Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump cryptography from 2.9.2 to 3.0 #1847

Merged
merged 1 commit into from Jul 21, 2020
Merged

Bump cryptography from 2.9.2 to 3.0 #1847

merged 1 commit into from Jul 21, 2020

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jul 21, 2020

Bumps cryptography from 2.9.2 to 3.0.

Changelog

Sourced from cryptography's changelog.

3.0 - 2020-07-20


* **BACKWARDS INCOMPATIBLE:** Removed support for passing an
  :class:`~cryptography.x509.Extension` instance to
  :meth:`~cryptography.x509.AuthorityKeyIdentifier.from_issuer_subject_key_identifier`,
  as per our deprecation policy.
* **BACKWARDS INCOMPATIBLE:** Support for LibreSSL 2.7.x, 2.8.x, and 2.9.0 has
  been removed (2.9.1+ is still supported).
* **BACKWARDS INCOMPATIBLE:** Dropped support for macOS 10.9, macOS users must
  upgrade to 10.10 or newer.
* **BACKWARDS INCOMPATIBLE:** RSA
  :meth:`~cryptography.hazmat.primitives.asymmetric.rsa.generate_private_key`
  no longer accepts ``public_exponent`` values except 65537 and 3 (the latter
  for legacy purposes).
* **BACKWARDS INCOMPATIBLE:** X.509 certificate parsing now enforces that the
  ``version`` field contains a valid value, rather than deferring this check
  until :attr:`~cryptography.x509.Certificate.version` is accessed.
* Deprecated support for Python 2. At the time there is no time table for
  actually dropping support, however we strongly encourage all users to upgrade
  their Python, as Python 2 no longer receives support from the Python core
  team.
* Added support for ``OpenSSH`` serialization format for
  ``ec``, ``ed25519``, ``rsa`` and ``dsa`` private keys:
  :func:`~cryptography.hazmat.primitives.serialization.load_ssh_private_key`
  for loading and
  :attr:`~cryptography.hazmat.primitives.serialization.PrivateFormat.OpenSSH`
  for writing.
* Added support for ``OpenSSH`` certificates to
  :func:`~cryptography.hazmat.primitives.serialization.load_ssh_public_key`.
* Added :meth:`~cryptography.fernet.Fernet.encrypt_at_time` and
  :meth:`~cryptography.fernet.Fernet.decrypt_at_time` to
  :class:`~cryptography.fernet.Fernet`.
* Added support for the :class:`~cryptography.x509.SubjectInformationAccess`
  X.509 extension.
* Added support for parsing
  :class:`~cryptography.x509.SignedCertificateTimestamps` in OCSP responses.
* Added support for parsing attributes in certificate signing requests via
  :meth:`~cryptography.x509.CertificateSigningRequest.get_attribute_for_oid`.
* Added support for encoding attributes in certificate signing requests via
  :meth:`~cryptography.x509.CertificateSigningRequestBuilder.add_attribute`.
* On OpenSSL 1.1.1d and higher ``cryptography`` now uses OpenSSL's
  built-in CSPRNG instead of its own OS random engine because these versions of
  OpenSSL properly reseed on fork.
* Added initial support for creating PKCS12 files with
  :func:`~cryptography.hazmat.primitives.serialization.pkcs12.serialize_key_and_certificates`.

.. _v2-9-2:

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump cryptography from 2.9.2 to 3.0
3ba433d 
Bumps [cryptography](https://github.com/pyca/cryptography) from 2.9.2 to 3.0.
- [Release notes](https://github.com/pyca/cryptography/releases)
- [Changelog](https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst)
- [Commits](pyca/cryptography@2.9.2...3.0)

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Updates of external dependencies python Pull requests that update Python code labels Jul 21, 2020
@homeassistant
Copy link

Hi @dependabot[bot],

It seems you haven't yet signed a CLA. Please do so here.

Once you do that we will be able to review and accept this pull request.

Thanks!

@pvizeli pvizeli merged commit ced6d70 into dev Jul 21, 2020
@delete-merged-branch delete-merged-branch bot deleted the dependabot/pip/cryptography-3.0 branch July 21, 2020 09:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
cla-needed dependencies Updates of external dependencies python Pull requests that update Python code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@homeassistant @pvizeli