Skip to content

chore: Upgrade Python requirements#540

Merged
felipemontoya merged 1 commit into
masterfrom
repo-tools/upgrade-python-requirements-4bcff44
May 28, 2026
Merged

chore: Upgrade Python requirements#540
felipemontoya merged 1 commit into
masterfrom
repo-tools/upgrade-python-requirements-4bcff44

Conversation

@edx-requirements-bot

Copy link
Copy Markdown
Contributor

Python requirements update. Please review the changelogs for the upgraded packages.

Deleted obsolete pull_requests:
#538

@edx-requirements-bot

Copy link
Copy Markdown
Contributor Author

List of packages in the PR without any issue.

  • build changes from 1.4.3 to 1.5.0
  • cachetools changes from 7.0.5 to 7.1.4
  • certifi changes from 2026.2.25 to 2026.5.20
  • click changes from 8.3.2 to 8.4.1
  • coverage[toml] changes from 7.13.5 to 7.14.0
  • django changes from 5.2.13 to 5.2.14
  • edx-lint changes from 6.0.0 to 6.1.0
  • faker changes from 40.15.0 to 40.19.1
  • idna changes from 3.11 to 3.16
  • packaging changes from 26.1 to 26.2
  • pip changes from 26.0.1 to 26.1.1
  • pyjwt[crypto] changes from 2.12.1 to 2.13.0
  • pymongo changes from 4.16.0 to 4.17.0
  • python-discovery changes from 1.2.2 to 1.3.1
  • requests changes from 2.33.1 to 2.34.2
  • stevedore changes from 5.7.0 to 5.8.0
  • tomlkit changes from 0.14.0 to 0.15.0
  • tox changes from 4.53.0 to 4.54.0
  • urllib3 changes from 2.6.3 to 2.7.0
  • virtualenv changes from 21.2.4 to 21.3.3
  • wheel changes from 0.46.3 to 0.47.0

@edx-requirements-bot

Copy link
Copy Markdown
Contributor Author

These Packages need manual review..

  • [MAJOR] cryptography changes from 46.0.7 to 48.0.0

@felipemontoya

Copy link
Copy Markdown
Member

This is what changed in cryptography:

BACKWARDS INCOMPATIBLE: Support for binary elliptic curves (SECT* classes) has been removed. These curves are rarely used and have additional security considerations that make them undesirable.

BACKWARDS INCOMPATIBLE: Support for OpenSSL 1.1.x has been removed. OpenSSL 3.0.0 or later is now required. LibreSSL, BoringSSL, and AWS-LC continue to be supported.

BACKWARDS INCOMPATIBLE: Dropped support for LibreSSL < 4.1.

BACKWARDS INCOMPATIBLE: Loading keys with unsupported algorithms or keys with unsupported explicit curve encodings now raises UnsupportedAlgorithm instead of ValueError. This change affects load_pem_private_key(), load_der_private_key(), load_pem_public_key(), load_der_public_key(), and public_key() when called on certificates with unsupported public key algorithms.

BACKWARDS INCOMPATIBLE: When parsing elliptic curve private keys, we now reject keys that incorrectly encode a private key of the wrong length because such keys are impossible to process in a constant-time manner. We do not believe keys with this problem are in wide use, however we may revert this change based on the feedback we receive.

BACKWARDS INCOMPATIBLE: Support for Python 3.8 has been removed. cryptography now requires Python 3.9 or later.

BACKWARDS INCOMPATIBLE: Loading an X.509 CRL whose inner TBSCertList.signature algorithm does not match the outer signatureAlgorithm now raises ValueError. Previously,

We dropped support for python 3.8 a while back and none of the others seem worrysome

@felipemontoya felipemontoya merged commit 0c57660 into master May 28, 2026
7 checks passed
@felipemontoya felipemontoya deleted the repo-tools/upgrade-python-requirements-4bcff44 branch May 28, 2026 16:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants