Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package python-cryptography for
openSUSE:Factory checked in at 2024-07-31 13:28:09
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-cryptography (Old)
and /work/SRC/openSUSE:Factory/.python-cryptography.new.7232 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-cryptography"
Wed Jul 31 13:28:09 2024 rev:91 rq:1189786 version:43.0.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-cryptography/python-cryptography.changes
2024-06-09 20:18:46.938489721 +0200
+++
/work/SRC/openSUSE:Factory/.python-cryptography.new.7232/python-cryptography.changes
2024-07-31 13:28:12.953147067 +0200
@@ -1,0 +2,82 @@
+Fri Jul 26 10:33:45 UTC 2024 - Dirk Müller <[email protected]>
+
+- update to 43.0.0:
+ * BACKWARDS INCOMPATIBLE: Support for OpenSSL less than 1.1.1e
+ has been removed. Users on older version of OpenSSL will
+ need to upgrade.
+ * BACKWARDS INCOMPATIBLE: Dropped support for LibreSSL < 3.8.
+ * Updated Windows, macOS, and Linux wheels to be compiled with
+ OpenSSL 3.3.1.
+ * Updated the minimum supported Rust version (MSRV) to 1.65.0,
+ from 1.63.0.
+ * :func:`~cryptography.hazmat.primitives.asymmetric.rsa.generat
+ e_private_key` now enforces a minimum RSA key size of
+ 1024-bit. Note that 1024-bit is still considered insecure,
+ users should generally use a key size of 2048-bits.
+ * :func:`~cryptography.hazmat.primitives.serialization.pkcs7.se
+ rialize_certificates` now emits ASN.1 that more closely
+ follows the recommendations in RFC 2315.
+ * Added new :doc:`/hazmat/decrepit/index` module which contains
+ outdated and insecure cryptographic primitives. :class:`~cryp
+ tography.hazmat.primitives.ciphers.algorithms.CAST5`, :class:
+ `~cryptography.hazmat.primitives.ciphers.algorithms.SEED`, :c
+ lass:`~cryptography.hazmat.primitives.ciphers.algorithms.IDEA
+ `, and :class:`~cryptography.hazmat.primitives.ciphers.algori
+ thms.Blowfish`, which were deprecated in 37.0.0, have been
+ added to this module. They will be removed from the cipher
+ module in 45.0.0.
+ * Moved :class:`~cryptography.hazmat.primitives.ciphers.algorit
+ hms.TripleDES` and :class:`~cryptography.hazmat.primitives.ci
+ phers.algorithms.ARC4` into :doc:`/hazmat/decrepit/index` and
+ deprecated them in the cipher module. They will be removed
+ from the cipher module in 48.0.0.
+ * Added support for deterministic
+ :class:`~cryptography.hazmat.primitives.asymmetric.ec.ECDSA`
+ (RFC 6979)
+ * Added support for client certificate verification to the
+ :mod:`X.509 path validation <cryptography.x509.verification>`
+ APIs in the form of
+ :class:`~cryptography.x509.verification.ClientVerifier`,
+ :class:`~cryptography.x509.verification.VerifiedClient`, and
+ PolicyBuilder :meth:`~cryptography.x509.verification.PolicyBu
+ ilder.build_client_verifier`.
+ * Added Certificate :attr:`~cryptography.x509.Certificate.publi
+ c_key_algorithm_oid` and Certificate Signing Request :attr:`~
+ cryptography.x509.CertificateSigningRequest.public_key_algori
+ thm_oid` to determine the
+ :class:`~cryptography.hazmat._oid.PublicKeyAlgorithmOID`
+ Object Identifier of the public key found inside the
+ certificate.
+ * Added :attr:`~cryptography.x509.InvalidityDate.invalidity_dat
+ e_utc`, a timezone-aware alternative to the naïve datetime
+ attribute
+ :attr:`~cryptography.x509.InvalidityDate.invalidity_date`.
+ * Added support for parsing empty DN string in
+ :meth:`~cryptography.x509.Name.from_rfc4514_string`.
+ * Added the following properties that return timezone-aware
+ datetime objects:
+ :meth:`~cryptography.x509.ocsp.OCSPResponse.produced_at_utc`,
+ :meth:`~cryptography.x509.ocsp.OCSPResponse.revocation_time_u
+ tc`,
+ :meth:`~cryptography.x509.ocsp.OCSPResponse.this_update_utc`,
+ :meth:`~cryptography.x509.ocsp.OCSPResponse.next_update_utc`,
+ :meth:`~cryptography.x509.ocsp.OCSPSingleResponse.revocation_
+ time_utc`, :meth:`~cryptography.x509.ocsp.OCSPSingleResponse.
+ this_update_utc`, :meth:`~cryptography.x509.ocsp.OCSPSingleRe
+ sponse.next_update_utc`, These are timezone-aware variants of
+ existing properties that return naïve datetime objects.
+ * Added :func:`~cryptography.hazmat.primitives.asymmetric.rsa.r
+ sa_recover_private_exponent`
+ * Added :meth:`~cryptography.hazmat.primitives.ciphers.CipherCo
+ ntext.reset_nonce` for altering the nonce of a cipher context
+ without initializing a new instance. See the docs for
+ additional restrictions.
+ * :class:`~cryptography.x509.NameAttribute` now raises an
+ exception when attempting to create a common name whose
+ length is shorter or longer than RFC 5280 permits.
+ * Added basic support for PKCS7 encryption (including SMIME)
+ via :class:`~cryptography.hazmat.primitives.serialization.pkc
+ s7.PKCS7EnvelopeBuilder`.
+- add use-offline-build.patch
+
+-------------------------------------------------------------------
Old:
----
cryptography-42.0.8.tar.gz
New:
----
cryptography-43.0.0.tar.gz
use-offline-build.patch
BETA DEBUG BEGIN:
New: s7.PKCS7EnvelopeBuilder`.
- add use-offline-build.patch
BETA DEBUG END:
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-cryptography.spec ++++++
--- /var/tmp/diff_new_pack.tia17D/_old 2024-07-31 13:28:14.533211962 +0200
+++ /var/tmp/diff_new_pack.tia17D/_new 2024-07-31 13:28:14.537212126 +0200
@@ -27,7 +27,7 @@
%endif
%{?sle15_python_module_pythons}
Name: python-cryptography%{psuffix}
-Version: 42.0.8
+Version: 43.0.0
Release: 0
Summary: Python library which exposes cryptographic recipes and
primitives
License: Apache-2.0 OR BSD-3-Clause
@@ -37,15 +37,20 @@
# use `osc service manualrun` to regenerate
Source2: vendor.tar.zst
Source4: python-cryptography.keyring
+Patch1: use-offline-build.patch
# PATCH-FEATURE-OPENSUSE no-pytest_benchmark.patch [email protected]
# We don't need no benchmarking and coverage measurement
Patch4: no-pytest_benchmark.patch
BuildRequires: %{python_module cffi >= 1.12}
BuildRequires: %{python_module devel}
BuildRequires: %{python_module exceptiongroup}
+BuildRequires: %{python_module maturin}
BuildRequires: %{python_module pip}
+BuildRequires: %{python_module pip}
+BuildRequires: %{python_module setuptools-rust >= 1.7.0}
BuildRequires: %{python_module setuptools-rust >= 1.7.0}
BuildRequires: %{python_module setuptools}
+BuildRequires: %{python_module setuptools}
BuildRequires: %{python_module wheel}
BuildRequires: cargo >= 1.56.0
BuildRequires: fdupes
++++++ _service ++++++
--- /var/tmp/diff_new_pack.tia17D/_old 2024-07-31 13:28:14.577213769 +0200
+++ /var/tmp/diff_new_pack.tia17D/_new 2024-07-31 13:28:14.581213933 +0200
@@ -1,8 +1,10 @@
<services>
<service name="download_files" mode="manual"/>
<service name="cargo_vendor" mode="manual">
- <param name="srcdir">cryptography-42.0.8/src/rust</param>
+ <param name="src">cryptography-43.0.0/src/rust</param>
+ <param name="cargotoml">Cargo.toml</param>
<param name="compression">zst</param>
+ <param name="update">false</param>
</service>
</services>
++++++ cryptography-42.0.8.tar.gz -> cryptography-43.0.0.tar.gz ++++++
++++ 27489 lines of diff (skipped)
++++++ no-pytest_benchmark.patch ++++++
--- /var/tmp/diff_new_pack.tia17D/_old 2024-07-31 13:28:14.809223298 +0200
+++ /var/tmp/diff_new_pack.tia17D/_new 2024-07-31 13:28:14.813223462 +0200
@@ -8,21 +8,21 @@
tests/bench/test_x509.py | 16 ++++++-------
7 files changed, 37 insertions(+), 68 deletions(-)
-Index: cryptography-42.0.1/pyproject.toml
+Index: cryptography-43.0.0/pyproject.toml
===================================================================
---- cryptography-42.0.1.orig/pyproject.toml
-+++ cryptography-42.0.1/pyproject.toml
-@@ -71,8 +71,6 @@ ssh = ["bcrypt >=3.1.5"]
- nox = ["nox"]
+--- cryptography-43.0.0.orig/pyproject.toml
++++ cryptography-43.0.0/pyproject.toml
+@@ -66,8 +66,6 @@ nox = ["nox"]
test = [
+ "cryptography_vectors==43.0.0",
"pytest >=6.2.0",
- "pytest-benchmark",
- "pytest-cov",
"pytest-xdist",
"pretend",
"certifi",
-@@ -92,7 +90,7 @@ rust-version = ">=1.63.0"
-
+@@ -118,7 +116,7 @@ exclude = [
+ ]
[tool.pytest.ini_options]
-addopts = "-r s --capture=no --strict-markers --benchmark-disable"
@@ -30,7 +30,7 @@
console_output_style = "progress-even-when-capture-no"
markers = [
"skip_fips: this test is not executed in FIPS mode",
-@@ -114,33 +112,6 @@ module = [
+@@ -140,33 +138,6 @@ module = [
]
ignore_missing_imports = true
@@ -62,25 +62,12 @@
-]
-
[tool.ruff]
- ignore = ['N818']
- select = ['E', 'F', 'I', 'N', 'W', 'UP', 'RUF']
-Index: cryptography-42.0.1/src/cryptography.egg-info/requires.txt
-===================================================================
---- cryptography-42.0.1.orig/src/cryptography.egg-info/requires.txt
-+++ cryptography-42.0.1/src/cryptography.egg-info/requires.txt
-@@ -28,8 +28,6 @@ bcrypt>=3.1.5
-
- [test]
- pytest>=6.2.0
--pytest-benchmark
--pytest-cov
- pytest-xdist
- pretend
- certifi
-Index: cryptography-42.0.1/tests/bench/test_aead.py
+ line-length = 79
+
+Index: cryptography-43.0.0/tests/bench/test_aead.py
===================================================================
---- cryptography-42.0.1.orig/tests/bench/test_aead.py
-+++ cryptography-42.0.1/tests/bench/test_aead.py
+--- cryptography-43.0.0.orig/tests/bench/test_aead.py
++++ cryptography-43.0.0/tests/bench/test_aead.py
@@ -26,84 +26,84 @@ def _aead_supported(cls):
not _aead_supported(ChaCha20Poly1305),
reason="Requires OpenSSL with ChaCha20Poly1305 support",
@@ -186,10 +173,10 @@
ct = aes.encrypt(b"\x00" * 12, b"hello world plaintext", None)
- benchmark(aes.decrypt, b"\x00" * 12, ct, None)
+ aes.decrypt(b"\x00" * 12, ct, None)
-Index: cryptography-42.0.1/tests/bench/test_ec_load.py
+Index: cryptography-43.0.0/tests/bench/test_ec_load.py
===================================================================
---- cryptography-42.0.1.orig/tests/bench/test_ec_load.py
-+++ cryptography-42.0.1/tests/bench/test_ec_load.py
+--- cryptography-43.0.0.orig/tests/bench/test_ec_load.py
++++ cryptography-43.0.0/tests/bench/test_ec_load.py
@@ -5,9 +5,9 @@
from ..hazmat.primitives.fixtures_ec import EC_KEY_SECP256R1
@@ -204,10 +191,10 @@
- benchmark(EC_KEY_SECP256R1.private_key)
+def test_load_ec_private_numbers():
+ EC_KEY_SECP256R1.private_key()
-Index: cryptography-42.0.1/tests/bench/test_hashes.py
+Index: cryptography-43.0.0/tests/bench/test_hashes.py
===================================================================
---- cryptography-42.0.1.orig/tests/bench/test_hashes.py
-+++ cryptography-42.0.1/tests/bench/test_hashes.py
+--- cryptography-43.0.0.orig/tests/bench/test_hashes.py
++++ cryptography-43.0.0/tests/bench/test_hashes.py
@@ -5,10 +5,10 @@
from cryptography.hazmat.primitives import hashes
@@ -221,10 +208,10 @@
- benchmark(bench)
+ bench()
-Index: cryptography-42.0.1/tests/bench/test_hmac.py
+Index: cryptography-43.0.0/tests/bench/test_hmac.py
===================================================================
---- cryptography-42.0.1.orig/tests/bench/test_hmac.py
-+++ cryptography-42.0.1/tests/bench/test_hmac.py
+--- cryptography-43.0.0.orig/tests/bench/test_hmac.py
++++ cryptography-43.0.0/tests/bench/test_hmac.py
@@ -5,10 +5,10 @@
from cryptography.hazmat.primitives import hashes, hmac
@@ -238,10 +225,10 @@
- benchmark(bench)
+ bench()
-Index: cryptography-42.0.1/tests/bench/test_x509.py
+Index: cryptography-43.0.0/tests/bench/test_x509.py
===================================================================
---- cryptography-42.0.1.orig/tests/bench/test_x509.py
-+++ cryptography-42.0.1/tests/bench/test_x509.py
+--- cryptography-43.0.0.orig/tests/bench/test_x509.py
++++ cryptography-43.0.0/tests/bench/test_x509.py
@@ -13,40 +13,40 @@ from cryptography import x509
from ..utils import load_vectors_from_file
@@ -298,4 +285,17 @@
- benchmark(bench)
+ bench
+Index: cryptography-43.0.0/tests/bench/test_fernet.py
+===================================================================
+--- cryptography-43.0.0.orig/tests/bench/test_fernet.py
++++ cryptography-43.0.0/tests/bench/test_fernet.py
+@@ -5,6 +5,6 @@
+ from cryptography import fernet
+
+
+-def test_fernet_encrypt(benchmark):
++def test_fernet_encrypt():
+ f = fernet.Fernet(fernet.Fernet.generate_key())
+- benchmark(f.encrypt, b"\x00" * 256)
++ f.encrypt(b"\x00" * 256)
++++++ use-offline-build.patch ++++++
Index: cryptography-43.0.0/pyproject.toml
===================================================================
--- cryptography-43.0.0.orig/pyproject.toml
+++ cryptography-43.0.0/pyproject.toml
@@ -84,7 +84,8 @@ python-source = "src"
python-packages = ["cryptography"]
manifest-path = "src/rust/Cargo.toml"
module-name = "cryptography.hazmat.bindings._rust"
-locked = true
+locked = false
+offline = true
sdist-generator = "git"
features = ["pyo3/abi3-py37"]
include = [
++++++ vendor.tar.zst ++++++
++++ 113600 lines of diff (skipped)
