Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump cryptography to 43.0.0 and pyOpenSSL to 24.2.1 and chacha20poly1305-reuseable >= 0.13.0 #122308

Merged
merged 5 commits into from
Jul 22, 2024
Merged

Bump cryptography to 43.0.0 and pyOpenSSL to 24.2.1 and chacha20poly1305-reuseable >= 0.13.0 #122308

merged 5 commits into from
Jul 22, 2024

Conversation

bdraco
Copy link
Member

@bdraco bdraco commented Jul 21, 2024
edited
Loading

Proposed change

pyOpenSSL changelog: https://www.pyopenssl.org/en/latest/changelog.html
cryptography changelog: https://cryptography.io/en/latest/changelog/#v43-0-0
chacha20poly1305-reuseable: bdraco/chacha20poly1305-reuseable@v0.12.1...v0.13.1

chacha20poly1305-reuseable is now a stub as the new rust implementation in cryptography is ~9% faster

These are need to be bumped together to be compatible.

Type of change

  • Dependency upgrade
  • Bugfix (non-breaking change which fixes an issue)
  • New integration (thank you!)
  • New feature (which adds functionality to an existing integration)
  • Deprecation (breaking change to happen in the future)
  • Breaking change (fix/feature causing existing functionality to break)
  • Code quality improvements to existing code or addition of tests

Additional information

  • This PR fixes or closes issue: fixes #
  • This PR is related to issue:
  • Link to documentation pull request:

Checklist

  • The code change is tested and works locally.
  • Local tests pass. Your PR cannot be merged unless tests pass
  • There is no commented out code in this PR.
  • I have followed the development checklist
  • I have followed the perfect PR recommendations
  • The code has been formatted using Ruff (ruff format homeassistant tests)
  • Tests have been added to verify that the new code works.

If user exposed functionality or configuration variables are added/changed:

If the code communicates with devices, web services, or third-party tools:

  • The manifest file has all fields filled out correctly.
    Updated and included derived files by running: python3 -m script.hassfest.
  • New or updated dependencies have been added to requirements_all.txt.
    Updated by running python3 -m script.gen_requirements_all.
  • For the updated dependencies - a link to the changelog, or at minimum a diff between library versions is added to the PR description.

To help with the load of incoming pull requests:

@home-assistant home-assistant bot added cla-signed core dependency small-pr PRs with less than 30 lines. labels Jul 21, 2024
@bdraco
Copy link
Member Author

bdraco commented Jul 21, 2024

@epenet Looks like renault-api is pinning cryptography ?

@epenet
Copy link
Contributor

epenet commented Jul 21, 2024
edited
Loading

I am unable to access dev environment right now, but if you create a PR to loosen the dependency I can merge and release...

This was referenced Jul 21, 2024
Merged
Merged
Merged
@epenet
Copy link
Contributor

epenet commented Jul 21, 2024

#122326 should unlock this

@bdraco bdraco changed the title Bump cryptography to 43.0.0 and pyOpenSSL to 24.2.1 Bump cryptography to 43.0.0 and pyOpenSSL to 24.2.1 and chacha20poly1305-reuseable >= 0.13.0 Jul 21, 2024
@bdraco bdraco marked this pull request as ready for review July 21, 2024 20:36
@bdraco bdraco requested a review from a team as a code owner July 21, 2024 20:36
frenck
frenck approved these changes Jul 22, 2024
View reviewed changes
Copy link
Member

@frenck frenck left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, @bdraco 👍

../Frenck

@frenck frenck merged commit 02c64c7 into dev Jul 22, 2024
51 checks passed
@frenck frenck deleted the crypto_bump3 branch July 22, 2024 08:15
@bdraco
Copy link
Member Author

bdraco commented Jul 22, 2024

thanks

@github-actions github-actions bot locked and limited conversation to collaborators Jul 23, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@frenck frenck frenck approved these changes

Assignees
No one assigned
Labels
cla-signed core dependency small-pr PRs with less than 30 lines.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@bdraco @epenet @frenck