On Fri, Sep 19, 2025 at 02:34:22PM +0200, Simon Josefsson wrote:
Note that the upstream pyproject.toml has "cryptography (>=3.0, <48)".I made a quick upload bumping <<44 to <<48. However why would one want to have these << dependencies? I guess they are mirroring upstream pyproject.toml, but I still don't understand the reason.
It's an interesting question for which I don't have an answer, even pyopenssl (notably maintained by the same PyCA as cryptography itself) has a regularly bumped upper dep on cryptography. E.g. the recently released 25.3.0 has the bump as the only change.
-- WBR, wRAR
signature.asc
Description: PGP signature
