Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump cryptography from 42.0.0 to 43.0.1 #5257

Merged
merged 2 commits into from
Oct 30, 2024
Merged

Bump cryptography from 42.0.0 to 43.0.1 #5257

merged 2 commits into from
Oct 30, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 4, 2024
edited
Loading

Bumps cryptography from 42.0.0 to 43.0.1.

Changelog

Sourced from cryptography's changelog.

43.0.1 - 2024-09-03


* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.3.2.

.. _v43-0-0:


43.0.0 - 2024-07-20

  • BACKWARDS INCOMPATIBLE: Support for OpenSSL less than 1.1.1e has been removed. Users on older version of OpenSSL will need to upgrade.
  • BACKWARDS INCOMPATIBLE: Dropped support for LibreSSL < 3.8.
  • Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.3.1.
  • Updated the minimum supported Rust version (MSRV) to 1.65.0, from 1.63.0.
  • :func:~cryptography.hazmat.primitives.asymmetric.rsa.generate_private_key now enforces a minimum RSA key size of 1024-bit. Note that 1024-bit is still considered insecure, users should generally use a key size of 2048-bits.
  • :func:~cryptography.hazmat.primitives.serialization.pkcs7.serialize_certificates now emits ASN.1 that more closely follows the recommendations in :rfc:2315.
  • Added new :doc:/hazmat/decrepit/index module which contains outdated and insecure cryptographic primitives. :class:~cryptography.hazmat.primitives.ciphers.algorithms.CAST5, :class:~cryptography.hazmat.primitives.ciphers.algorithms.SEED, :class:~cryptography.hazmat.primitives.ciphers.algorithms.IDEA, and :class:~cryptography.hazmat.primitives.ciphers.algorithms.Blowfish, which were deprecated in 37.0.0, have been added to this module. They will be removed from the cipher module in 45.0.0.
  • Moved :class:~cryptography.hazmat.primitives.ciphers.algorithms.TripleDES and :class:~cryptography.hazmat.primitives.ciphers.algorithms.ARC4 into :doc:/hazmat/decrepit/index and deprecated them in the cipher module. They will be removed from the cipher module in 48.0.0.
  • Added support for deterministic :class:~cryptography.hazmat.primitives.asymmetric.ec.ECDSA (:rfc:6979)
  • Added support for client certificate verification to the :mod:X.509 path validation <cryptography.x509.verification> APIs in the form of :class:~cryptography.x509.verification.ClientVerifier, :class:~cryptography.x509.verification.VerifiedClient, and PolicyBuilder :meth:~cryptography.x509.verification.PolicyBuilder.build_client_verifier.
  • Added Certificate :attr:~cryptography.x509.Certificate.public_key_algorithm_oid and Certificate Signing Request :attr:~cryptography.x509.CertificateSigningRequest.public_key_algorithm_oid to determine the :class:~cryptography.hazmat._oid.PublicKeyAlgorithmOID Object Identifier of the public key found inside the certificate.
  • Added :attr:~cryptography.x509.InvalidityDate.invalidity_date_utc, a timezone-aware alternative to the naïve datetime attribute :attr:~cryptography.x509.InvalidityDate.invalidity_date.
  • Added support for parsing empty DN string in

... (truncated)

Commits

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot added dependabot dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Sep 4, 2024
@vercel Vercel
Copy link

vercel bot commented Sep 4, 2024
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
fides-plus-nightly ✅ Ready (Inspect) Visit Preview 💬 Add feedback Oct 30, 2024 10:31am

@dependabot
Bump cryptography from 42.0.0 to 43.0.1
79b17c3 
Bumps [cryptography](https://github.com/pyca/cryptography) from 42.0.0 to 43.0.1.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](pyca/cryptography@42.0.0...43.0.1)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/pip/cryptography-43.0.1 branch from aa5d32a to 79b17c3 Compare September 12, 2024 19:39
@cypress Cypress
Copy link

cypress bot commented Oct 30, 2024

fides    Run #10679

Run Properties:  status check passed Passed #10679  •  git commit 711c2963bd ℹ️: Merge f2a42edd55199098dff2416a2cd14167b280cc99 into 6db9bbc3fdc1e7bca2238dcf8240...
Project fides
Branch Review refs/pull/5257/merge
Run status status check passed Passed #10679
Run duration 00m 39s
Commit git commit 711c2963bd ℹ️: Merge f2a42edd55199098dff2416a2cd14167b280cc99 into 6db9bbc3fdc1e7bca2238dcf8240...
Committer dependabot[bot]
View all properties for this run ↗︎
Test results
Tests that failed  Failures 0
Tests that were flaky  Flaky 0
Tests that did not run due to a developer annotating a test with .skip  Pending 0
Tests that did not run due to a failure in a mocha hook  Skipped 0
Tests that passed  Passing 4
⚠️ You've recorded test results over your free plan limit.
Upgrade your plan to view test results.
View all changes introduced in this branch ↗︎

@codecov Codecov
Copy link

codecov bot commented Oct 30, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 83.87%. Comparing base (6db9bbc) to head (f2a42ed).
Report is 2 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #5257   +/-   ##
=======================================
  Coverage   83.87%   83.87%           
=======================================
  Files         384      384           
  Lines       24116    24116           
  Branches     2624     2624           
=======================================
  Hits        20228    20228           
  Misses       3306     3306           
  Partials      582      582

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

daveqnet
daveqnet approved these changes Oct 30, 2024
View reviewed changes
Copy link
Contributor

@daveqnet daveqnet left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Happy to approve this Dependabot bump given that none of the breaking changes (marked BACKWARDS INCOMPATIBLE) in cryptography's changelog appear to affect us and CI passes.

@daveqnet daveqnet merged commit 67214d7 into main Oct 30, 2024
38 of 39 checks passed
@daveqnet daveqnet deleted the dependabot/pip/cryptography-43.0.1 branch October 30, 2024 10:57
@cypress Cypress
Copy link

cypress bot commented Oct 30, 2024

fides    Run #10682

Run Properties:  status check passed Passed #10682  •  git commit 67214d79cf: Bump cryptography from 42.0.0 to 43.0.1 (#5257)
Project fides
Branch Review main
Run status status check passed Passed #10682
Run duration 00m 39s
Commit git commit 67214d79cf: Bump cryptography from 42.0.0 to 43.0.1 (#5257)
Committer dependabot[bot]
View all properties for this run ↗︎
Test results
Tests that failed  Failures 0
Tests that were flaky  Flaky 0
Tests that did not run due to a developer annotating a test with .skip  Pending 0
Tests that did not run due to a failure in a mocha hook  Skipped 0
Tests that passed  Passing 4
⚠️ You've recorded test results over your free plan limit.
Upgrade your plan to view test results.
View all changes introduced in this branch ↗︎

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@daveqnet daveqnet daveqnet approved these changes

Assignees
No one assigned
Labels
dependabot dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@daveqnet