Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
chore(deps): update dependency cryptography to v38.0.3 [security] (#26)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [cryptography](https://github.com/pyca/cryptography) ([changelog](https://cryptography.io/en/latest/changelog/)) | patch | `==38.0.1` -> `==38.0.3` | ### GitHub Vulnerability Alerts #### [GHSA-39hc-v87j-747x](https://github.com/pyca/cryptography/security/advisories/GHSA-39hc-v87j-747x) pyca/cryptography's wheels include a statically linked copy of OpenSSL. The versions of OpenSSL included in cryptography 37.0.0-38.0.3 are vulnerable to a number of security issues. More details about the vulnerabilities themselves can be found in https://www.openssl.org/news/secadv/20221101.txt. If you are building cryptography source ("sdist") then you are responsible for upgrading your copy of OpenSSL. Only users installing from wheels built by the cryptography project (i.e., those distributed on PyPI) need to update their cryptography versions. --- ### Release Notes <details> <summary>pyca/cryptography</summary> ### [`v38.0.3`](https://github.com/pyca/cryptography/compare/38.0.2...38.0.3) [Compare Source](https://github.com/pyca/cryptography/compare/38.0.2...38.0.3) ### [`v38.0.2`](https://github.com/pyca/cryptography/compare/38.0.1...38.0.2) [Compare Source](https://github.com/pyca/cryptography/compare/38.0.1...38.0.2) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "" in timezone Asia/Jerusalem, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, click this checkbox. <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzMi4yMzguMSIsInVwZGF0ZWRJblZlciI6IjMyLjIzOC4xIn0=--> Co-authored-by: descope[bot] <descope[bot]@users.noreply.github.com> Co-authored-by: Omer Cohen <omer@descope.com>
- Loading branch information