Skip to content

🔖 From dev → Bump version: v1.1.15-dev into test#97

Merged
JuanVilla424 merged 20 commits into
testfrom
dev
Mar 3, 2026
Merged

🔖 From dev → Bump version: v1.1.15-dev into test#97
JuanVilla424 merged 20 commits into
testfrom
dev

Conversation

@github-actions

@github-actions github-actions Bot commented Mar 3, 2026

Copy link
Copy Markdown
Contributor

Automatically created pull request for release v1.1.15-dev into test branch.

dependabot Bot and others added 20 commits June 2, 2025 20:05
Updates the requirements on [setuptools](https://github.com/pypa/setuptools) to permit the latest version.
- [Release notes](https://github.com/pypa/setuptools/releases)
- [Changelog](https://github.com/pypa/setuptools/blob/main/NEWS.rst)
- [Commits](pypa/setuptools@v78.1.0...v80.9.0)

---
updated-dependencies:
- dependency-name: setuptools
  dependency-version: 80.9.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Updates the requirements on [requests](https://github.com/psf/requests) to permit the latest version.
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](psf/requests@v2.32.3...v2.32.4)

---
updated-dependencies:
- dependency-name: requests
  dependency-version: 2.32.4
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Updates the requirements on [cryptography](https://github.com/pyca/cryptography) to permit the latest version.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](pyca/cryptography@44.0.0...45.0.4)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-version: 45.0.4
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Updates the requirements on
[setuptools](https://github.com/pypa/setuptools) to permit the latest
version.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/setuptools/blob/main/NEWS.rst">setuptools's
changelog</a>.</em></p>
<blockquote>
<h1>v80.9.0</h1>
<h2>Features</h2>
<ul>
<li>Set a deadline for the removal of pkg_resources later this year
(December). (<a
href="https://redirect.github.com/pypa/setuptools/issues/3085">#3085</a>)</li>
<li>Removed reliance on pkg_resources in test_wheel. (<a
href="https://redirect.github.com/pypa/setuptools/issues/3085">#3085</a>)</li>
</ul>
<h1>v80.8.0</h1>
<h2>Features</h2>
<ul>
<li>Replaced more references to pkg_resources with importlib equivalents
in wheel odule. (<a
href="https://redirect.github.com/pypa/setuptools/issues/3085">#3085</a>)</li>
<li>Restore explicit LICENSE file. (<a
href="https://redirect.github.com/pypa/setuptools/issues/5001">#5001</a>)</li>
<li>Removed no longer used build dependency on
<code>coherent.licensed</code>. (<a
href="https://redirect.github.com/pypa/setuptools/issues/5003">#5003</a>)</li>
</ul>
<h1>v80.7.1</h1>
<h2>Bugfixes</h2>
<ul>
<li>Only attempt to fetch eggs for unsatisfied requirements. (<a
href="https://redirect.github.com/pypa/setuptools/issues/4998">#4998</a>)</li>
<li>In installer, when discovering egg dists, let metadata discovery
search each egg. (<a
href="https://redirect.github.com/pypa/setuptools/issues/4998">#4998</a>)</li>
</ul>
<h1>v80.7.0</h1>
<h2>Features</h2>
<ul>
<li>Removed usage of pkg_resources from installer. Set an official
deadline on the installer deprecation to 2025-10-31. (<a
href="https://redirect.github.com/pypa/setuptools/issues/4997">#4997</a>)</li>
</ul>
<h2>Misc</h2>
<ul>
<li><a
href="https://redirect.github.com/pypa/setuptools/issues/4996">#4996</a></li>
</ul>
<h1>v80.6.0</h1>
<p>Features</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/setuptools/commit/9c4d383631d3951fcae0afd73b5d08ff5a262976"><code>9c4d383</code></a>
Bump version: 80.8.0 → 80.9.0</li>
<li><a
href="https://github.com/pypa/setuptools/commit/05cb3c84f1422f3b26ccfb00f4c43886dc55b9bc"><code>05cb3c8</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/setuptools/issues/5014">#5014</a>
from pypa/debt/pkg_resources-deadline</li>
<li><a
href="https://github.com/pypa/setuptools/commit/3b0bf5bd43034c448a10e7102788fe710b4bb496"><code>3b0bf5b</code></a>
Adjust ignore</li>
<li><a
href="https://github.com/pypa/setuptools/commit/9c28cdffd423f83e43dbfd39fc793c251da48585"><code>9c28cdf</code></a>
Set a deadline for the removal of pkg_resources later this year
(December).</li>
<li><a
href="https://github.com/pypa/setuptools/commit/a3bfef95193bf0ff78ef6e0fb8c63a3728f443b0"><code>a3bfef9</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/setuptools/issues/5013">#5013</a>
from DimitriPapadopoulos/ISC</li>
<li><a
href="https://github.com/pypa/setuptools/commit/64bf9d0ce88a09748f702bd7736d9ec2879aa6ef"><code>64bf9d0</code></a>
Enforce ruff/flake8-implicit-str-concat rules (ISC)</li>
<li><a
href="https://github.com/pypa/setuptools/commit/3250c25197b299658cfd4d0db67770fc29b47277"><code>3250c25</code></a>
Fix broken link in docs (<a
href="https://redirect.github.com/pypa/setuptools/issues/4947">#4947</a>)</li>
<li><a
href="https://github.com/pypa/setuptools/commit/5ccf50e01ab0d303f524c065f2cb51042b34bc55"><code>5ccf50e</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/setuptools/issues/5006">#5006</a>
from pypa/feature/remove-more-pkg_resources</li>
<li><a
href="https://github.com/pypa/setuptools/commit/134e587c0ba0b59e1661f08a45e6d6d1ecd24329"><code>134e587</code></a>
Suppress nitpicky typecheck in pyright.</li>
<li><a
href="https://github.com/pypa/setuptools/commit/0bf2663a19f2d947697997d125c3c880df2011b7"><code>0bf2663</code></a>
Add news fragment.</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/setuptools/compare/v78.1.0...v80.9.0">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>
Updates the requirements on [requests](https://github.com/psf/requests)
to permit the latest version.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/psf/requests/releases">requests's
releases</a>.</em></p>
<blockquote>
<h2>v2.32.4</h2>
<h2>2.32.4 (2025-06-10)</h2>
<p><strong>Security</strong></p>
<ul>
<li>CVE-2024-47081 Fixed an issue where a maliciously crafted URL and
trusted
environment will retrieve credentials for the wrong hostname/machine
from a
netrc file. (<a
href="https://redirect.github.com/psf/requests/issues/6965">#6965</a>)</li>
</ul>
<p><strong>Improvements</strong></p>
<ul>
<li>Numerous documentation improvements</li>
</ul>
<p><strong>Deprecations</strong></p>
<ul>
<li>Added support for pypy 3.11 for Linux and macOS. (<a
href="https://redirect.github.com/psf/requests/issues/6926">#6926</a>)</li>
<li>Dropped support for pypy 3.9 following its end of support. (<a
href="https://redirect.github.com/psf/requests/issues/6926">#6926</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/psf/requests/blob/main/HISTORY.md">requests's
changelog</a>.</em></p>
<blockquote>
<h2>2.32.4 (2025-06-10)</h2>
<p><strong>Security</strong></p>
<ul>
<li>CVE-2024-47081 Fixed an issue where a maliciously crafted URL and
trusted
environment will retrieve credentials for the wrong hostname/machine
from a
netrc file.</li>
</ul>
<p><strong>Improvements</strong></p>
<ul>
<li>Numerous documentation improvements</li>
</ul>
<p><strong>Deprecations</strong></p>
<ul>
<li>Added support for pypy 3.11 for Linux and macOS.</li>
<li>Dropped support for pypy 3.9 following its end of support.</li>
</ul>
<h2>2.32.3 (2024-05-29)</h2>
<p><strong>Bugfixes</strong></p>
<ul>
<li>Fixed bug breaking the ability to specify custom SSLContexts in
sub-classes of
HTTPAdapter. (<a
href="https://redirect.github.com/psf/requests/issues/6716">#6716</a>)</li>
<li>Fixed issue where Requests started failing to run on Python versions
compiled
without the <code>ssl</code> module. (<a
href="https://redirect.github.com/psf/requests/issues/6724">#6724</a>)</li>
</ul>
<h2>2.32.2 (2024-05-21)</h2>
<p><strong>Deprecations</strong></p>
<ul>
<li>
<p>To provide a more stable migration for custom HTTPAdapters impacted
by the CVE changes in 2.32.0, we've renamed <code>_get_connection</code>
to
a new public API, <code>get_connection_with_tls_context</code>. Existing
custom
HTTPAdapters will need to migrate their code to use this new API.
<code>get_connection</code> is considered deprecated in all versions of
Requests&gt;=2.32.0.</p>
<p>A minimal (2-line) example has been provided in the linked PR to ease
migration, but we strongly urge users to evaluate if their custom
adapter
is subject to the same issue described in CVE-2024-35195. (<a
href="https://redirect.github.com/psf/requests/issues/6710">#6710</a>)</p>
</li>
</ul>
<h2>2.32.1 (2024-05-20)</h2>
<p><strong>Bugfixes</strong></p>
<ul>
<li>Add missing test certs to the sdist distributed on PyPI.</li>
</ul>
<h2>2.32.0 (2024-05-20)</h2>
<p><strong>Security</strong></p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd"><code>021dc72</code></a>
Polish up release tooling for last manual release</li>
<li><a
href="https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396"><code>821770e</code></a>
Bump version and add release notes for v2.32.4</li>
<li><a
href="https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401"><code>59f8aa2</code></a>
Add netrc file search information to authentication documentation (<a
href="https://redirect.github.com/psf/requests/issues/6876">#6876</a>)</li>
<li><a
href="https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b"><code>5b4b64c</code></a>
Add more tests to prevent regression of CVE 2024 47081</li>
<li><a
href="https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae"><code>7bc4587</code></a>
Add new test to check netrc auth leak (<a
href="https://redirect.github.com/psf/requests/issues/6962">#6962</a>)</li>
<li><a
href="https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef"><code>96ba401</code></a>
Only use hostname to do netrc lookup instead of netloc</li>
<li><a
href="https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2"><code>7341690</code></a>
Merge pull request <a
href="https://redirect.github.com/psf/requests/issues/6951">#6951</a>
from tswast/patch-1</li>
<li><a
href="https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0"><code>6716d7c</code></a>
remove links</li>
<li><a
href="https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae"><code>a7e1c74</code></a>
Update docs/conf.py</li>
<li><a
href="https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f"><code>c799b81</code></a>
docs: fix dead links to kenreitz.org</li>
<li>Additional commits viewable in <a
href="https://github.com/psf/requests/compare/v2.32.3...v2.32.4">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>
…78)

