Skip to content

Build(deps): Update openssl requirement from ~> 3 to ~> 4#208

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/bundler/openssl-tw-4
Open

Build(deps): Update openssl requirement from ~> 3 to ~> 4#208
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/bundler/openssl-tw-4

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 9, 2026
edited
Loading

Updates the requirements on openssl to permit the latest version.

Release notes

Sourced from openssl's releases.

v4.0.1

What's Changed

New Contributors

Full Changelog: ruby/openssl@v4.0.0...v4.0.1

Changelog

Sourced from openssl's changelog.

Version 4.0.1

Notable changes

  • Add sync_close keyword argument to OpenSSL::SSL::SSLSocket.new as a short-hand for setting sync_close attribute on the created SSLSocket instance. [[GitHub #955]](ruby/openssl#955) [[GitHub #996]](ruby/openssl#996)

Bug fixes

Version 4.0.0

Compatibility

  • Ruby >= 2.7
  • OpenSSL >= 1.1.1, LibreSSL >= 3.9, and AWS-LC 1.66.0

Notable changes

  • OpenSSL::SSL
    • Reduce overhead when writing to OpenSSL::SSL::SSLSocket. #syswrite no longer creates a temporary String object. [[GitHub #831]](ruby/openssl#831)
    • Make OpenSSL::SSL::SSLContext#min_version= and #max_version= wrap the corresponding OpenSSL APIs directly, and remove the fallback to SSL options. [[GitHub #849]](ruby/openssl#849)
    • Add OpenSSL::SSL::SSLContext#sigalgs= and #client_sigalgs= for specifying signature algorithms to use for connections. [[GitHub #895]](ruby/openssl#895)
    • Rename OpenSSL::SSL::SSLContext#ecdh_curves= to #groups= following the underlying OpenSSL API rename. This method is no longer specific to ECDHE. The old method remains as an alias.

... (truncated)

Commits
  • 38a1a4a Ruby/OpenSSL 4.0.1
  • ff90193 Merge pull request #1003 from ruby/dependabot/github_actions/step-security/ha...
  • 93d79fc Merge pull request #1004 from swhitt/fix-ocsp-basic-response-uninitialized-re...
  • 667ce07 ocsp: fix uninitialized variables in BasicResponse#status
  • 2ff55dc build(deps): bump step-security/harden-runner from 2.14.1 to 2.14.2
  • f9429bd Merge pull request #997 from junaruga/wip/fips-test-pkcs12
  • d86270d Update the steps to generate the base64-based examples.
  • 2aa6d97 Fix test_pkcs12.rb in FIPS.
  • b814041 Merge pull request #1002 from ruby/dependabot/github_actions/step-security/ha...
  • 1aeac77 build(deps): bump step-security/harden-runner from 2.14.0 to 2.14.1
  • Additional commits viewable in compare view

@dependabot dependabot bot added dependencies Pull requests that update a dependency file ruby Pull requests that update ruby code labels Apr 9, 2026
@dependabot dependabot bot force-pushed the dependabot/bundler/openssl-tw-4 branch from a15ddd9 to c3a2954 Compare April 9, 2026 11:57
@dependabot
Build(deps): Update openssl requirement from ~> 3 to ~> 4
df6e2c9 
Updates the requirements on [openssl](https://github.com/ruby/openssl) to permit the latest version.
- [Release notes](https://github.com/ruby/openssl/releases)
- [Changelog](https://github.com/ruby/openssl/blob/master/History.md)
- [Commits](ruby/openssl@v3.0.0...v4.0.1)

---
updated-dependencies:
- dependency-name: openssl
  dependency-version: 4.0.1
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/bundler/openssl-tw-4 branch from c3a2954 to df6e2c9 Compare April 9, 2026 12:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file ruby Pull requests that update ruby code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants