Bump cryptography from 41.0.7 to 42.0.1

[dependabot[bot]]

Bumps cryptography from 41.0.7 to 42.0.1.

Changelog

Sourced from cryptography's changelog.

42.0.1 - 2024-01-24

* Fixed an issue with incorrect keyword-argument naming with ``EllipticCurvePrivateKey``
  :meth:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey.sign`.
* Resolved compatibility issue with loading certain RSA public keys in
  :func:`~cryptography.hazmat.primitives.serialization.load_pem_public_key`.
.. _v42-0-0:
42.0.0 - 2024-01-22

• BACKWARDS INCOMPATIBLE: Dropped support for LibreSSL < 3.7.
• BACKWARDS INCOMPATIBLE: Loading a PKCS7 with no content field using :func:~cryptography.hazmat.primitives.serialization.pkcs7.load_pem_pkcs7_certificates or :func:~cryptography.hazmat.primitives.serialization.pkcs7.load_der_pkcs7_certificates will now raise a ValueError rather than return an empty list.
• Parsing SSH certificates no longer permits malformed critical options with values, as documented in the 41.0.2 release notes.
• Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.2.0.
• Updated the minimum supported Rust version (MSRV) to 1.63.0, from 1.56.0.
• We now publish both py37 and py39 abi3 wheels. This should resolve some errors relating to initializing a module multiple times per process.
• Support :class:~cryptography.hazmat.primitives.asymmetric.padding.PSS for X.509 certificate signing requests and certificate revocation lists with the keyword-only argument rsa_padding on the sign methods for :class:~cryptography.x509.CertificateSigningRequestBuilder and :class:~cryptography.x509.CertificateRevocationListBuilder.
• Added support for obtaining X.509 certificate signing request signature algorithm parameters (including PSS) via :meth:~cryptography.x509.CertificateSigningRequest.signature_algorithm_parameters.
• Added support for obtaining X.509 certificate revocation list signature algorithm parameters (including PSS) via :meth:~cryptography.x509.CertificateRevocationList.signature_algorithm_parameters.
• Added mgf property to :class:~cryptography.hazmat.primitives.asymmetric.padding.PSS.
• Added algorithm and mgf properties to :class:~cryptography.hazmat.primitives.asymmetric.padding.OAEP.
• Added the following properties that return timezone-aware datetime objects: :meth:~cryptography.x509.Certificate.not_valid_before_utc, :meth:~cryptography.x509.Certificate.not_valid_after_utc, :meth:~cryptography.x509.RevokedCertificate.revocation_date_utc, :meth:~cryptography.x509.CertificateRevocationList.next_update_utc, :meth:~cryptography.x509.CertificateRevocationList.last_update_utc. These are timezone-aware variants of existing properties that return naïve datetime objects.
• Deprecated the following properties that return naïve datetime objects:

... (truncated)

Commits

• 337437d 42.0.1 bump (#10252)
• 56255de allow SPKI RSA keys to be parsed even if they have an incorrect delimiter (#1...
• 12f038b fixes #10237 -- correct EC sign parameter name (#10239) (#10240)
• 4e64baf 42.0.0 version bump (#10232)
• 7cb13a3 we'll ship 3.2.0 for 42 (#9951)
• 605c74e Bump x509-limbo and/or wycheproof in CI (#10231)
• 97578b9 Bump BoringSSL and/or OpenSSL in CI (#10230)
• 972a7b5 verification: add test_verify_tz_aware (#10229)
• 41daf2d Migrate PKCS7 backend to Rust (#10228)
• d54093e Remove some skips in tests that aren't needed anymore (#10223)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions[bot]]

🦙 MegaLinter status: ✅ SUCCESS

Descriptor	Linter	Files	Fixed	Errors	Elapsed time
✅ ACTION	actionlint	3		0	0.03s
✅ BASH	bash-exec	1		0	0.0s
✅ BASH	shellcheck	1		0	0.02s
✅ BASH	shfmt	1	0	0	0.01s
✅ DOCKERFILE	hadolint	1		0	0.12s
✅ JSON	eslint-plugin-jsonc	2	0	0	1.26s
✅ JSON	jsonlint	2		0	0.21s
✅ JSON	prettier	2	0	0	0.39s
✅ JSON	v8r	2		0	2.34s
✅ MARKDOWN	markdownlint	5	0	0	1.2s
✅ MARKDOWN	markdown-link-check	5		0	1.87s
✅ MARKDOWN	markdown-table-formatter	5	0	0	0.39s
✅ PYTHON	bandit	14		0	1.12s
✅ PYTHON	black	18	0	0	1.19s
✅ PYTHON	flake8	18		0	0.55s
✅ PYTHON	isort	18	0	0	0.4s
✅ PYTHON	pylint	18		0	13.16s
✅ PYTHON	ruff	18	0	0	0.03s
✅ REPOSITORY	gitleaks	yes		no	0.11s
✅ REPOSITORY	git_diff	yes		no	0.01s
✅ REPOSITORY	grype	yes		no	11.6s
✅ REPOSITORY	secretlint	yes		no	0.83s
✅ REPOSITORY	trivy	yes		no	5.64s
✅ REPOSITORY	trivy-sbom	yes		no	3.77s
✅ REPOSITORY	trufflehog	yes		no	4.68s
✅ SPELL	lychee	14		0	0.43s
✅ YAML	prettier	7	0	0	1.01s
✅ YAML	v8r	7		0	12.39s
✅ YAML	yamllint	7		0	0.26s

See detailed report in MegaLinter reports

_MegaLinter is graciously provided by _

[dependabot[bot]]

Superseded by #45.