Updates the requirements on
[cryptography](https://github.com/pyca/cryptography) to permit the
latest version.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst">cryptography's
changelog</a>.</em></p>
<blockquote>
<p>45.0.4 - 2025-06-09</p>
<pre><code>
* Fixed decrypting PKCS#8 files encrypted with SHA1-RC4. (This is not
  considered secure, and is supported only for backwards compatibility.)
<p>.. _v45-0-3:</p>
<p>45.0.3 - 2025-05-25<br />
</code></pre></p>
<ul>
<li>Fixed decrypting PKCS#8 files encrypted with long salts (this
impacts keys
encrypted by Bouncy Castle).</li>
<li>Fixed decrypting PKCS#8 files encrypted with DES-CBC-MD5. While
wildly
insecure, this remains prevalent.</li>
</ul>
<p>.. _v45-0-2:</p>
<p>45.0.2 - 2025-05-17</p>
<pre><code>
* Fixed using ``mypy`` with ``cryptography`` on older versions of
Python.
<p>.. _v45-0-1:</p>
<p>45.0.1 - 2025-05-17<br />
</code></pre></p>
<ul>
<li>Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL
3.5.0.</li>
</ul>
<p>.. _v45-0-0:</p>
<p>45.0.0 - 2025-05-17 (YANKED)</p>
<pre><code>
* Support for Python 3.7 is deprecated and will be removed in the next
  ``cryptography`` release.
* Updated the minimum supported Rust version (MSRV) to 1.74.0, from
1.65.0.
* Added support for serialization of PKCS#12 Java truststores in

:func:`~cryptography.hazmat.primitives.serialization.pkcs12.serialize_java_truststore`
* Added
:meth:`~cryptography.hazmat.primitives.kdf.argon2.Argon2id.derive_phc_encoded`
and

:meth:`~cryptography.hazmat.primitives.kdf.argon2.Argon2id.verify_phc_encoded`
methods
  to support password hashing in the PHC string format
* Added support for PKCS7 decryption and encryption using AES-256 as the
  content algorithm, in addition to AES-128.
* **BACKWARDS INCOMPATIBLE:** Made SSH private key loading more
consistent with
  other private key loading:

:func:`~cryptography.hazmat.primitives.serialization.load_ssh_private_key`
  now raises a ``TypeError`` if the key is unencrypted but a password is
provided (previously no exception was raised), and raises a
``TypeError`` if
&lt;/tr&gt;&lt;/table&gt; 
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pyca/cryptography/commit/678c0c59f743e3b301fbd34f1d26112db0cc2216"><code>678c0c5</code></a>
prepare for 45.0.4 release (<a
href="https://redirect.github.com/pyca/cryptography/issues/13058">#13058</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/50384959872c84933b6059c3b697139c8fcdcdea"><code>5038495</code></a>
backports for 45.0.3 release (<a
href="https://redirect.github.com/pyca/cryptography/issues/12979">#12979</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/f81c07535ddf2d26cb1a27e70a9967ab708b8056"><code>f81c075</code></a>
Backport mypy fixes for release (<a
href="https://redirect.github.com/pyca/cryptography/issues/12930">#12930</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/8ea28e0bc724e57433f4f062795d91c0a367e9ad"><code>8ea28e0</code></a>
bump for 45.0.1 (<a
href="https://redirect.github.com/pyca/cryptography/issues/12922">#12922</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/67840977c95a23d0dcfba154e303014026df0d3e"><code>6784097</code></a>
bump for 45 release (<a
href="https://redirect.github.com/pyca/cryptography/issues/12886">#12886</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/2d9c1c9cbe650f2888c14476a4b30ef85d3fd2bc"><code>2d9c1c9</code></a>
bump MSRV to 1.74 (<a
href="https://redirect.github.com/pyca/cryptography/issues/12919">#12919</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/6c18874cc2e76f173b77c67609cfb4d3495964c3"><code>6c18874</code></a>
Bump BoringSSL, OpenSSL, AWS-LC in CI (<a
href="https://redirect.github.com/pyca/cryptography/issues/12918">#12918</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/43fd312aea73e4ad79a54c78848e73bf5a640336"><code>43fd312</code></a>
add test vectors for upcoming explicit curve loading (<a
href="https://redirect.github.com/pyca/cryptography/issues/12913">#12913</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/6bfa0a31256a631a0543e3b0cee5a101f1ac3d3f"><code>6bfa0a3</code></a>
chore(deps): bump asn1 from 0.21.2 to 0.21.3 (<a
href="https://redirect.github.com/pyca/cryptography/issues/12914">#12914</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/a88dd6635c19ef282e0a6469a9604fef096cc843"><code>a88dd66</code></a>
chore(deps): bump cc from 1.2.22 to 1.2.23 (<a
href="https://redirect.github.com/pyca/cryptography/issues/12912">#12912</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/pyca/cryptography/compare/44.0.0...45.0.4">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>
Updates the requirements on [certifi](https://github.com/certifi/python-certifi) to permit the latest version.
- [Commits](certifi/python-certifi@2025.01.31...2026.01.04)

