Skip to content

Bump cryptography from 45.0.5 to 48.0.1#93

Open
thusser wants to merge 1 commit into
developfrom
dependabot/uv/cryptography-48.0.1-develop
Open

Bump cryptography from 45.0.5 to 48.0.1#93
thusser wants to merge 1 commit into
developfrom
dependabot/uv/cryptography-48.0.1-develop

Conversation

@thusser

@thusser thusser commented Jul 8, 2026

Copy link
Copy Markdown
Member

Recreated version of #86 targeting develop instead of the stale main branch (see dependabot alert #112 — vulnerable OpenSSL bundled in cryptography wheels). Also updates cffi 1.17.1 -> 2.1.0 as a required transitive dependency.

Recreated against develop (see #86, opened against the stale main
branch). Fixes the "Vulnerable OpenSSL included in cryptography
wheels" advisory (GHSA alert #112). Also updates cffi 1.17.1 -> 2.1.0
as a required transitive dependency.
@thusser thusser added the dependencies Pull requests that update a dependency file label Jul 8, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant