dependabot[bot] opened a new pull request, #1727: URL: https://github.com/apache/libcloud/pull/1727
Bumps [cryptography](https://github.com/pyca/cryptography) from 36.0.1 to 37.0.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst";>cryptography's changelog</a>.</em></p> <blockquote> <p>37.0.4 - 2022-07-05</p> <pre><code> * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.5. <p>.. _v37-0-3:</p> <p>37.0.3 - 2022-06-21 (YANKED) </code></pre></p> <p>.. attention::</p> <pre><code>This release was subsequently yanked from PyPI due to a regression in OpenSSL. </code></pre> <ul> <li>Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.4.</li> </ul> <p>.. _v37-0-2:</p> <p>37.0.2 - 2022-05-03</p> <pre><code> * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.3. * Added a constant needed for an upcoming pyOpenSSL release. <p>.. _v37-0-1:</p> <p>37.0.1 - 2022-04-27 </code></pre></p> <ul> <li>Fixed an issue where parsing an encrypted private key with the public loader functions would hang waiting for console input on OpenSSL 3.0.x rather than raising an error.</li> <li>Restored some legacy symbols for older <code>pyOpenSSL</code> users. These will be removed again in the future, so <code>pyOpenSSL</code> users should still upgrade to the latest version of that package when they upgrade <code>cryptography</code>.</li> </ul> <p>.. _v37-0-0:</p> <p>37.0.0 - 2022-04-26</p> <pre><code> * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.2. * **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL 2.9.x and 3.0.x. The new minimum LibreSSL version is 3.1+. * **BACKWARDS INCOMPATIBLE:** Removed ``signer`` and ``verifier`` methods from the public key and private key classes. These methods were originally deprecated in version 2.0, but had an extended deprecation timeline due to usage. Any remaining users should transition to ``sign`` and ``verify``. * Deprecated OpenSSL 1.1.0 support. OpenSSL 1.1.0 is no longer supported by the OpenSSL project. The next release of ``cryptography`` will be the last </tr></table> </code></pre> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pyca/cryptography/commit/7ad17d819affb996c6681c6aac57e43184c54865";><code>7ad17d8</code></a> Version bump and changelog for 37.0.4 (<a href="https://github-redirect.dependabot.com/pyca/cryptography/issues/7399";>#7399</a>)</li> <li><a href="https://github.com/pyca/cryptography/commit/b71c39202ba2d7dfb7a89215e04946e7fbf92896";><code>b71c392</code></a> Changelog and version bump for 37.0.3 (<a href="https://github-redirect.dependabot.com/pyca/cryptography/issues/7362";>#7362</a>)</li> <li><a href="https://github.com/pyca/cryptography/commit/5954a52f0900569a83138d71ec1c04971452ea5b";><code>5954a52</code></a> changelog and version bump for 37.0.2 (<a href="https://github-redirect.dependabot.com/pyca/cryptography/issues/7194";>#7194</a>)</li> <li><a href="https://github.com/pyca/cryptography/commit/8b72741bd7ab7069c4df471b9fa55e6e9ec51147";><code>8b72741</code></a> add a a constant for pyOpenSSL with OpenSSL 3 (<a href="https://github-redirect.dependabot.com/pyca/cryptography/issues/7157";>#7157</a>)</li> <li><a href="https://github.com/pyca/cryptography/commit/7dd4ff6d2f188e63a3763adf84937ceccc5d85bd";><code>7dd4ff6</code></a> Backport mitmproxy & codecov changes (<a href="https://github-redirect.dependabot.com/pyca/cryptography/issues/7158";>#7158</a>)</li> <li><a href="https://github.com/pyca/cryptography/commit/3fb93cfde75d073a91bc4a73a51f62962092501e";><code>3fb93cf</code></a> 37.0.1 changelog and version bump (<a href="https://github-redirect.dependabot.com/pyca/cryptography/issues/7139";>#7139</a>)</li> <li><a href="https://github.com/pyca/cryptography/commit/8ec3192af06c566691d8ce24797a1c0f49393469";><code>8ec3192</code></a> restore some bindings for older pyopenssl temporarily (<a href="https://github-redirect.dependabot.com/pyca/cryptography/issues/7137";>#7137</a>)</li> <li><a href="https://github.com/pyca/cryptography/commit/2d4e0b29646cbc40b701f258a330ed8217b688b8";><code>2d4e0b2</code></a> Fix parsing of priv keys via pub key APIs to error properly in ossl3 (<a href="https://github-redirect.dependabot.com/pyca/cryptography/issues/7135";>#7135</a>)</li> <li><a href="https://github.com/pyca/cryptography/commit/82d9339b3b13df07ae3514b5945376a2d8ee7607";><code>82d9339</code></a> Add typings to default_backend() (<a href="https://github-redirect.dependabot.com/pyca/cryptography/issues/7133";>#7133</a>)</li> <li><a href="https://github.com/pyca/cryptography/commit/cfdfb1a382c8c3201971d35aed91b37288c350d0";><code>cfdfb1a</code></a> update wheel builder for lib64 path (<a href="https://github-redirect.dependabot.com/pyca/cryptography/issues/7122";>#7122</a>)</li> <li>Additional commits viewable in <a href="https://github.com/pyca/cryptography/compare/36.0.1...37.0.4";>compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@libcloud.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