---
updated-dependencies:
- dependency-name: certifi
  dependency-version: 2026.1.4
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Updates the requirements on [black](https://github.com/psf/black) to permit the latest version.
- [Release notes](https://github.com/psf/black/releases)
- [Changelog](https://github.com/psf/black/blob/main/CHANGES.md)
- [Commits](psf/black@25.1.0...26.1.0)

---
updated-dependencies:
- dependency-name: black
  dependency-version: 26.1.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Updates the requirements on [setuptools](https://github.com/pypa/setuptools) to permit the latest version.
- [Release notes](https://github.com/pypa/setuptools/releases)
- [Changelog](https://github.com/pypa/setuptools/blob/main/NEWS.rst)
- [Commits](pypa/setuptools@v80.9.0...v82.0.0)

---
updated-dependencies:
- dependency-name: setuptools
  dependency-version: 82.0.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Updates the requirements on [cryptography](https://github.com/pyca/cryptography) to permit the latest version.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](pyca/cryptography@45.0.4...46.0.5)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-version: 46.0.5
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Updates the requirements on [pylint](https://github.com/pylint-dev/pylint) to permit the latest version.
- [Release notes](https://github.com/pylint-dev/pylint/releases)
- [Commits](pylint-dev/pylint@v3.3.1...v4.0.5)

---
updated-dependencies:
- dependency-name: pylint
  dependency-version: 4.0.5
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
…91)

Updates the requirements on
[certifi](https://github.com/certifi/python-certifi) to permit the
latest version.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/certifi/python-certifi/commit/c64d9f3a8496c0195548697f2080e716af66dd6a"><code>c64d9f3</code></a>
2026.01.04 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/389">#389</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/4ac232f05a547071543d2fb069aa3c62b1dc79f3"><code>4ac232f</code></a>
Bump actions/download-artifact from 6.0.0 to 7.0.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/387">#387</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/95ae4b20e8abb7fa708e751e346466d16b36211a"><code>95ae4b2</code></a>
Update CI workflow to use Ubuntu 24.04 and Python 3.14 stable (<a
href="https://redirect.github.com/certifi/python-certifi/issues/386">#386</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/b72a7b1a40ae20755338d3132d8f880427b3b6fc"><code>b72a7b1</code></a>
Bump dessant/lock-threads from 5.0.1 to 6.0.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/385">#385</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/ecc267216fbdcecb1b2aa2aa175152b773cc5ced"><code>ecc2672</code></a>
Bump actions/upload-artifact from 5.0.0 to 6.0.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/384">#384</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/6a897dbc1124b17f179ef225742fcda481ec96f3"><code>6a897db</code></a>
Bump peter-evans/create-pull-request from 7.0.11 to 8.0.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/383">#383</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/27ca98ad845ee6d130a88301622c137893f71620"><code>27ca98a</code></a>
Bump peter-evans/create-pull-request from 7.0.9 to 7.0.11 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/381">#381</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/56c59a63909cfd3162b37e7bc16956e64df0f737"><code>56c59a6</code></a>
Bump actions/checkout from 6.0.0 to 6.0.1 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/382">#382</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/ae0021cd43a77bfba67d20a041469cdf6996570e"><code>ae0021c</code></a>
Bump actions/setup-python from 6.0.0 to 6.1.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/380">#380</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/ddf5d0b5d2a3d55fd92a79f141dbb5e074caf924"><code>ddf5d0b</code></a>
Bump actions/checkout from 5.0.1 to 6.0.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/378">#378</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/certifi/python-certifi/compare/2025.01.31...2026.01.04">compare
view</a></li>
</ul>
</details>
<br />


