Skip to content

build(deps): bump the python-dependencies group with 4 updates#434

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/python-dependencies-e6ed53c139
Closed

build(deps): bump the python-dependencies group with 4 updates#434
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/python-dependencies-e6ed53c139

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 14, 2026

Copy link
Copy Markdown
Contributor

Bumps the python-dependencies group with 4 updates: cffi, charset-normalizer, pyopenssl and rfc3161-client.

Updates cffi from 2.0.0 to 2.1.0

Release notes

Sourced from cffi's releases.

v2.1.0

  • Added support for Python 3.15 and support for C extensions generated by CFFI to target the new abi3t free-threaded ABI.
  • Dropped support for Python 3.9.
  • Added cffi-gen-src CLI to generate CFFI C extension source for alternate build backend support.
  • Fixed crashes inside __delitem__.
  • Fixed "string too big" error under MSVC.
  • Fixed mingw builds.
  • Added support for arm64 iOS wheels.
Commits
  • d9f6f70 New release 2.1.0
  • 02a7b0e Misc pre-2.1 release/packaging cleanup (#253)
  • 1362e5d Move cffi-gen-src release note to 2.1.0 notes
  • a797055 Make error message when embedding version test fails more friendly
  • f1f40a8 Update changelog
  • dc62c93 Delete missed cp39 Windows builds
  • a341180 Update version numbers to prepare for v2.1 release
  • 9f04d85 Mark test using inet_ntoa as thread-unsafe
  • 5f12702 Fix flaky pytest-run-parallel CI crash
  • 26b3d3a Merge branch 'main' into integrate-buildtool
  • Additional commits viewable in compare view

Updates charset-normalizer from 3.4.7 to 3.4.9

Release notes

Sourced from charset-normalizer's releases.

Version 3.4.9

3.4.9 (2026-07-07)

Fixed

  • Regression in our fallback path leading to a decode error. (#771) We've yanked 3.4.8 as a result of that bug.

Version 3.4.8

3.4.8 (2026-07-06)

Fixed

  • Wall import time due to cascade codec imports for our multibyte first sort of iana supported codecs (#742)
  • Unnecessary json import at runtime (#753)
  • Inverse capitalization not seen by noise detector (#731)

Changed

  • No longer holding a global cache for our noise / coherence measurements. Relax RSS memory usage.
  • Micro-optimizations in our noise / coherence measurements.
  • No longer using regex search by default for our preemptive charset mark algorithm.
  • Raised upperbound of setuptools to v83.
  • Raised upperbound of mypy(c) to v2.1.

Removed

  • Redundant UTF7 BOM marker (#730)
Changelog

Sourced from charset-normalizer's changelog.

3.4.9 (2026-07-07)

Fixed

  • Regression in our fallback path leading to a decode error. (#771) We've yanked 3.4.8 as a result of that bug.

3.4.8 (2026-07-06)

Fixed

  • Wall import time due to cascade codec imports for our multibyte first sort of iana supported codecs (#742)
  • Unnecessary json import at runtime (#753)
  • Inverse capitalization not seen by noise detector (#731)

Changed

  • No longer holding a global cache for our noise / coherence measurements. Relax RSS memory usage.
  • Micro-optimizations in our noise / coherence measurements.
  • No longer using regex search by default for our preemptive charset mark algorithm.
  • Raised upperbound of setuptools to v83.
  • Raised upperbound of mypy(c) to v2.1.

Removed

  • Redundant UTF7 BOM marker (#730)
Commits
  • cc68407 Merge pull request #772 from jawah/fix-regression-fallback-path
  • 152b923 chore: release 3.4.9
  • 2bc2607 fix: unicodedecodeerror in fallback path
  • be252d7 chore(deps): bump docker/setup-qemu-action from 4.1.0 to 4.2.0 (#767)
  • 71c7bdd chore(deps): bump actions/setup-python from 6.2.0 to 6.3.0 (#768)
  • aeea391 chore(deps): bump pypa/cibuildwheel from 3.4.1 to 4.1.0 (#758)
  • a6f8feb Merge pull request #770 from jawah/unblock-ci
  • 528e16c chore: add osv-scanner.toml
  • 5993498 chore: ast_serialize musl missing prebuilt riscv,s390x,ppc64le
  • aa2ddd8 Release 3.4.8 (#766)
  • Additional commits viewable in compare view

Updates pyopenssl from 26.2.0 to 26.3.0

Changelog

Sourced from pyopenssl's changelog.

26.3.0 (2026-06-12)

Backward-incompatible changes: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Dropped support for Python 3.8.
  • The minimum cryptography version is now 49.0.0.
  • Removed deprecated OpenSSL.crypto.X509Req, OpenSSL.crypto.dump_certificate_request, and OpenSSL.crypto.load_certificate_request. cryptography.x509 should be used instead.
  • OpenSSL.SSL.Connection.set_session now raises ValueError if the Session was obtained from a Connection that was using a different Context than this one. OpenSSL requires (but does not verify) that sessions only be re-used with a compatible SSL_CTX, so this contract is now enforced.

Deprecations: ^^^^^^^^^^^^^

  • Deprecated OpenSSL.crypto.PKey.generate_key and OpenSSL.crypto.PKey.check. The key generation and loading APIs in cryptography should be used instead.
  • Deprecated OpenSSL.crypto.dump_privatekey. The serialization APIs on cryptography private key types should be used instead.
  • Deprecated all the mutable APIs on OpenSSL.crypto.X509: set_version, set_pubkey, sign, set_serial_number, gmtime_adj_notAfter, gmtime_adj_notBefore, set_notBefore, set_notAfter, set_issuer, and set_subject. cryptography.x509.CertificateBuilder should be used instead.
  • Deprecated OpenSSL.SSL.Context.set_passwd_cb. Users should decrypt and load their private keys themselves, with cryptography's key loading APIs, and then call OpenSSL.SSL.Context.use_privatekey.
  • Deprecated OpenSSL.crypto.X509Name, as well as the remaining APIs that consume or return it: OpenSSL.crypto.X509.get_issuer, OpenSSL.crypto.X509.get_subject, and OpenSSL.SSL.Context.set_client_ca_list. The APIs in cryptography.x509 should be used instead.

Changes: ^^^^^^^^

  • OpenSSL.SSL.Connection.get_client_ca_list now takes an as_cryptography keyword-argument. When True is passed then cryptography.x509.Name are returned, instead of OpenSSL.crypto.X509Name. In the future, passing False (the default) will be deprecated.
Commits
  • a34aa1d Prepare 26.3.0 release (#1515)
  • 24db880 Deprecate X509Name and the remaining APIs that consume or return it (#1514)
  • 1dc08be Add as_cryptography parameter to Connection.get_client_ca_list (#1508)
  • 55653a5 Require cryptography 49, drop Python 3.8 (#1513)
  • 9bad760 Remove deprecated CSR functionality (#1507)
  • 98ca874 Enforce that Session is only re-used with the Context it came from (#1512)
  • cbcb1da Deprecate Context.set_passwd_cb (#1511)
  • 3b9d07d Deprecate all the mutable APIs on X509 (#1510)
  • e096920 Deprecate PKey.generate_key, PKey.check, and dump_privatekey (#1509)
  • 7079d6d Fix zizmor findings in GitHub Actions workflows (#1506)
  • Additional commits viewable in compare view

Updates rfc3161-client from 1.0.6 to 1.0.7

Release notes

Sourced from rfc3161-client's releases.

v1.0.7

[1.0.7] - 2026-07-07

Fixed

  • macOS wheels are now self-contained: OpenSSL is vendored and statically linked like the Linux wheels. Previously the published macOS wheel baked in an absolute path to Homebrew's openssl@3 and failed to import on machines without that exact install (#276)
Changelog

Sourced from rfc3161-client's changelog.

[1.0.7] - 2026-07-07

Fixed

  • macOS wheels are now self-contained: OpenSSL is vendored and statically linked like the Linux wheels. Previously the published macOS wheel baked in an absolute path to Homebrew's openssl@3 and failed to import on machines without that exact install (#276)
Commits
  • 9541095 chore: prep for release 1.0.7 (#277)
  • f6029dc ci: vendor OpenSSL in macOS wheels (#276)
  • 2909907 build(deps): bump actions/setup-python from 6.2.0 to 6.3.0 in the actions gro...
  • 23476c0 build(deps): bump actions/checkout from 6.0.3 to 7.0.0 in the actions group (...
  • a5942cd build(deps): bump cryptography-x509 from 47.0.0 to 49.0.0 in the actions grou...
  • 0016d89 build(deps): bump the actions group across 1 directory with 2 updates (#271)
  • c15cb40 build(deps): bump pyo3-build-config from 0.28.3 to 0.29.0 in the actions grou...
  • 6f14708 build(deps): bump cryptography-x509 from 47.0.0 to 49.0.0 in the actions grou...
  • 985bd54 build(deps): bump pyo3 from 0.28.3 to 0.29.0 (#268)
  • bb284b3 build(deps): bump github/codeql-action from 4.36.1 to 4.36.2 in the actions g...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the python-dependencies group with 4 updates: [cffi](https://github.com/python-cffi/cffi), [charset-normalizer](https://github.com/jawah/charset_normalizer), [pyopenssl](https://github.com/pyca/pyopenssl) and [rfc3161-client](https://github.com/trailofbits/rfc3161-client).


Updates `cffi` from 2.0.0 to 2.1.0
- [Release notes](https://github.com/python-cffi/cffi/releases)
- [Commits](python-cffi/cffi@v2.0.0...v2.1.0)

Updates `charset-normalizer` from 3.4.7 to 3.4.9
- [Release notes](https://github.com/jawah/charset_normalizer/releases)
- [Changelog](https://github.com/jawah/charset_normalizer/blob/master/CHANGELOG.md)
- [Commits](jawah/charset_normalizer@3.4.7...3.4.9)

Updates `pyopenssl` from 26.2.0 to 26.3.0
- [Changelog](https://github.com/pyca/pyopenssl/blob/main/CHANGELOG.rst)
- [Commits](pyca/pyopenssl@26.2.0...26.3.0)

Updates `rfc3161-client` from 1.0.6 to 1.0.7
- [Release notes](https://github.com/trailofbits/rfc3161-client/releases)
- [Changelog](https://github.com/trailofbits/rfc3161-client/blob/main/CHANGELOG.md)
- [Commits](trailofbits/rfc3161-client@v1.0.6...v1.0.7)

---
updated-dependencies:
- dependency-name: cffi
  dependency-version: 2.1.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: charset-normalizer
  dependency-version: 3.4.9
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
- dependency-name: pyopenssl
  dependency-version: 26.3.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: python-dependencies
- dependency-name: rfc3161-client
  dependency-version: 1.0.7
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Jul 14, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jul 15, 2026

Copy link
Copy Markdown
Contributor Author

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Jul 15, 2026
@dependabot dependabot Bot deleted the dependabot/pip/python-dependencies-e6ed53c139 branch July 15, 2026 20:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants