fix: relax cryptography version pin to allow patch releases#522
Open
cmw-creator wants to merge 1 commit into
Open
fix: relax cryptography version pin to allow patch releases#522cmw-creator wants to merge 1 commit into
cmw-creator wants to merge 1 commit into
Conversation
Currently pinned at <48.1.0, causing dependency conflicts for integrators with cryptography>=48.1.0 installed. Broaden to <49.0.0.
Contributor
|
Thank you @cmw-creator, The pipeline failed. It seems that poetry lock should be updated as well. |
Contributor
|
@cmw-creator also I noticed this PR is a duplicate PR another contributor already had a PR for this ticket. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Fixes the overly strict
cryptographydependency pin inpyproject.toml.Problem
pyproject.tomlpins cryptography at patch level:"cryptography (>=48.0.0,<48.1.0)"This causes dependency conflicts for any integrator who has
cryptography>=48.1.0installed, as pip/resolve cannot find a satisfying version.Fix
Broadened the upper bound to the next minor version:
"cryptography (>=48.0.0,<49.0.0)"This follows the standard open-source convention of pinning at the minor version level, allowing patch releases while preventing breaking changes.
Closes #500