You can trigger a rebase of this PR by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.
Updates the requirements on [black](https://github.com/psf/black) to
permit the latest version.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/psf/black/releases">black's
releases</a>.</em></p>
<blockquote>
<h2>26.1.0</h2>
<h3>Highlights</h3>
<p>Introduces the 2026 stable style (<a
href="https://redirect.github.com/psf/black/issues/4892">#4892</a>),
stabilizing the following changes:</p>
<ul>
<li><code>always_one_newline_after_import</code>: Always force one blank
line after import
statements, except when the line after the import is a comment or an
import statement
(<a
href="https://redirect.github.com/psf/black/issues/4489">#4489</a>)</li>
<li><code>fix_fmt_skip_in_one_liners</code>: Fix <code># fmt:
skip</code> behavior on one-liner declarations,
such as <code>def foo(): return &quot;mock&quot; # fmt: skip</code>,
where previously the declaration would
have been incorrectly collapsed (<a
href="https://redirect.github.com/psf/black/issues/4800">#4800</a>)</li>
<li><code>fix_module_docstring_detection</code>: Fix module docstrings
being treated as normal
strings if preceded by comments (<a
href="https://redirect.github.com/psf/black/issues/4764">#4764</a>)</li>
<li><code>fix_type_expansion_split</code>: Fix type expansions split in
generic functions (<a
href="https://redirect.github.com/psf/black/issues/4777">#4777</a>)</li>
<li><code>multiline_string_handling</code>: Make expressions involving
multiline strings more compact
(<a
href="https://redirect.github.com/psf/black/issues/1879">#1879</a>)</li>
<li><code>normalize_cr_newlines</code>: Add <code>\r</code> style
newlines to the potential newlines to
normalize file newlines both from and to (<a
href="https://redirect.github.com/psf/black/issues/4710">#4710</a>)</li>
<li><code>remove_parens_around_except_types</code>: Remove parentheses
around multiple exception
types in <code>except</code> and <code>except*</code> without
<code>as</code> (<a
href="https://redirect.github.com/psf/black/issues/4720">#4720</a>)</li>
<li><code>remove_parens_from_assignment_lhs</code>: Remove unnecessary
parentheses from the left-hand
side of assignments while preserving magic trailing commas and
intentional multiline
formatting (<a
href="https://redirect.github.com/psf/black/issues/4865">#4865</a>)</li>
<li><code>standardize_type_comments</code>: Format type comments which
have zero or more spaces
between <code>#</code> and <code>type:</code> or between
<code>type:</code> and value to <code># type: (value)</code> (<a
href="https://redirect.github.com/psf/black/issues/4645">#4645</a>)</li>
</ul>
<p>The following change was not in any previous stable release:</p>
<ul>
<li>Regenerated the <code>_width_table.py</code> and added tests for the
Khmer language (<a
href="https://redirect.github.com/psf/black/issues/4253">#4253</a>)</li>
</ul>
<p>This release alo bumps <code>pathspec</code> to v1 and fixes
inconsistencies with Git's
<code>.gitignore</code> logic (<a
href="https://redirect.github.com/psf/black/issues/4958">#4958</a>).
Now, files will be ignored if a pattern matches them, even
if the parent directory is directly unignored. For example, Black would
previously
format <code>exclude/not_this/foo.py</code> with this
<code>.gitignore</code>:</p>
<pre><code>exclude/
!exclude/not_this/
</code></pre>
<p>Now, <code>exclude/not_this/foo.py</code> will remain ignored. To
ensure <code>exclude/not_this/</code> and
all of it's children are included in formatting (and in Git), use this
<code>.gitignore</code>:</p>
<pre><code>*/exclude/*
!*/exclude/not_this/
</code></pre>
<p>This new behavior matches Git. The leading <code>*/</code> are only
necessary if you wish to ignore
matching subdirectories (like the previous behavior did), and not just
matching root</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/psf/black/blob/main/CHANGES.md">black's
changelog</a>.</em></p>
<blockquote>
<h2>26.1.0</h2>
<h3>Highlights</h3>
<p>Introduces the 2026 stable style (<a
href="https://redirect.github.com/psf/black/issues/4892">#4892</a>),
stabilizing the following changes:</p>
<ul>
<li><code>always_one_newline_after_import</code>: Always force one blank
line after import
statements, except when the line after the import is a comment or an
import statement
(<a
href="https://redirect.github.com/psf/black/issues/4489">#4489</a>)</li>
<li><code>fix_fmt_skip_in_one_liners</code>: Fix <code># fmt:
skip</code> behavior on one-liner declarations,
such as <code>def foo(): return &quot;mock&quot; # fmt: skip</code>,
where previously the declaration would
have been incorrectly collapsed (<a
href="https://redirect.github.com/psf/black/issues/4800">#4800</a>)</li>
<li><code>fix_module_docstring_detection</code>: Fix module docstrings
being treated as normal
strings if preceded by comments (<a
href="https://redirect.github.com/psf/black/issues/4764">#4764</a>)</li>
