Skip to content

Build(deps): Bump cryptography from 46.0.6 to 46.0.7#1423

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/main/cryptography-46.0.7
Open

Build(deps): Bump cryptography from 46.0.6 to 46.0.7#1423
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/main/cryptography-46.0.7

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 20, 2026
edited
Loading

Bumps cryptography from 46.0.6 to 46.0.7.

Changelog

Sourced from cryptography's changelog.

46.0.7 - 2026-04-07


* **SECURITY ISSUE**: Fixed an issue where non-contiguous buffers could be
  passed to APIs that accept Python buffers, which could lead to buffer
  overflow. **CVE-2026-39892**
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.6.

.. _v46-0-6:

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Apr 20, 2026
@dependabot dependabot Bot requested a review from asvetlov as a code owner April 20, 2026 21:17
@dependabot dependabot Bot added the python Pull requests that update Python code label Apr 20, 2026
@dependabot dependabot Bot requested review from Tinche and seifertm as code owners April 20, 2026 21:17
@codecov-commenter
Copy link
Copy Markdown

codecov-commenter commented Apr 20, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 94.53%. Comparing base (51b6dfc) to head (8b5ddfd).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #1423   +/-   ##
=======================================
  Coverage   94.53%   94.53%           
=======================================
  Files           2        2           
  Lines         512      512           
  Branches       61       61           
=======================================
  Hits          484      484           
  Misses         22       22           
  Partials        6        6

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@dependabot
Build(deps): Bump cryptography from 46.0.6 to 46.0.7
8b5ddfd 
Bumps [cryptography](https://github.com/pyca/cryptography) from 46.0.6 to 46.0.7.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](pyca/cryptography@46.0.6...46.0.7)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-version: 46.0.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/pip/main/cryptography-46.0.7 branch from fbf71c8 to 8b5ddfd Compare April 20, 2026 21:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@asvetlov asvetlov Awaiting requested review from asvetlov asvetlov is a code owner

@seifertm seifertm Awaiting requested review from seifertm seifertm is a code owner

@Tinche Tinche Awaiting requested review from Tinche Tinche is a code owner

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@codecov-commenter