search

ha-enthus1ast / plejd-mqtt-ha

Plejd MQTT
Apache License 2.0
1 stars 0 forks source link

Bump cryptography from 41.0.7 to 42.0.7 #55

Open dependabot[bot] opened 4 months ago

dependabot[bot] commented 4 months ago

Bumps cryptography from 41.0.7 to 42.0.7.

Changelog

Sourced from cryptography's changelog.

42.0.7 - 2024-05-06


* Restored Windows 7 compatibility for our pre-built wheels. Note that we do
  not test on Windows 7 and wheels for our next release will not support it.
  Microsoft no longer provides support for Windows 7 and users are encouraged
  to upgrade.

.. _v42-0-6:


42.0.6 - 2024-05-04

  • Fixed compilation when using LibreSSL 3.9.1.

.. _v42-0-5:

42.0.5 - 2024-02-23


* Limit the number of name constraint checks that will be performed in
  :mod:`X.509 path validation <cryptography.x509.verification>` to protect
  against denial of service attacks.
* Upgrade ``pyo3`` version, which fixes building on PowerPC.

.. _v42-0-4:


42.0.4 - 2024-02-20

  • Fixed a null-pointer-dereference and segfault that could occur when creating a PKCS#12 bundle. Credit to Alexander-Programming for reporting the issue. CVE-2024-26130
  • Fixed ASN.1 encoding for PKCS7/SMIME signed messages. The fields SMIMECapabilities and SignatureAlgorithmIdentifier should now be correctly encoded according to the definitions in :rfc:2633 :rfc:3370.

.. _v42-0-3:

42.0.3 - 2024-02-15


* Fixed an initialization issue that caused key loading failures for some
  users.

.. _v42-0-2:


42.0.2 - 2024-01-30

... (truncated)

Commits


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
github-actions[bot] commented 4 months ago

πŸ¦™ MegaLinter status: ❌ ERROR

Descriptor Linter Files Fixed Errors Elapsed time
βœ… ACTION actionlint 3 0 0.05s
βœ… BASH bash-exec 1 0 0.02s
βœ… BASH shellcheck 1 0 0.02s
βœ… BASH shfmt 1 0 0 0.01s
βœ… DOCKERFILE hadolint 1 0 0.17s
βœ… JSON jsonlint 2 0 0.3s
βœ… JSON prettier 2 0 0 0.63s
βœ… JSON v8r 2 0 2.54s
⚠️ MARKDOWN markdownlint 5 0 1 1.07s
❌ MARKDOWN markdown-link-check 5 26 2.94s
βœ… MARKDOWN markdown-table-formatter 5 0 0 0.39s
❌ PYTHON bandit 14 1 1.98s
βœ… PYTHON black 18 1 0 1.65s
βœ… PYTHON flake8 18 0 1.09s
βœ… PYTHON isort 18 1 0 0.39s
βœ… PYTHON pylint 18 0 15.57s
βœ… PYTHON ruff 18 1 0 0.02s
βœ… REPOSITORY gitleaks yes no 0.11s
βœ… REPOSITORY git_diff yes no 0.01s
βœ… REPOSITORY grype yes no 15.28s
βœ… REPOSITORY secretlint yes no 0.7s
❌ REPOSITORY trivy yes 1 8.45s
βœ… REPOSITORY trivy-sbom yes no 1.77s
βœ… REPOSITORY trufflehog yes no 5.24s
βœ… SPELL lychee 14 0 0.69s
βœ… YAML prettier 7 0 0 0.89s
βœ… YAML v8r 7 0 7.8s
βœ… YAML yamllint 7 0 0.36s

See detailed report in MegaLinter reports

_MegaLinter is graciously provided by OX Security_