<li><code>fix_type_expansion_split</code>: Fix type expansions split in
generic functions (<a
href="https://redirect.github.com/psf/black/issues/4777">#4777</a>)</li>
<li><code>multiline_string_handling</code>: Make expressions involving
multiline strings more compact
(<a
href="https://redirect.github.com/psf/black/issues/1879">#1879</a>)</li>
<li><code>normalize_cr_newlines</code>: Add <code>\r</code> style
newlines to the potential newlines to
normalize file newlines both from and to (<a
href="https://redirect.github.com/psf/black/issues/4710">#4710</a>)</li>
<li><code>remove_parens_around_except_types</code>: Remove parentheses
around multiple exception
types in <code>except</code> and <code>except*</code> without
<code>as</code> (<a
href="https://redirect.github.com/psf/black/issues/4720">#4720</a>)</li>
<li><code>remove_parens_from_assignment_lhs</code>: Remove unnecessary
parentheses from the left-hand
side of assignments while preserving magic trailing commas and
intentional multiline
formatting (<a
href="https://redirect.github.com/psf/black/issues/4865">#4865</a>)</li>
<li><code>standardize_type_comments</code>: Format type comments which
have zero or more spaces
between <code>#</code> and <code>type:</code> or between
<code>type:</code> and value to <code># type: (value)</code> (<a
href="https://redirect.github.com/psf/black/issues/4645">#4645</a>)</li>
</ul>
<p>The following change was not in any previous stable release:</p>
<ul>
<li>Regenerated the <code>_width_table.py</code> and added tests for the
Khmer language (<a
href="https://redirect.github.com/psf/black/issues/4253">#4253</a>)</li>
</ul>
<p>This release alo bumps <code>pathspec</code> to v1 and fixes
inconsistencies with Git's
<code>.gitignore</code> logic (<a
href="https://redirect.github.com/psf/black/issues/4958">#4958</a>).
Now, files will be ignored if a pattern matches them, even
if the parent directory is directly unignored. For example, Black would
previously
format <code>exclude/not_this/foo.py</code> with this
<code>.gitignore</code>:</p>
<pre><code>exclude/
!exclude/not_this/
</code></pre>
<p>Now, <code>exclude/not_this/foo.py</code> will remain ignored. To
ensure <code>exclude/not_this/</code> and
all of it's children are included in formatting (and in Git), use this
<code>.gitignore</code>:</p>
<pre><code>*/exclude/*
!*/exclude/not_this/
</code></pre>
<p>This new behavior matches Git. The leading <code>*/</code> are only
necessary if you wish to ignore</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/psf/black/commit/6305bf1ae645ab7541be4f5028a86239316178eb"><code>6305bf1</code></a>
Prepare 2026.1.0 release (<a
href="https://redirect.github.com/psf/black/issues/4892">#4892</a>)</li>
<li><a
href="https://github.com/psf/black/commit/e71305bee302f7f9016b228361e5ae69669dca7b"><code>e71305b</code></a>
Bump pypa/cibuildwheel from 3.3.0 to 3.3.1 (<a
href="https://redirect.github.com/psf/black/issues/4961">#4961</a>)</li>
<li><a
href="https://github.com/psf/black/commit/21a2a8c2b1d0c8d47bc00cc59591470f6a9e2307"><code>21a2a8c</code></a>
Fix Shutdown multiprocessing Manager in schedule_formatting (<a
href="https://redirect.github.com/psf/black/issues/4952">#4952</a>)</li>
<li><a
href="https://github.com/psf/black/commit/e3146cea4245fcee29d007cb45d9faaf63271586"><code>e3146ce</code></a>
Bump docker/setup-buildx-action from 3.11.1 to 3.12.0 (<a
href="https://redirect.github.com/psf/black/issues/4919">#4919</a>)</li>
<li><a
href="https://github.com/psf/black/commit/fe1fbc4fdfa03fa1d460f975b8aca77e4b4f1a4a"><code>fe1fbc4</code></a>
Bump actions/upload-artifact from 5.0.0 to 6.0.0 (<a
href="https://redirect.github.com/psf/black/issues/4923">#4923</a>)</li>
<li><a
href="https://github.com/psf/black/commit/2b4b7fcfe00bb0d99322e07e87fc2f0992f7a4d8"><code>2b4b7fc</code></a>
Bump actions/download-artifact from 6.0.0 to 7.0.0 (<a
href="https://redirect.github.com/psf/black/issues/4922">#4922</a>)</li>
<li><a
href="https://github.com/psf/black/commit/d745be69bfa9d85ec2ef6e5f9b7ec7e253b5e8ab"><code>d745be6</code></a>
docs: document --force-exclude for pre-commit workflows (<a
href="https://redirect.github.com/psf/black/issues/4957">#4957</a>)</li>
<li><a
href="https://github.com/psf/black/commit/b41acd6ebbe76e18b49286166924f73f01c3fd02"><code>b41acd6</code></a>
Various CI and doc refactors (<a
href="https://redirect.github.com/psf/black/issues/4928">#4928</a>)</li>
<li><a
href="https://github.com/psf/black/commit/6f43612766da4a2f275b575af0802c3e73b6ed83"><code>6f43612</code></a>
Handle pathspec v1 changes (<a
href="https://redirect.github.com/psf/black/issues/4958">#4958</a>)</li>
<li><a
href="https://github.com/psf/black/commit/200c550aff44372f801a6d826a361cb26f45a504"><code>200c550</code></a>
Bump furo from 2025.9.25 to 2025.12.19 in /docs (<a
href="https://redirect.github.com/psf/black/issues/4933">#4933</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/psf/black/compare/25.1.0...26.1.0">compare
view</a></li>
</ul>
</details>
<br />


