Skip to content

fix: widen cryptography upper bound to major version#520

Open
gavin913-lss wants to merge 1 commit into
AvaCodeSolutions:masterfrom
gavin913-lss:fix/cryptography-upper-bound
Open

fix: widen cryptography upper bound to major version#520
gavin913-lss wants to merge 1 commit into
AvaCodeSolutions:masterfrom
gavin913-lss:fix/cryptography-upper-bound

Conversation

@gavin913-lss

@gavin913-lss gavin913-lss commented Jun 2, 2026

Copy link
Copy Markdown

Problem

pyproject.toml pins cryptography at patch level:

"cryptography (>=48.0.0,<48.1.0)"

This causes dependency conflicts for any integrator who already has cryptography>=48.1.0 installed.

Fixes #500

Fix

Widen the cryptography constraint from >=48.0.0,<48.1.0 to >=48.0.0,<49.0.0, following the standard pattern for open-source packages.

Note: The issue mentions other core dependencies may have similar over-pinning. This PR addresses only cryptography to keep the change minimal and reviewable.

@gavin913-lss
fix: widen cryptography upper bound to major version
d514f87 
Patch-level pin (>=48.0.0,<48.1.0) causes dependency conflicts
for any integrator that already has cryptography>=48.1.0.

Widen to >=48.0.0,<49.0.0 following the standard pattern.

Fixes AvaCodeSolutions#500
@payamnj

payamnj commented Jun 10, 2026

Copy link
Copy Markdown
Contributor

Thank you @gavin913-lss, the pipeline failed and it seems that poetry lock should be updated as well.

@payamnj payamnj mentioned this pull request Jun 10, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

cryptography dependency pinned too tightly (patch-level pin)

2 participants

@gavin913-lss @payamnj