chore(deps): bump cryptography from 48.0.1 to 49.0.0#41811
chore(deps): bump cryptography from 48.0.1 to 49.0.0#41811dependabot[bot] wants to merge 2 commits into
Conversation
Bumps [cryptography](https://github.com/pyca/cryptography) from 48.0.1 to 49.0.0. - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](pyca/cryptography@48.0.1...49.0.0) --- updated-dependencies: - dependency-name: cryptography dependency-version: 49.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
✅ Deploy Preview for superset-docs-preview ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
There was a problem hiding this comment.
Code Review Agent Run #a620c2
Actionable Suggestions - 2
-
requirements/development.txt - 2
- Manual lock file edit violation · Line 181-181
- Manual lock file edit violation · Line 793-793
Review Details
-
Files reviewed - 4 · Commit Range:
ee9edaa..c57d9e5- pyproject.toml
- requirements/base.in
- requirements/base.txt
- requirements/development.txt
-
Files skipped - 0
-
Tools
- Whispers (Secret Scanner) - ✔︎ Successful
- Detect-secrets (Secret Scanner) - ✔︎ Successful
Bito Usage Guide
Commands
Type the following command in the pull request comment and save the comment.
-
/review- Manually triggers a full AI review. -
/pause- Pauses automatic reviews on this pull request. -
/resume- Resumes automatic reviews. -
/resolve- Marks all Bito-posted review comments as resolved. -
/abort- Cancels all in-progress reviews.
Refer to the documentation for additional commands.
Configuration
This repository uses Superset You can customize the agent settings here or contact your Bito workspace admin at evan@preset.io.
Documentation & Help
| # -c requirements/base-constraint.txt | ||
| # apache-superset | ||
| cryptography==48.0.1 | ||
| cryptography==49.0.0 |
There was a problem hiding this comment.
Direct manual edit of development.txt violates the lock file management standard. The file header states it is autogenerated by uv pip compile. To update pinned versions, modify base.in and regenerate via: uv pip compile requirements/development.in -c requirements/base-constraint.txt -o requirements/development.txt. This ensures integrity hashes and dependency resolution remain consistent.
Code Review Run #a620c2
Should Bito avoid suggestions like this for future reviews? (Manage Rules)
- Yes, avoid them
| # -c requirements/base-constraint.txt | ||
| # paramiko | ||
| pyopenssl==26.2.0 | ||
| pyopenssl==26.3.0 |
There was a problem hiding this comment.
Direct manual edit of development.txt violates the lock file management standard. The file header states it is autogenerated by uv pip compile. To update pinned versions, modify base.in and regenerate via: uv pip compile requirements/development.in -c requirements/base-constraint.txt -o requirements/development.txt. This ensures integrity hashes and dependency resolution remain consistent.
Code Review Run #a620c2
Should Bito avoid suggestions like this for future reviews? (Manage Rules)
- Yes, avoid them
Code Review Agent Run #8ce896Actionable Suggestions - 0Review Details
Bito Usage GuideCommands Type the following command in the pull request comment and save the comment.
Refer to the documentation for additional commands. Configuration This repository uses Documentation & Help |
Bumps cryptography from 48.0.1 to 49.0.0.
Changelog
Sourced from cryptography's changelog.
... (truncated)
Commits
e300bbebump version and changelog for 49.0.0 (#15030)fa74cd8Add external mu (message representative) support for ML-DSA (#14979)f594db3chore(deps): bump openssl from 0.10.80 to 0.10.81 (#15029)608e011chore(deps): bump openssl-sys from 0.9.116 to 0.9.117 (#15028)a322bc4chore(deps): bump cc from 1.2.63 to 1.2.64 (#15027)33181a7Reject critical nameConstraints extensions containing directoryName constrain...6080dc7Bump dependencies that dependabot isn't (#15026)121faa3chore(deps): bump virtualenv from 21.4.2 to 21.4.3 (#15023)829520bAdd more robust processing for DH parameters. (#15016)0f05001Bump downstream dependencies in CI (#15025)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)