Update cryptography requirement from ~=3.4.8 to ~=35.0.0
Created by: dependabot[bot]
Updates the requirements on cryptography to permit the latest version.
Changelog
Sourced from cryptography's changelog.
35.0.0 - 2021-09-29
* Changed the :ref:`version scheme <api-stability:versioning>`. This will result in us incrementing the major version more frequently, but does not change our existing backwards compatibility policy. * **BACKWARDS INCOMPATIBLE:** The X.509 certificate parser no longer allows negative serial numbers. :rfc:`5280` has always prohibited these. * **BACKWARDS INCOMPATIBLE:** Invalid ASN.1 found during :doc:`/x509/index` parsing will raise an error on initial parse rather than when the invalid field is accessed. * Rust is now required for building ``cryptography``, the ``CRYPTOGRAPHY_DONT_BUILD_RUST`` environment variable is no longer respected. * Parsers for :doc:`/x509/index` no longer use OpenSSL and have been rewritten in Rust. This should be backwards compatible (modulo the items listed above) and improve both security and performance. * Added support for OpenSSL 3.0.0 as a compilation target. * Added support for :class:`~cryptography.hazmat.primitives.hashes.SM3` and :class:`~cryptography.hazmat.primitives.ciphers.algorithms.SM4`, when using OpenSSL 1.1.1. These algorithms are provided for compatibility in regions where they may be required, and are not generally recommended. * We now ship ``manylinux_2_24`` and ``musllinux_1_1`` wheels, in addition to our ``manylinux2010`` and ``manylinux2014`` wheels. Users on distributions like Alpine Linux should ensure they upgrade to the latest ``pip`` to correctly receive wheels. * Added ``rfc4514_attribute_name`` attribute to :attr:`x509.NameAttribute <cryptography.x509.NameAttribute.rfc4514_attribute_name>`. * Added :class:`~cryptography.hazmat.primitives.kdf.kbkdf.KBKDFCMAC`. .. _v3-4-8: 3.4.8 - 2021-08-24 * Updated Windows, macOS, and ``manylinux`` wheels to be compiled with OpenSSL 1.1.1l. .. _v3-4-7: 3.4.7 - 2021-03-25 Updated Windows, macOS, and manylinux wheels to be compiled with OpenSSL 1.1.1k. .. _v3-4-6: 3.4.6 - 2021-02-16 </tr></table>
... (truncated)
Commits
-
c7fbef7bump for 35.0 release (#6333) -
82d3f2bupdate release.py (#6332) -
00c54b5docs: shift image to latest 20.04 (#6331) -
cb73c72Bump smallvec from 1.6.1 to 1.7.0 in /src/rust (#6329) -
90a564ebuild our wheels from tag so we can upload sdist last (#6328) -
cf9e576fix changelog to remove inaccurate statement (#6327) -
329a795Improve changelog for cryptography.x509 changes (#6326) -
0f2c416add CRL pyopenssl fallback (#6325) -
57e5176remove unneeded bindings (#6324) -
baa6ff1Bump dessant/lock-threads from 2.1.2 to 3 (#6323) - Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
-
@dependabot rebasewill rebase this PR -
@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it -
@dependabot mergewill merge this PR after your CI passes on it -
@dependabot squash and mergewill squash and merge this PR after your CI passes on it -
@dependabot cancel mergewill cancel a previously requested merge and block automerging -
@dependabot reopenwill reopen this PR if it is closed -
@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -
@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)