fix: pin cryptography>=46.0.7

[ompushkara]

Summary

Checklist

• All commits are signed-off, using DCO
• All new code has docstrings and type annotations
• All new code is covered by tests. Aim for at least 90% coverage. CI is configured to highlight lines not covered by tests.
• Public facing changes are paired with documentation changes
• Release note has been added to CHANGELOG.md if needed

[qodo-for-securesign]

Review Summary by Qodo

Pin cryptography dependency to minimum version 46.0.7

🐞 Bug fix

Walkthroughs

Description

• Pin cryptography dependency to version 46.0.7 or higher
• Resolves compatibility or security issue with older cryptography versions

Diagram

flowchart LR
  A["pyproject.toml"] -- "update cryptography constraint" --> B["cryptography>=46.0.7"]

Loading

File Changes

1. pyproject.toml Dependencies +1/-1

Pin cryptography to minimum version 46.0.7

• Updated cryptography dependency from unpinned to minimum version 46.0.7
• Ensures compatibility with required cryptography features or security patches

pyproject.toml

---

[qodo-for-securesign]

Code Review by Qodo

🐞 Bugs (2) 📘 Rule violations (0)

1. Outdated demo dependency output 🐞 Bug ⚙ Maintainability

Description

docs/demo.ipynb contains captured pip output showing cryptography (43.0.3) even though the
project now requires cryptography>=46.0.7, making the demo inconsistent with current install
requirements. Users following the notebook will see different dependency results than what the repo
documents.

Code

pyproject.toml[40]

+  "cryptography>=46.0.7",

Evidence

The project dependency now enforces cryptography>=46.0.7, while the demo notebook’s captured
install output still shows cryptography (43.0.3), which is below that minimum and therefore
inconsistent with the repo’s declared requirements.

pyproject.toml[36-47]
docs/demo.ipynb[109-128]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

### Issue description
The demo notebook includes static, captured `pip install` output that now shows a `cryptography` version below the project’s new minimum (`>=46.0.7`), creating documentation drift.

### Issue Context
The dependency change is in `pyproject.toml`, but the notebook embeds old install output.

### Fix Focus Areas
- docs/demo.ipynb[109-129]
- pyproject.toml[36-41]

### Suggested fix
Re-run the notebook cell(s) that install dependencies and commit updated outputs, or clear/remove the version-specific `pip` output block to avoid future drift.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

2. Changelog missing dependency note 🐞 Bug ⚙ Maintainability

Description

The PR changes the minimum supported cryptography version but CHANGELOG.md’s [Unreleased]
section doesn’t mention it, despite the repo PR template calling out adding release notes when
needed. This reduces the audit trail for install/compatibility-affecting dependency changes.

Code

pyproject.toml[40]

+  "cryptography>=46.0.7",

Evidence

The dependency requirement was updated in pyproject.toml, but the changelog’s Unreleased section
currently has no entries, and the repo’s PR template indicates release notes should be added to
CHANGELOG.md when needed.

pyproject.toml[36-47]
CHANGELOG.md[8-14]
.github/pull_request_template.md[16-23]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

### Issue description
The minimum supported `cryptography` version was changed, but the changelog has no entry documenting this install/compatibility-affecting update.

### Issue Context
The repo’s PR template explicitly calls out adding release notes in `CHANGELOG.md` when needed.

### Fix Focus Areas
- CHANGELOG.md[8-14]
- .github/pull_request_template.md[16-23]
- pyproject.toml[36-41]

### Suggested fix
Add a bullet under `## [Unreleased]` (e.g., under `### Changed` or `### Fixed`) noting that the `cryptography` minimum was raised to `>=46.0.7`.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 79.70%. Comparing base (410bdfe) to head (d06ab12).

Additional details and impacted files

@@           Coverage Diff           @@
##             main      #69   +/-   ##
=======================================
  Coverage   79.70%   79.70%           
=======================================
  Files          21       21           
  Lines        1922     1922           
=======================================
  Hits         1532     1532           
  Misses        390      390           

Flag	Coverage Δ
unit	79.70% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.