Title: Bump cryptography from 39.0.0 to 42.0.2 in /inference/server by dependabot[bot] · Pull Request #10 · TestOrgForGitSec/gitsecurity-python · GitHub
Open Graph Title: Bump cryptography from 39.0.0 to 42.0.2 in /inference/server by dependabot[bot] · Pull Request #10 · TestOrgForGitSec/gitsecurity-python
X Title: Bump cryptography from 39.0.0 to 42.0.2 in /inference/server by dependabot[bot] · Pull Request #10 · TestOrgForGitSec/gitsecurity-python
Description: Bumps cryptography from 39.0.0 to 42.0.2.
Changelog
Sourced from cryptography's changelog.
42.0.2 - 2024-01-30
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.2.1.
* Fixed an issue that prevented the use of Python buffer protocol objects in
``sign`` and ``verify`` methods on asymmetric keys.
* Fixed an issue with incorrect keyword-argument naming with ``EllipticCurvePrivateKey``
:meth:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey.exchange`,
``X25519PrivateKey``
:meth:`~cryptography.hazmat.primitives.asymmetric.x25519.X25519PrivateKey.exchange`,
``X448PrivateKey``
:meth:`~cryptography.hazmat.primitives.asymmetric.x448.X448PrivateKey.exchange`,
and ``DHPrivateKey``
:meth:`~cryptography.hazmat.primitives.asymmetric.dh.DHPrivateKey.exchange`.
.. _v42-0-1:
42.0.1 - 2024-01-24
Fixed an issue with incorrect keyword-argument naming with EllipticCurvePrivateKey
:meth:~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey.sign.
Resolved compatibility issue with loading certain RSA public keys in
:func:~cryptography.hazmat.primitives.serialization.load_pem_public_key.
.. _v42-0-0:
42.0.0 - 2024-01-22
* **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL < 3.7.
* **BACKWARDS INCOMPATIBLE:** Loading a PKCS7 with no content field using
:func:`~cryptography.hazmat.primitives.serialization.pkcs7.load_pem_pkcs7_certificates`
or
:func:`~cryptography.hazmat.primitives.serialization.pkcs7.load_der_pkcs7_certificates`
will now raise a ``ValueError`` rather than return an empty list.
* Parsing SSH certificates no longer permits malformed critical options with
values, as documented in the 41.0.2 release notes.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.2.0.
* Updated the minimum supported Rust version (MSRV) to 1.63.0, from 1.56.0.
* We now publish both ``py37`` and ``py39`` ``abi3`` wheels. This should
resolve some errors relating to initializing a module multiple times per
process.
* Support :class:`~cryptography.hazmat.primitives.asymmetric.padding.PSS` for
X.509 certificate signing requests and certificate revocation lists with the
keyword-only argument ``rsa_padding`` on the ``sign`` methods for
:class:`~cryptography.x509.CertificateSigningRequestBuilder` and
:class:`~cryptography.x509.CertificateRevocationListBuilder`.
* Added support for obtaining X.509 certificate signing request signature
algorithm parameters (including PSS) via
... (truncated)
Commits
2202123 changelog and version bump 42.0.2 (#10268)
f7032bd bump openssl in CI (#10298) (#10299)
002e886 Fixes #10294 -- correct accidental change to exchange kwarg (#10295) (#10296)
92fa9f2 support bytes-like consistently across our asym sign/verify APIs (#10260) (#1...
6478f7e explicitly support bytes-like for signature/data in RSA sign/verify (#10259) ...
4bb8596 fix the release script (#10233) (#10254)
337437d 42.0.1 bump (#10252)
56255de allow SPKI RSA keys to be parsed even if they have an incorrect delimiter (#1...
12f038b fixes #10237 -- correct EC sign parameter name (#10239) (#10240)
4e64baf 42.0.0 version bump (#10232)
Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show
Open Graph Description: Bumps cryptography from 39.0.0 to 42.0.2. Changelog Sourced from cryptography's changelog. 42.0.2 - 2024-01-30 * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.2.1. *...
