cyberark / cyberark-conjur-cli

CyberArk Conjur command line interface written in Python
https://www.conjur.org
Apache License 2.0
17 stars 16 forks source link

CONJSE-1844: Bump deps #435

Closed szh closed 7 months ago

szh commented 8 months ago

Desired Outcome

There is a new CVE in the Python 'cryptography' library which is used in conjur-api-python and cyberark-conjur-cli (the Python based CLI). This is being flagged by Dependabot. While the affected function is not used in our code, we should still update the package version to avoid both false positive security scans as well as the remote chance that another library we use calls this function.

Implemented Changes

Connected Issue/Story

CyberArk internal issue ID: CONJSE-1844

Definition of Done

At least 1 todo must be completed in the sections below for the PR to be merged.

Changelog

Test coverage

Documentation

Behavior

Security