Commit c5405bc
authored
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4&size=40){kind=avatar}
Bump cryptography from 44.0.3 to 45.0.2 (aio-libs#10876)
Bumps [cryptography](https://github.com/pyca/cryptography) from 44.0.3
to 45.0.2.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst">cryptography's
changelog</a>.</em></p>
<blockquote>
<p>45.0.2 - 2025-05-17</p>
<pre><code>
* Fixed using ``mypy`` with ``cryptography`` on older versions of
Python.
<p>.. _v45-0-1:</p>
<p>45.0.1 - 2025-05-17<br />
</code></pre></p>
<ul>
<li>Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL
3.5.0.</li>
</ul>
<p>.. _v45-0-0:</p>
<p>45.0.0 - 2025-05-17 (YANKED)</p>
<pre><code>
* Support for Python 3.7 is deprecated and will be removed in the next
``cryptography`` release.
* Updated the minimum supported Rust version (MSRV) to 1.74.0, from
1.65.0.
* Added support for serialization of PKCS#12 Java truststores in
:func:`~cryptography.hazmat.primitives.serialization.pkcs12.serialize_java_truststore`
* Added
:meth:`~cryptography.hazmat.primitives.kdf.argon2.Argon2id.derive_phc_encoded`
and
:meth:`~cryptography.hazmat.primitives.kdf.argon2.Argon2id.verify_phc_encoded`
methods
to support password hashing in the PHC string format
* Added support for PKCS7 decryption and encryption using AES-256 as the
content algorithm, in addition to AES-128.
* **BACKWARDS INCOMPATIBLE:** Made SSH private key loading more
consistent with
other private key loading:
:func:`~cryptography.hazmat.primitives.serialization.load_ssh_private_key`
now raises a ``TypeError`` if the key is unencrypted but a password is
provided (previously no exception was raised), and raises a
``TypeError`` if
the key is encrypted but no password is provided (previously a
``ValueError``
was raised).
* We significantly refactored how private key loading (
:func:`~cryptography.hazmat.primitives.serialization.load_pem_private_key`
and
:func:`~cryptography.hazmat.primitives.serialization.load_der_private_key`)
works. This is intended to be backwards compatible for all well-formed
keys,
therefore if you discover a key that now raises an exception, please
file a
bug with instructions for reproducing.
* Added ``unsafe_skip_rsa_key_validation`` keyword-argument to
:func:`~cryptography.hazmat.primitives.serialization.load_ssh_private_key`.
* Added :class:`~cryptography.hazmat.primitives.hashes.XOFHash` to
support
repeated :meth:`~cryptography.hazmat.primitives.hashes.XOFHash.squeeze`
operations on extendable output functions.
* Added
:meth:`~cryptography.x509.ocsp.OCSPResponseBuilder.add_response_by_hash`
method to allow creating OCSP responses using certificate hash values
rather
than full certificates.
</tr></table>
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pyca/cryptography/commit/f81c07535ddf2d26cb1a27e70a9967ab708b8056"><code>f81c075</code></a>
Backport mypy fixes for release (<a
href="https://redirect.github.com/pyca/cryptography/issues/12930">#12930</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/8ea28e0bc724e57433f4f062795d91c0a367e9ad"><code>8ea28e0</code></a>
bump for 45.0.1 (<a
href="https://redirect.github.com/pyca/cryptography/issues/12922">#12922</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/67840977c95a23d0dcfba154e303014026df0d3e"><code>6784097</code></a>
bump for 45 release (<a
href="https://redirect.github.com/pyca/cryptography/issues/12886">#12886</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/2d9c1c9cbe650f2888c14476a4b30ef85d3fd2bc"><code>2d9c1c9</code></a>
bump MSRV to 1.74 (<a
href="https://redirect.github.com/pyca/cryptography/issues/12919">#12919</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/6c18874cc2e76f173b77c67609cfb4d3495964c3"><code>6c18874</code></a>
Bump BoringSSL, OpenSSL, AWS-LC in CI (<a
href="https://redirect.github.com/pyca/cryptography/issues/12918">#12918</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/43fd312aea73e4ad79a54c78848e73bf5a640336"><code>43fd312</code></a>
add test vectors for upcoming explicit curve loading (<a
href="https://redirect.github.com/pyca/cryptography/issues/12913">#12913</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/6bfa0a31256a631a0543e3b0cee5a101f1ac3d3f"><code>6bfa0a3</code></a>
chore(deps): bump asn1 from 0.21.2 to 0.21.3 (<a
href="https://redirect.github.com/pyca/cryptography/issues/12914">#12914</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/a88dd6635c19ef282e0a6469a9604fef096cc843"><code>a88dd66</code></a>
chore(deps): bump cc from 1.2.22 to 1.2.23 (<a
href="https://redirect.github.com/pyca/cryptography/issues/12912">#12912</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/e4e98407e866064b55dfcad599117995279cecf6"><code>e4e9840</code></a>
chore(deps): bump uv from 0.7.3 to 0.7.4 in /.github/requirements (<a
href="https://redirect.github.com/pyca/cryptography/issues/12911">#12911</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/e140233902db423f031d79237533aacfe96ba119"><code>e140233</code></a>
chore(deps): bump uv from 0.7.3 to 0.7.4 (<a
href="https://redirect.github.com/pyca/cryptography/issues/12910">#12910</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/pyca/cryptography/compare/44.0.3...45.0.2">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>1 parent 5633bed commit c5405bc
4 files changed
Lines changed: 4 additions & 4 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
56 | 56 | | |
57 | 57 | | |
58 | 58 | | |
59 | | - | |
| 59 | + | |
60 | 60 | | |
61 | 61 | | |
62 | 62 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
56 | 56 | | |
57 | 57 | | |
58 | 58 | | |
59 | | - | |
| 59 | + | |
60 | 60 | | |
61 | 61 | | |
62 | 62 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
21 | 21 | | |
22 | 22 | | |
23 | 23 | | |
24 | | - | |
| 24 | + | |
25 | 25 | | |
26 | 26 | | |
27 | 27 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
29 | 29 | | |
30 | 30 | | |
31 | 31 | | |
32 | | - | |
| 32 | + | |
33 | 33 | | |
34 | 34 | | |
35 | 35 | | |
| |||
0 commit comments