X Description: Bumps cryptography from 39.0.0 to 42.0.2. Changelog Sourced from cryptography's changelog. 42.0.2 - 2024-01-30 * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.2....
Opengraph URL: https://github.com/TestOrgForGitSec/gitsecurity-python/pull/10
X: @github
Domain: github.com
| route-pattern | /:user_id/:repository/pull/:id/files(.:format) |
| route-controller | pull_requests |
| route-action | files |
| fetch-nonce | v2:2196c815-abaf-f4ae-5860-c7c1ec206eb7 |
| current-catalog-service-hash | ae870bc5e265a340912cde392f23dad3671a0a881730ffdadd82f2f57d81641b |
| request-id | E29A:A6D52:2268F6F:2F7ACA1:6A4F3F34 |
| html-safe-nonce | eb47e853d9ea5ee7902701b7283474a895e90ab5323632da6a094d8790d15c9d |
| visitor-payload | eyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJFMjlBOkE2RDUyOjIyNjhGNkY6MkY3QUNBMTo2QTRGM0YzNCIsInZpc2l0b3JfaWQiOiI2NDU0OTUwMjg0MTYyNDQ5MjA0IiwicmVnaW9uX2VkZ2UiOiJpYWQiLCJyZWdpb25fcmVuZGVyIjoiaWFkIn0= |
| visitor-hmac | 5a67995b3c227fb12843422321a0cb9698e1496b5acb6fd24d218686df0017d3 |
| hovercard-subject-tag | pull_request:1730442915 |
| github-keyboard-shortcuts | repository,pull-request-list,pull-request-conversation,pull-request-files-changed,copilot |
| google-site-verification | Apib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I |
| octolytics-url | https://collector.github.com/github/collect |
| analytics-location | / |
| fb:app_id | 1401488693436528 |
| apple-itunes-app | app-id=1477376905, app-argument=https://github.com/TestOrgForGitSec/gitsecurity-python/pull/10/files |
| twitter:image | https://avatars.githubusercontent.com/in/29110?s=400&v=4 |
| twitter:card | summary_large_image |
| og:image | https://avatars.githubusercontent.com/in/29110?s=400&v=4 |
| og:image:alt | Bumps cryptography from 39.0.0 to 42.0.2. Changelog Sourced from cryptography's changelog. 42.0.2 - 2024-01-30 * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.2.1. *... |
| og:site_name | GitHub |
| og:type | object |
| hostname | github.com |
| expected-hostname | github.com |
| None | b92d11c0aa4a77d54ef4af1078b6a15fb5a70a215b30c4ecf28889d5a8e656d9 |
| turbo-cache-control | no-preview |
| diff-view | unified |
| go-import | github.com/TestOrgForGitSec/gitsecurity-python git https://github.com/TestOrgForGitSec/gitsecurity-python.git |
| octolytics-dimension-user_id | 139981999 |
| octolytics-dimension-user_login | TestOrgForGitSec |
| octolytics-dimension-repository_id | 753517181 |
| octolytics-dimension-repository_nwo | TestOrgForGitSec/gitsecurity-python |
| octolytics-dimension-repository_public | true |
| octolytics-dimension-repository_is_fork | true |
| octolytics-dimension-repository_parent_id | 753481735 |
| octolytics-dimension-repository_parent_nwo | cbc-GithubSecurity/gitsecurity-python |
| octolytics-dimension-repository_network_root_id | 577603990 |
| octolytics-dimension-repository_network_root_nwo | LAION-AI/Open-Assistant |
| turbo-body-classes | logged-out env-production page-responsive |
| disable-turbo | true |
| browser-stats-url | https://api.github.com/_private/browser/stats |
| browser-errors-url | https://api.github.com/_private/browser/errors |
| release | 4b249b445842943ed31549e027f57a8ade9881ed |
| ui-target | full |
| theme-color | #1e2327 |
| color-scheme | light dark |
Links:
Viewport: width=device-width