You can trigger a rebase of this PR by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.
Updates the requirements on
[setuptools](https://github.com/pypa/setuptools) to permit the latest
version.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/setuptools/blob/main/NEWS.rst">setuptools's
changelog</a>.</em></p>
<blockquote>
<h1>v82.0.0</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li><code>pkg_resources</code> has been removed from Setuptools. Most
common uses of <code>pkg_resources</code> have been superseded by the
<code>importlib.resources
&lt;https://docs.python.org/3/library/importlib.resources.html&gt;</code>_
and <code>importlib.metadata
&lt;https://docs.python.org/3/library/importlib.metadata.html&gt;</code>_
projects. Projects and environments relying on
<code>pkg_resources</code> for namespace packages or other behavior
should depend on older versions of <code>setuptools</code>. (<a
href="https://redirect.github.com/pypa/setuptools/issues/3085">#3085</a>)</li>
</ul>
<h1>v81.0.0</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Removed support for the --dry-run parameter to setup.py. This one
feature by its nature threads through lots of core and ancillary
functionality, adding complexity and friction. Removal of this parameter
will help decouple the compiler functionality from distutils and thus
the eventual full integration of distutils. These changes do affect some
class and function signatures, so any derivative functionality may
require some compatibility shims to support their expected interface.
Please report any issues to the Setuptools project for investigation.
(<a
href="https://redirect.github.com/pypa/setuptools/issues/4872">#4872</a>)</li>
</ul>
<h1>v80.10.2</h1>
<h2>Bugfixes</h2>
<ul>
<li>Update vendored dependencies. (<a
href="https://redirect.github.com/pypa/setuptools/issues/5159">#5159</a>)</li>
</ul>
<h2>Misc</h2>
<ul>
<li><a
href="https://redirect.github.com/pypa/setuptools/issues/5115">#5115</a>,
<a
href="https://redirect.github.com/pypa/setuptools/issues/5128">#5128</a></li>
</ul>
<h1>v80.10.1</h1>
<h2>Misc</h2>
<ul>
<li><a
href="https://redirect.github.com/pypa/setuptools/issues/5152">#5152</a></li>
</ul>
<h1>v80.10.0</h1>
<h2>Features</h2>
<ul>
<li>Remove post-release tags on setuptools' own build. (<a
href="https://redirect.github.com/pypa/setuptools/issues/4530">#4530</a>)</li>
<li>Refreshed vendored dependencies. (<a
href="https://redirect.github.com/pypa/setuptools/issues/5139">#5139</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/setuptools/commit/03f3615362c4eb19c770b71be5bd58e38f235528"><code>03f3615</code></a>
Bump version: 81.0.0 → 82.0.0</li>
<li><a
href="https://github.com/pypa/setuptools/commit/530d11498af526c4210d8eeaa1ed6c63f44a390f"><code>530d114</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/setuptools/issues/5007">#5007</a>
from pypa/feature/remove-more-pkg_resources</li>
<li><a
href="https://github.com/pypa/setuptools/commit/11efe9f552290bf536515d458aa85752a0606aa8"><code>11efe9f</code></a>
Merge branch 'maint/75.3'</li>
<li><a
href="https://github.com/pypa/setuptools/commit/118f129dd0fb319058bd05f382c50188fd60a60e"><code>118f129</code></a>
Bump version: 75.3.3 → 75.3.4</li>
<li><a
href="https://github.com/pypa/setuptools/commit/90561ffde1220a590b7644745f48b5837b1a130d"><code>90561ff</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/setuptools/issues/5150">#5150</a>
from UladzimirTrehubenka/backport_cve_47273</li>
<li><a
href="https://github.com/pypa/setuptools/commit/4595034db8aab4ea33035a47a068b04fd8aa00cc"><code>4595034</code></a>
Add news fragment.</li>
<li><a
href="https://github.com/pypa/setuptools/commit/fc008006fc072af02eb7e0b601172c67eba395e3"><code>fc00800</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/setuptools/issues/5171">#5171</a>
from cclauss/ruff-v0.15.0</li>
<li><a
href="https://github.com/pypa/setuptools/commit/127e561362a2b4e560faabe9e979ed848106b62d"><code>127e561</code></a>
Remove tests reliant on pkg_resources, rather than xfailing them.</li>
<li><a
href="https://github.com/pypa/setuptools/commit/64bc21e10b5d749b1b75fa334caedb67cc7414c4"><code>64bc21e</code></a>
Reference the superseding libraries.</li>
<li><a
href="https://github.com/pypa/setuptools/commit/cf1ff459ea997b615a75d99304f6c9aa1fc94c06"><code>cf1ff45</code></a>
Merge branch 'main' into debt/pbr-without-pkg_resources</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/setuptools/compare/v80.9.0...v82.0.0">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>
…95)

Updates the requirements on
[cryptography](https://github.com/pyca/cryptography) to permit the
latest version.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst">cryptography's
changelog</a>.</em></p>
<blockquote>
<p>46.0.5 - 2026-02-10</p>
<pre><code>
* An attacker could create a malicious public key that reveals portions
of your
private key when using certain uncommon elliptic curves (binary curves).
This version now includes additional security checks to prevent this
attack.
This issue only affects binary elliptic curves, which are rarely used in
real-world applications. Credit to **XlabAI Team of Tencent Xuanwu Lab
and
Atuin Automated Vulnerability Discovery Engine** for reporting the
issue.
  **CVE-2026-26007**
* Support for ``SECT*`` binary elliptic curves is deprecated and will be
  removed in the next release.
<p>.. v46-0-4:</p>
<p>46.0.4 - 2026-01-27<br />
</code></pre></p>
<ul>
<li><code>Dropped support for win_arm64 wheels</code>_.</li>
<li>Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL
3.5.5.</li>
</ul>
<p>.. _v46-0-3:</p>
<p>46.0.3 - 2025-10-15</p>
<pre><code>
* Fixed compilation when using LibreSSL 4.2.0.
<p>.. _v46-0-2:</p>
<p>46.0.2 - 2025-09-30<br />
</code></pre></p>
<ul>
<li>Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL
3.5.4.</li>
</ul>
<p>.. _v46-0-1:</p>
<p>46.0.1 - 2025-09-16</p>
<pre><code>
* Fixed an issue where users installing via ``pip`` on Python 3.14
development
  versions would not properly install a dependency.
* Fixed an issue building the free-threaded macOS 3.14 wheels.
<p>.. _v46-0-0:</p>
<p>46.0.0 - 2025-09-16<br />
</code></pre></p>
<ul>
<li><strong>BACKWARDS INCOMPATIBLE:</strong> Support for Python 3.7 has
been removed.</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pyca/cryptography/commit/06e120e682cb200e3f7050c02f0bcdac90c4c6ad"><code>06e120e</code></a>
bump version for 46.0.5 release (<a
href="https://redirect.github.com/pyca/cryptography/issues/14289">#14289</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/0eebb9dbb6343d9bc1d91e5a2482ed4e054a6d8c"><code>0eebb9d</code></a>
EC check key on cofactor &gt; 1 (<a
href="https://redirect.github.com/pyca/cryptography/issues/14287">#14287</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/bedf6e186b814f69a3f54f51252c23a71d44ed2e"><code>bedf6e1</code></a>
fix openssl version on 46 branch (<a
href="https://redirect.github.com/pyca/cryptography/issues/14220">#14220</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/e6f44fc8e6391f05d719fb9d369692325b87a471"><code>e6f44fc</code></a>
bump for 46.0.4 and drop win arm64 due to CI issues (<a
href="https://redirect.github.com/pyca/cryptography/issues/14217">#14217</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/c0af4dd7b75921bbe9f1d41a03dbd4b64a9e3403"><code>c0af4dd</code></a>
release 46.0.3 (<a
href="https://redirect.github.com/pyca/cryptography/issues/13681">#13681</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/99efe5ad150a56efadafacaffd0e3ee319373904"><code>99efe5a</code></a>
bump version for 46.0.2 (<a
href="https://redirect.github.com/pyca/cryptography/issues/13531">#13531</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/e735cfc27502320101c130335c556394a125ba52"><code>e735cfc</code></a>
release 46.0.1 (<a
href="https://redirect.github.com/pyca/cryptography/issues/13450">#13450</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/4e457ffba43a6d87efc63c33041e2081438dd8a4"><code>4e457ff</code></a>
Explicitly specify python in mac uv build invocation (<a
href="https://redirect.github.com/pyca/cryptography/issues/13447">#13447</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/2726efdb6d67f1c90cf9c6062d9fe051965586f8"><code>2726efd</code></a>
Depend on CFFI 2.0.0 or newer on Python &gt; 3.8 (<a
href="https://redirect.github.com/pyca/cryptography/issues/13448">#13448</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/62230623d183706632c0eb7822c96ac95e3710a8"><code>6223062</code></a>
release 46.0.0 (<a
href="https://redirect.github.com/pyca/cryptography/issues/13446">#13446</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/pyca/cryptography/compare/45.0.4...46.0.5">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>
Updates the requirements on
[pylint](https://github.com/pylint-dev/pylint) to permit the latest
version.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pylint-dev/pylint/commit/88e1ab7545a4af4aea15c305a154c164a95ab842"><code>88e1ab7</code></a>
Bump pylint to 4.0.5, update changelog (<a
href="https://redirect.github.com/pylint-dev/pylint/issues/10860">#10860</a>)</li>
<li><a
href="https://github.com/pylint-dev/pylint/commit/d96d489a1743d32b6bfa53fc0f69a4333209a146"><code>d96d489</code></a>
[Backport maintenance/4.0.x] Relax isort version constraint to allow
isort 8 ...</li>
<li><a
href="https://github.com/pylint-dev/pylint/commit/0b08ccb014c265700f244a885bdcbdfa3a03de46"><code>0b08ccb</code></a>
Fix dynamic color mapping for &quot;fail-on&quot; messages when using
multiple reporter...</li>
<li><a
href="https://github.com/pylint-dev/pylint/commit/154dba43276e8232a2e1cb8f90bfcc63886f3460"><code>154dba4</code></a>
[Backport maintenance/4.0.x] Fix FP for <code>invalid-name</code> with
<code>typing.Final</code> on...</li>
<li><a
href="https://github.com/pylint-dev/pylint/commit/7b73bfdedf275935b9c5b43a6aeda5cc648b4847"><code>7b73bfd</code></a>
Disable unspecified-encoding for py-version above Python 3.15 (<a
href="https://redirect.github.com/pylint-dev/pylint/issues/10800">#10800</a>)</li>
<li><a
href="https://github.com/pylint-dev/pylint/commit/4cc98be8b7786dbc6692493fe9cedb8585af5518"><code>4cc98be</code></a>
[Backport maintenance/4.0.x] Fix setting options for import order
checker (<a
href="https://redirect.github.com/pylint-dev/pylint/issues/1">#1</a>...</li>
<li><a
href="https://github.com/pylint-dev/pylint/commit/f0d30a27b510d69f846e3aaa0054cf0a1412923c"><code>f0d30a2</code></a>
Sync astroid version with requirements file again</li>
<li><a
href="https://github.com/pylint-dev/pylint/commit/38bdf024648724e6aea017e62d3b57cb44097ec3"><code>38bdf02</code></a>
[Backport maintenance/4.0.x] Fix <code>logging-unsupported-format</code>
when logging ...</li>
<li><a
href="https://github.com/pylint-dev/pylint/commit/f08c33ae3e691eed868e49c0d15270dc6e6a0d6c"><code>f08c33a</code></a>
[Backport maintenance/4.0.x] Properly detect <code>self.fail()</code> as
a terminating...</li>
<li><a
href="https://github.com/pylint-dev/pylint/commit/e16f942166511d6fb4427e503a734152fae0c4fe"><code>e16f942</code></a>
Bump pylint to 4.0.4, update changelog</li>
<li>Additional commits viewable in <a
href="https://github.com/pylint-dev/pylint/compare/v3.3.1...v4.0.5">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>
…tag dates and optional keywords [patch candidate]
@JuanVilla424 JuanVilla424 merged commit 8f9e51d into test Mar 3, 2026
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant