py311-hatchling>=0 : devel/py-hatchling@py311
python3.11 : lang/python311
py311-build>=0 : devel/py-build@py311
py311-installer>=0 : devel/py-installer@py311

Test dependencies:

python3.11 : lang/python311

Runtime dependencies:

py311-certifi>=2023.11.17 : security/py-certifi@py311
py311-lxml>=5.2.1<7 : devel/py-lxml@py311
py311-cryptography>=46.0.5,1<47,1 : security/py-cryptography@py311
python3.11 : lang/python311

There are no ports dependent upon this port

Configuration Options:

No options to configure

Options name:

security_py-signxml

USES:

python

FreshPorts was unable to extract/find any pkg message

Master Sites:

Expand this list (2 items)

Collapse this list.

Number of commits found: 5

Commit	Credits	Log message
Commit History - (may be incomplete: for full details, see links to repositories near top of page)
4.4.0 18 Apr 2026 21:52:53	Po-Chuan Hsieh (sunpoet)	security/py-signxml: Update to 4.4.0 Changes: https://github.com/XML-Security/signxml/releases
4.3.0 09 Mar 2026 18:19:14	Po-Chuan Hsieh (sunpoet)	security/py-signxml: Update to 4.3.0 Changes: https://github.com/XML-Security/signxml/releases
4.2.2 03 Feb 2026 05:09:54	Po-Chuan Hsieh (sunpoet)	security/py-signxml: Update to 4.2.2 Changes: https://github.com/XML-Security/signxml/releases
4.2.0_1 15 Sep 2025 13:55:40	Hiroki Tagato (tagattie)	/: switch dependency from devel/py-lxml5 to devel/py-lxml Currently, there are two versions of python XML processing library which conflict each other in the ports tree, namely: - devel/py-lxml5 (now at version 5.4.0) - devel/py-lxml (now at version 6.0.1) To avoid the situation that some ports depend on py-lxml5 and some others do on py-lxml (by switching dependencies individually), this commit switches the dependencies from py-lxml5 to py-lxml at once. Additional note: There are still two ports (textproc/py-rdflib and www/py-draftjs-exporter) depending on py-lxml5 since they limit upper version to less than 6. PR: 289491 Approved by: Michiel van Baak Jansen <michiel@vanbaak.eu>, arrowd, crees, madpilot, delphij, marcus, nivit, kai, skreuzer, fluffy, bofh, thierry, stephen, sunpoet, 0mp, Eric Camachat <eric@camachat.org>
4.2.0 07 Sep 2025 23:03:08	Po-Chuan Hsieh (sunpoet)	security/py-signxml: Add py-signxml 4.2.0 SignXML is an implementation of the W3C XML Signature standard in Python. This standard (also known as "XMLDSig") is used to provide payload security in SAML 2.0, XAdES, EBICS, and WS-Security, among other uses. The standard is defined in the W3C Recommendation XML Signature Syntax and Processing Version 1.1. SignXML implements all of the required components of the Version 1.1 standard, and most recommended ones. Its features are: - Use of a libxml2-based XML parser configured to defend against common XML attacks when verifying signatures - Extensions to allow signing with and verifying X.509 certificate chains, including hostname/CN validation - Extensions to sign and verify XAdES signatures - Support for exclusive XML canonicalization with inclusive prefixes (InclusiveNamespaces PrefixList, required to verify signatures generated by some SAML implementations) - Modern Python compatibility (3.9-3.13+ and PyPy) - Well-supported, portable, reliable dependencies: lxml and cryptography - Comprehensive testing (including the XMLDSig interoperability suite) and continuous integration - Simple interface with useful, ergonomic, and secure defaults (no network calls, XSLT or XPath transforms) - Compactness, readability, and extensibility

Number of commits found: 5

Login
User Login Create account

Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD

This site
What is FreshPorts? About the authors Issues FAQ How big is it? Security Policy Privacy Blog Contact

Search
Enter Keywords: more...

Latest Vulnerabilities

mariadb1011-server^*	Jun 30
mariadb106-server^*	Jun 30
mariadb114-server^*	Jun 30
mariadb118-server^*	Jun 30
python310^*	Jun 19
python310^*	Jun 19
python310^*	Jun 19
python310^*	Jun 19
python311^*	Jun 19
python311^*	Jun 19
python311^*	Jun 19
python311^*	Jun 19
python312^*	Jun 19
python312^*	Jun 19
python312^*	Jun 19

41 vulnerabilities affecting 440 ports have been reported in the past 14 days

^* - modified, not new

All vulnerabilities

Last processed:
2026-06-19 04:26:26 UTC

Ports
Home Categories Deleted ports Sanity Test Failures Newsfeeds

Statistics

Graphs
NEW Graphs (Javascript)

Calculated hourly:

Port count	34599
Broken	95
Deprecated	321
Ignore	211
Forbidden	0
Restricted	1
No CDROM	1
Vulnerable	41
Expired	15
Set to expire	250
Interactive	0
new 24 hours	21
new 48 hours	22
new 7 days	29
new fortnight	53
new month	159