Bump github.com/russellhaering/goxmldsig from 1.3.0 to 1.4.0

[dependabot]

Bumps github.com/russellhaering/goxmldsig from 1.3.0 to 1.4.0.

Release notes

Sourced from github.com/russellhaering/goxmldsig's releases.

v1.4.0

What's Changed

• Fixed a bug where attributes were sorted incorrectly during canonicalization in russellhaering/goxmldsig#91 (credit @​adamdecaf)
• Fixed a bug where canonicalizing a subset of a document did not pull in surrounding namespace declarations in russellhaering/goxmldsig#93 (credit @​rowland66)
• Fixed a bug where Signatures extracted during verification sometimes had elements in a different order than the original document @​karlovskiy in russellhaering/goxmldsig#82 (credit @​karlovskiy)
• Fixed a bug where superfluous namespace declarations were sometimes included in canonicalized documents in russellhaering/goxmldsig#94 (credit: @​rowland66)

New Contributors

• @​rowland66 made their first contribution in russellhaering/goxmldsig#93
• @​karlovskiy made their first contribution in russellhaering/goxmldsig#82

Full Changelog: russellhaering/goxmldsig@v1.3.0...v1.4.0

Commits

• 5a3be1c Merge pull request #94 from rowland66/fix-superfluous-namespace-declaration-c...
• 1245f63 Fixed the removal of superfluous namespace declarations for canonicalization ...
• 1bb67cd Merge pull request #82 from karlovskiy/find-signature-canonical-signinfo-order
• f644ba4 Add a test case for namespace inheritance in canonicalization
• 6ff53e2 Merge pull request #93 from rowland66/c14N10RecCanonicalizer-include-parent-n...
• 32aee4e Merge pull request #91 from adamdecaf/sort-matching-attr-keys-by-ns-uri
• f3f51b2 The spec for XML canonicalization REC-xml-c14n-20010315 section 2.4 requires ...
• 436aac5 etreeutils: sort attrs with matching namespaces by their NS URIs
• 21f94b7 Fix SignedInfo order in findSignature method
• See full diff in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[crewjam]

@dependabot rebase

[crewjam]

@dependabot recreate