Skip to content

fix(deps): update dependency pyopenssl to v25

Renovate Bot requested to merge renovate/pyopenssl-25.x into develop

This MR contains the following updates:

Package Change Age Adoption Passing Confidence
pyopenssl (source) ~24.1 -> ~25.0 age adoption passing confidence

Release Notes

pyca/pyopenssl (pyopenssl)

v25.0.0

Compare Source

Backward-incompatible changes: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Deprecations: ^^^^^^^^^^^^^

Changes: ^^^^^^^^

  • Corrected type annotations on Context.set_alpn_select_callback, Context.set_session_cache_mode, Context.set_options, Context.set_mode, X509.subject_name_hash, and X509Store.load_locations.
  • Deprecated APIs are now marked using warnings.deprecated. mypy will emit deprecation notices for them when used with --enable-error-code deprecated.

v24.3.0

Compare Source

Backward-incompatible changes: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Removed the deprecated OpenSSL.crypto.CRL, OpenSSL.crypto.Revoked, OpenSSL.crypto.dump_crl, and OpenSSL.crypto.load_crl. cryptography.x509's CRL functionality should be used instead.
  • Removed the deprecated OpenSSL.crypto.sign and OpenSSL.crypto.verify. cryptography.hazmat.primitives.asymmetric's signature APIs should be used instead.

Deprecations: ^^^^^^^^^^^^^

  • Deprecated OpenSSL.rand - callers should use os.urandom() instead.
  • Deprecated add_extensions and get_extensions on OpenSSL.crypto.X509Req and OpenSSL.crypto.X509. These should have been deprecated at the same time X509Extension was. Users should use pyca/cryptography's X.509 APIs instead.
  • Deprecated OpenSSL.crypto.get_elliptic_curves and OpenSSL.crypto.get_elliptic_curve, as well as passing the reult of them to OpenSSL.SSL.Context.set_tmp_ecdh, users should instead pass curves from cryptography.
  • Deprecated passing X509 objects to OpenSSL.SSL.Context.use_certificate, OpenSSL.SSL.Connection.use_certificate, OpenSSL.SSL.Context.add_extra_chain_cert, and OpenSSL.SSL.Context.add_client_ca, users should instead pass cryptography.x509.Certificate instances. This is in preparation for deprecating pyOpenSSL's X509 entirely.
  • Deprecated passing PKey objects to OpenSSL.SSL.Context.use_privatekey and OpenSSL.SSL.Connection.use_privatekey, users should instead pass cryptography priate key instances. This is in preparation for deprecating pyOpenSSL's PKey entirely.

Changes: ^^^^^^^^

  • cryptography maximum version has been increased to 44.0.x.
  • OpenSSL.SSL.Connection.get_certificate, OpenSSL.SSL.Connection.get_peer_certificate, OpenSSL.SSL.Connection.get_peer_cert_chain, and OpenSSL.SSL.Connection.get_verified_chain now take an as_cryptography keyword-argument. When True is passed then cryptography.x509.Certificate are returned, instead of OpenSSL.crypto.X509. In the future, passing False (the default) will be deprecated.

v24.2.1

Compare Source

Backward-incompatible changes: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Deprecations: ^^^^^^^^^^^^^

Changes: ^^^^^^^^

  • Fixed changelog to remove sphinx specific restructured text strings.

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Never, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about this update again.

  • If you want to rebase/retry this MR, check this box

This MR has been generated by Renovate Bot.

Merge request reports