build(deps): bump the dependencies group across 1 directory with 3 updates

[dependabot]

Updates the requirements on cryptography, boto3 and botocore to permit the latest version.
Updates cryptography from 46.0.7 to 48.0.0

Changelog

Sourced from cryptography's changelog.

48.0.0 - 2026-05-04

* **BACKWARDS INCOMPATIBLE:** Support for Python 3.8 has been removed.
  ``cryptography`` now requires Python 3.9 or later.
* **BACKWARDS INCOMPATIBLE:** Loading an X.509 CRL whose inner
  ``TBSCertList.signature`` algorithm does not match the outer
  ``signatureAlgorithm`` now raises ``ValueError``. Previously, such CRLs
  were parsed successfully and only rejected during signature validation.
* Added support for :doc:`/hazmat/primitives/asymmetric/mlkem` and
  :doc:`/hazmat/primitives/asymmetric/mldsa` when using OpenSSL 3.5.0 or
  later, in addition to the existing AWS-LC and BoringSSL support. This means
  post-quantum algorithms are now available to users of our wheels.

Note: Going forward, we do not guarantee that all functionality

in cryptography will be available when building against

OpenSSL. See :doc:/statements/state-of-openssl for more information.

.. _v47-0-0:
47.0.0 - 2026-04-24

• Support for Python 3.8 is deprecated and will be removed in the next cryptography release.
• BACKWARDS INCOMPATIBLE: Support for binary elliptic curves (SECT* classes) has been removed. These curves are rarely used and have additional security considerations that make them undesirable.
• BACKWARDS INCOMPATIBLE: Support for OpenSSL 1.1.x has been removed. OpenSSL 3.0.0 or later is now required. LibreSSL, BoringSSL, and AWS-LC continue to be supported.
• BACKWARDS INCOMPATIBLE: Dropped support for LibreSSL < 4.1.
• BACKWARDS INCOMPATIBLE: Loading keys with unsupported algorithms or keys with unsupported explicit curve encodings now raises :class:~cryptography.exceptions.UnsupportedAlgorithm instead of ValueError. This change affects :func:~cryptography.hazmat.primitives.serialization.load_pem_private_key, :func:~cryptography.hazmat.primitives.serialization.load_der_private_key, :func:~cryptography.hazmat.primitives.serialization.load_pem_public_key, :func:~cryptography.hazmat.primitives.serialization.load_der_public_key, and :meth:~cryptography.x509.Certificate.public_key when called on certificates with unsupported public key algorithms.
• BACKWARDS INCOMPATIBLE: When parsing elliptic curve private keys, we now reject keys that incorrectly encode a private key of the wrong length because such keys are impossible to process in a constant-time manner. We do not believe keys with this problem are in wide use, however we may revert this change based on the feedback we receive.
• Deprecated passing 64-bit (8-byte) and 128-bit (16-byte) keys to :class:~cryptography.hazmat.decrepit.ciphers.algorithms.TripleDES. In a

... (truncated)

Commits

• 8e03e30 bump for 48.0.0 release (#14796)
• 295e0d2 Add AGENTS.md with CLAUDE.md symlink (#14794)
• 104a2de Bump BoringSSL, OpenSSL, AWS-LC in CI (#14793)
• 67ec1e5 call check_length early on AesSiv::encrypt (#14792)
• b2da57a changelog for mldsa/mlkem for openssl (#14791)
• 3cf44ad ML-KEM OpenSSL support (#14781)
• 2e31639 ML-DSA OpenSSL support (#14773)
• 5affe5a fix rust nightly clippy (#14790)
• 2e73ca4 bump rust-openssl dep and update EcPoint::mul_generator to mul_generator2 (#1...
• 82ebd3b Bump BoringSSL, OpenSSL, AWS-LC in CI (#14785)
• Additional commits viewable in compare view

Updates boto3 to 1.43.3

Commits

• bea693c Merge branch 'release-1.43.3'
• 1f57fdc Bumping version to 1.43.3
• ba69bd2 Add changelog entries from botocore
• 7dc336e Merge branch 'release-1.43.2'
• e240af8 Merge branch 'release-1.43.2' into develop
• 99fd421 Bumping version to 1.43.2
• 80f4db8 Add changelog entries from botocore
• be6bdf3 Bump pytest from 8.1.1 to 9.0.3 (#4782)
• 753bcab Merge branch 'release-1.43.1'
• 09f56f4 Merge branch 'release-1.43.1' into develop
• Additional commits viewable in compare view

Updates botocore to 1.43.3

Commits

• f687cc7 Merge branch 'release-1.43.3'
• 847cf77 Bumping version to 1.43.3
• b20a3c1 Update to latest models
• b8db539 Implement updated retry behavior gated behind opt-in environment variable (#3...
• 6338dda Merge branch 'release-1.43.2'
• c139d1b Merge branch 'release-1.43.2' into develop
• 6a8a47b Bumping version to 1.43.2
• 0f4537b Update endpoints model
• e018979 Update to latest models
• 48efef7 Bump pytest from 8.1.1 to 9.0.3 (#3696)
• Additional commits viewable in compare view

[jku]

@dependabot rebase

[jku]

sigstore is again incompatible with newest cryptography: sigstore/sigstore-python#1759