Skip to content

Upgrade: [dependabot] - bump cryptography from 46.0.5 to 46.0.6 in the pip group across 1 directory#224

Merged
github-actions[bot] merged 1 commit intomainfrom
dependabot/pip/pip-6ba9ca5f64
Mar 31, 2026
Merged

Upgrade: [dependabot] - bump cryptography from 46.0.5 to 46.0.6 in the pip group across 1 directory#224
github-actions[bot] merged 1 commit intomainfrom
dependabot/pip/pip-6ba9ca5f64

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Mar 29, 2026
edited
Loading

Bumps the pip group with 1 update in the / directory: cryptography.

Updates cryptography from 46.0.5 to 46.0.6

Changelog

Sourced from cryptography's changelog.

46.0.6 - 2026-03-25


* **SECURITY ISSUE**: Fixed a bug where name constraints were not applied
  to peer names during verification when the leaf certificate contains a
  wildcard DNS SAN. Ordinary X.509 topologies are not affected by this bug,
  including those used by the Web PKI. Credit to **Oleh Konko (1seal)** for
  reporting the issue. **CVE-2026-34073**

.. _v46-0-5:

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Mar 29, 2026
@dependabot dependabot Bot requested a review from a team as a code owner March 29, 2026 04:12
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Mar 29, 2026
github-actions[bot]
github-actions Bot approved these changes Mar 29, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@github-actions github-actions Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm approving this pull request because it includes a patch or minor update

@github-actions github-actions Bot enabled auto-merge (squash) March 29, 2026 04:12
@dependabot dependabot Bot force-pushed the dependabot/pip/pip-6ba9ca5f64 branch from 70fa9c5 to 99a2302 Compare March 30, 2026 12:03
github-actions[bot]
github-actions Bot approved these changes Mar 30, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@github-actions github-actions Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm approving this pull request because it includes a patch or minor update

auto-merge was automatically disabled March 30, 2026 12:08

Pull Request is not mergeable

@dependabot dependabot Bot force-pushed the dependabot/pip/pip-6ba9ca5f64 branch from 99a2302 to c2dfc36 Compare March 31, 2026 11:21
github-actions[bot]
github-actions Bot approved these changes Mar 31, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@github-actions github-actions Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm approving this pull request because it includes a patch or minor update

@github-actions github-actions Bot enabled auto-merge (squash) March 31, 2026 11:21
@dependabot
Upgrade: [dependabot] - bump cryptography
95ccd09 
Bumps the pip group with 1 update in the / directory: [cryptography](https://github.com/pyca/cryptography).


Updates `cryptography` from 46.0.5 to 46.0.6
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](pyca/cryptography@46.0.5...46.0.6)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-version: 46.0.6
  dependency-type: indirect
  dependency-group: pip
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/pip/pip-6ba9ca5f64 branch from c2dfc36 to 95ccd09 Compare March 31, 2026 11:31
github-actions[bot]
github-actions Bot approved these changes Mar 31, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@github-actions github-actions Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm approving this pull request because it includes a patch or minor update

@github-actions github-actions Bot merged commit 9727265 into main Mar 31, 2026
7 checks passed
@github-actions github-actions Bot deleted the dependabot/pip/pip-6ba9ca5f64 branch March 31, 2026 11:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants