From: Viktor Szakats Date: Thu, 25 Sep 2025 11:14:36 +0000 (+0200) Subject: GHA: bump pip `cryptography`, relax `impacket` version requirement X-Git-Tag: rc-8_17_0-1~232 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=e08211b1ca35b9d6fbc5e4a898af0738516ad1ec;p=thirdparty%2Fcurl.git GHA: bump pip `cryptography`, relax `impacket` version requirement Bump `cryptography` to a newer version that fixes two known OpenSSL vulnerabilities reported by Dependabot. To make it work, also allow `impacket` 0.11.0, because it allows any pyOpenSSL version, while 0.12.0 pinned it to a single version that happens to be incompatible with the bugfixed `cryptography` version. Also: drop spaces from `requirements.txt` files. Bots don't add them, though they seem to be preferred in the official documentation: https://pip.pypa.io/en/stable/reference/requirements-file-format/ https://github.com/fortra/impacket/blob/impacket_0_11_0/requirements.txt https://github.com/fortra/impacket/blob/impacket_0_12_0/requirements.txt Follow-up to 7d5f8be532c19ec73063aaa4f27057047bdae5ac #18708 Closes #18731 --- diff --git a/.github/scripts/requirements.txt b/.github/scripts/requirements.txt index 5e876b0cb2..ac858451d5 100644 --- a/.github/scripts/requirements.txt +++ b/.github/scripts/requirements.txt @@ -2,8 +2,8 @@ # # SPDX-License-Identifier: curl -cmakelang == 0.6.13 -codespell == 2.4.1 -pytype == 2024.10.11 -reuse == 5.1.1 -ruff == 0.13.1 +cmakelang==0.6.13 +codespell==2.4.1 +pytype==2024.10.11 +reuse==5.1.1 +ruff==0.13.1 diff --git a/tests/http/requirements.txt b/tests/http/requirements.txt index 8dddcd1e1c..6a98723ac2 100644 --- a/tests/http/requirements.txt +++ b/tests/http/requirements.txt @@ -2,9 +2,9 @@ # # SPDX-License-Identifier: curl -cryptography == 42.0.8 -filelock == 3.19.1 -psutil == 7.1.0 -pytest == 8.4.2 -pytest-xdist == 3.8.0 -websockets == 15.0.1 +cryptography==44.0.1 +filelock==3.19.1 +psutil==7.1.0 +pytest==8.4.2 +pytest-xdist==3.8.0 +websockets==15.0.1 diff --git a/tests/requirements.txt b/tests/requirements.txt index dab4784c5f..501c1fc693 100644 --- a/tests/requirements.txt +++ b/tests/requirements.txt @@ -2,4 +2,4 @@ # # SPDX-License-Identifier: curl -impacket == 0.12.0 +impacket>=0.11.0,<=0.12.0