Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

feat: bump pyopenssl 24.3.x #982

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Conversation

@miettal
Copy link

@miettal miettal commented Mar 13, 2025

Description

This PR upgrade pyopenssl dependency to address security alert.

The feature or problem addressed by this PR

This PR is for addressing security alert GHSA-79v4-65xg-pq4g.

GHSA-79v4-65xg-pq4g

What your changes do and why you chose this solution

Current constraints is <24.3.0(up to 24.2.x). New constratints is <24.4.0(up to 24.3.x).

Checklist

  • Checked that no other issues or pull requests exist for the same issue/change
  • [-] Added tests covering the new functionality
  • [-] Updated documentation OR the change is too minor to be documented
  • [] Updated CHANGELOG.md OR changes are insignificant

// I guess this constratints is for pyopenssl->cryptography migration.
#977 735bfa5 

This PR upgrade pyopenssl dependency. Current constraints is
`<24.3.0`(up to 24.2.x). New constratints is `<24.4.0`(up to 24.3.x).
This PR is for addressing security alert `GHSA-79v4-65xg-pq4g`.
GHSA-79v4-65xg-pq4g
// I guess this constratints is for pyopenssl->cryptography migration.
IdentityPython#977
IdentityPython@735bfa5
Copy link

First off, thank you for the great work in building and maintaining this project!
I was wondering if it might be possible to get this merged and released?

 

Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
Copy link

Note that #977 aims to remove pyopenssl all together and conflicts with this PR
miettal reacted with thumbs up emoji

Copy link

Hi, In Openstack we also have to bump pyopenssl (https://review.opendev.org/c/openstack/requirements/+/958191/2/upper-constraints.txt ), thanks for working on this (or removing the dependency to pyopenssl)

Copy link
Member

With 735bfa5 pyOpenSSL was restricted to <24.3.0.
This happened because v24.3.0 removed code that is used by this package.
See the relevant changelog here: https://github.com/pyca/pyopenssl/blob/main/CHANGELOG.rst#2430-2024年11月27日

This disallows us to update pyOpenSSL atm.
With #977 there is ongoing work to replace pyOpenSSL with pyca/cryptography entirely.

Given this issue, I cannot proceed to merge this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@felixxm felixxm felixxm left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

AltStyle によって変換されたページ (->オリジナル) /