Skip to content

build(deps): update pyopenssl requirement from <=24.2.1,>=19.1.0 to >=19.1.0,<=26.3.0#386

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/pyopenssl-gte-19.1.0-and-lte-26.3.0
Open

build(deps): update pyopenssl requirement from <=24.2.1,>=19.1.0 to >=19.1.0,<=26.3.0#386
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/pyopenssl-gte-19.1.0-and-lte-26.3.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 15, 2026

Copy link
Copy Markdown
Contributor

Warning

Dependabot will stop supporting python v3.9!

Please upgrade to one of the following versions: v3.9, v3.10, v3.11, v3.12, v3.13, or v3.14.

Updates the requirements on pyopenssl to permit the latest version.

Changelog

Sourced from pyopenssl's changelog.

26.3.0 (2026-06-12)

Backward-incompatible changes: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Dropped support for Python 3.8.
  • The minimum cryptography version is now 49.0.0.
  • Removed deprecated OpenSSL.crypto.X509Req, OpenSSL.crypto.dump_certificate_request, and OpenSSL.crypto.load_certificate_request. cryptography.x509 should be used instead.
  • OpenSSL.SSL.Connection.set_session now raises ValueError if the Session was obtained from a Connection that was using a different Context than this one. OpenSSL requires (but does not verify) that sessions only be re-used with a compatible SSL_CTX, so this contract is now enforced.

Deprecations: ^^^^^^^^^^^^^

  • Deprecated OpenSSL.crypto.PKey.generate_key and OpenSSL.crypto.PKey.check. The key generation and loading APIs in cryptography should be used instead.
  • Deprecated OpenSSL.crypto.dump_privatekey. The serialization APIs on cryptography private key types should be used instead.
  • Deprecated all the mutable APIs on OpenSSL.crypto.X509: set_version, set_pubkey, sign, set_serial_number, gmtime_adj_notAfter, gmtime_adj_notBefore, set_notBefore, set_notAfter, set_issuer, and set_subject. cryptography.x509.CertificateBuilder should be used instead.
  • Deprecated OpenSSL.SSL.Context.set_passwd_cb. Users should decrypt and load their private keys themselves, with cryptography's key loading APIs, and then call OpenSSL.SSL.Context.use_privatekey.
  • Deprecated OpenSSL.crypto.X509Name, as well as the remaining APIs that consume or return it: OpenSSL.crypto.X509.get_issuer, OpenSSL.crypto.X509.get_subject, and OpenSSL.SSL.Context.set_client_ca_list. The APIs in cryptography.x509 should be used instead.

Changes: ^^^^^^^^

  • OpenSSL.SSL.Connection.get_client_ca_list now takes an as_cryptography keyword-argument. When True is passed then cryptography.x509.Name are returned, instead of OpenSSL.crypto.X509Name. In the future, passing False (the default) will be deprecated.

26.2.0 (2026-05-04)

Backward-incompatible changes: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

  • Removed deprecated OpenSSL.crypto.X509Extension, OpenSSL.crypto.X509Req.add_extension, OpenSSL.crypto.X509Req.get_extensions, OpenSSL.crypto.X509.add_extension, OpenSSL.crypto.X509.get_extensions. cryptography.x509 should be used instead.
  • It is now an error to calling any mutating method on OpenSSL.SSL.Context after it has been used to create a Connection. This was previously deprecated and has always been unsafe.

Deprecations: ^^^^^^^^^^^^^

Changes: ^^^^^^^^

  • Maximum supported cryptography version is now 48.x.
  • Added OpenSSL.SSL.Connection.set_options to set options on a per-connection basis.

26.1.0 (2026-04-24)

Backward-incompatible changes: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

... (truncated)

Commits
  • a34aa1d Prepare 26.3.0 release (#1515)
  • 24db880 Deprecate X509Name and the remaining APIs that consume or return it (#1514)
  • 1dc08be Add as_cryptography parameter to Connection.get_client_ca_list (#1508)
  • 55653a5 Require cryptography 49, drop Python 3.8 (#1513)
  • 9bad760 Remove deprecated CSR functionality (#1507)
  • 98ca874 Enforce that Session is only re-used with the Context it came from (#1512)
  • cbcb1da Deprecate Context.set_passwd_cb (#1511)
  • 3b9d07d Deprecate all the mutable APIs on X509 (#1510)
  • e096920 Deprecate PKey.generate_key, PKey.check, and dump_privatekey (#1509)
  • 7079d6d Fix zizmor findings in GitHub Actions workflows (#1506)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build(deps): update pyopenssl requirement
5792ddd 
Updates the requirements on [pyopenssl](https://github.com/pyca/pyopenssl) to permit the latest version.
- [Changelog](https://github.com/pyca/pyopenssl/blob/main/CHANGELOG.rst)
- [Commits](pyca/pyopenssl@19.1.0...26.3.0)

---
updated-dependencies:
- dependency-name: pyopenssl
  dependency-version: 26.3.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot mentioned this pull request Jun 15, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

maintenance

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants