Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package python-cryptography for openSUSE:Factory checked in at 2024-07-31 13:28:09 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-cryptography (Old) and /work/SRC/openSUSE:Factory/.python-cryptography.new.7232 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "python-cryptography" Wed Jul 31 13:28:09 2024 rev:91 rq:1189786 version:43.0.0 Changes: -------- --- /work/SRC/openSUSE:Factory/python-cryptography/python-cryptography.changes 2024-06-09 20:18:46.938489721 +0200 +++ /work/SRC/openSUSE:Factory/.python-cryptography.new.7232/python-cryptography.changes 2024-07-31 13:28:12.953147067 +0200 @@ -1,0 +2,82 @@ +Fri Jul 26 10:33:45 UTC 2024 - Dirk Müller <dmueller@suse.com> + +- update to 43.0.0: + * BACKWARDS INCOMPATIBLE: Support for OpenSSL less than 1.1.1e + has been removed. Users on older version of OpenSSL will + need to upgrade. + * BACKWARDS INCOMPATIBLE: Dropped support for LibreSSL < 3.8. + * Updated Windows, macOS, and Linux wheels to be compiled with + OpenSSL 3.3.1. + * Updated the minimum supported Rust version (MSRV) to 1.65.0, + from 1.63.0. + * :func:`~cryptography.hazmat.primitives.asymmetric.rsa.generat + e_private_key` now enforces a minimum RSA key size of + 1024-bit. Note that 1024-bit is still considered insecure, + users should generally use a key size of 2048-bits. + * :func:`~cryptography.hazmat.primitives.serialization.pkcs7.se + rialize_certificates` now emits ASN.1 that more closely + follows the recommendations in RFC 2315. + * Added new :doc:`/hazmat/decrepit/index` module which contains + outdated and insecure cryptographic primitives. :class:`~cryp + tography.hazmat.primitives.ciphers.algorithms.CAST5`, :class: + `~cryptography.hazmat.primitives.ciphers.algorithms.SEED`, :c + lass:`~cryptography.hazmat.primitives.ciphers.algorithms.IDEA + `, and :class:`~cryptography.hazmat.primitives.ciphers.algori + thms.Blowfish`, which were deprecated in 37.0.0, have been + added to this module. They will be removed from the cipher + module in 45.0.0. + * Moved :class:`~cryptography.hazmat.primitives.ciphers.algorit + hms.TripleDES` and :class:`~cryptography.hazmat.primitives.ci + phers.algorithms.ARC4` into :doc:`/hazmat/decrepit/index` and + deprecated them in the cipher module. They will be removed + from the cipher module in 48.0.0. + * Added support for deterministic + :class:`~cryptography.hazmat.primitives.asymmetric.ec.ECDSA` + (RFC 6979) + * Added support for client certificate verification to the + :mod:`X.509 path validation <cryptography.x509.verification>` + APIs in the form of + :class:`~cryptography.x509.verification.ClientVerifier`, + :class:`~cryptography.x509.verification.VerifiedClient`, and + PolicyBuilder :meth:`~cryptography.x509.verification.PolicyBu + ilder.build_client_verifier`. + * Added Certificate :attr:`~cryptography.x509.Certificate.publi + c_key_algorithm_oid` and Certificate Signing Request :attr:`~ + cryptography.x509.CertificateSigningRequest.public_key_algori + thm_oid` to determine the + :class:`~cryptography.hazmat._oid.PublicKeyAlgorithmOID` + Object Identifier of the public key found inside the + certificate. + * Added :attr:`~cryptography.x509.InvalidityDate.invalidity_dat + e_utc`, a timezone-aware alternative to the naïve datetime + attribute + :attr:`~cryptography.x509.InvalidityDate.invalidity_date`. + * Added support for parsing empty DN string in + :meth:`~cryptography.x509.Name.from_rfc4514_string`. + * Added the following properties that return timezone-aware + datetime objects: + :meth:`~cryptography.x509.ocsp.OCSPResponse.produced_at_utc`, + :meth:`~cryptography.x509.ocsp.OCSPResponse.revocation_time_u + tc`, + :meth:`~cryptography.x509.ocsp.OCSPResponse.this_update_utc`, + :meth:`~cryptography.x509.ocsp.OCSPResponse.next_update_utc`, + :meth:`~cryptography.x509.ocsp.OCSPSingleResponse.revocation_ + time_utc`, :meth:`~cryptography.x509.ocsp.OCSPSingleResponse. + this_update_utc`, :meth:`~cryptography.x509.ocsp.OCSPSingleRe + sponse.next_update_utc`, These are timezone-aware variants of + existing properties that return naïve datetime objects. + * Added :func:`~cryptography.hazmat.primitives.asymmetric.rsa.r + sa_recover_private_exponent` + * Added :meth:`~cryptography.hazmat.primitives.ciphers.CipherCo + ntext.reset_nonce` for altering the nonce of a cipher context + without initializing a new instance. See the docs for + additional restrictions. + * :class:`~cryptography.x509.NameAttribute` now raises an + exception when attempting to create a common name whose + length is shorter or longer than RFC 5280 permits. + * Added basic support for PKCS7 encryption (including SMIME) + via :class:`~cryptography.hazmat.primitives.serialization.pkc + s7.PKCS7EnvelopeBuilder`. +- add use-offline-build.patch + +------------------------------------------------------------------- Old: ---- cryptography-42.0.8.tar.gz New: ---- cryptography-43.0.0.tar.gz use-offline-build.patch BETA DEBUG BEGIN: New: s7.PKCS7EnvelopeBuilder`. - add use-offline-build.patch BETA DEBUG END: ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-cryptography.spec ++++++ --- /var/tmp/diff_new_pack.tia17D/_old 2024-07-31 13:28:14.533211962 +0200 +++ /var/tmp/diff_new_pack.tia17D/_new 2024-07-31 13:28:14.537212126 +0200 @@ -27,7 +27,7 @@ %endif %{?sle15_python_module_pythons} Name: python-cryptography%{psuffix} -Version: 42.0.8 +Version: 43.0.0 Release: 0 Summary: Python library which exposes cryptographic recipes and primitives License: Apache-2.0 OR BSD-3-Clause @@ -37,15 +37,20 @@ # use `osc service manualrun` to regenerate Source2: vendor.tar.zst Source4: python-cryptography.keyring +Patch1: use-offline-build.patch # PATCH-FEATURE-OPENSUSE no-pytest_benchmark.patch mcepl@suse.com # We don't need no benchmarking and coverage measurement Patch4: no-pytest_benchmark.patch BuildRequires: %{python_module cffi >= 1.12} BuildRequires: %{python_module devel} BuildRequires: %{python_module exceptiongroup} +BuildRequires: %{python_module maturin} BuildRequires: %{python_module pip} +BuildRequires: %{python_module pip} +BuildRequires: %{python_module setuptools-rust >= 1.7.0} BuildRequires: %{python_module setuptools-rust >= 1.7.0} BuildRequires: %{python_module setuptools} +BuildRequires: %{python_module setuptools} BuildRequires: %{python_module wheel} BuildRequires: cargo >= 1.56.0 BuildRequires: fdupes ++++++ _service ++++++ --- /var/tmp/diff_new_pack.tia17D/_old 2024-07-31 13:28:14.577213769 +0200 +++ /var/tmp/diff_new_pack.tia17D/_new 2024-07-31 13:28:14.581213933 +0200 @@ -1,8 +1,10 @@ <services> <service name="download_files" mode="manual"/> <service name="cargo_vendor" mode="manual"> - <param name="srcdir">cryptography-42.0.8/src/rust</param> + <param name="src">cryptography-43.0.0/src/rust</param> + <param name="cargotoml">Cargo.toml</param> <param name="compression">zst</param> + <param name="update">false</param> </service> </services> ++++++ cryptography-42.0.8.tar.gz -> cryptography-43.0.0.tar.gz ++++++ ++++ 27489 lines of diff (skipped) ++++++ no-pytest_benchmark.patch ++++++ --- /var/tmp/diff_new_pack.tia17D/_old 2024-07-31 13:28:14.809223298 +0200 +++ /var/tmp/diff_new_pack.tia17D/_new 2024-07-31 13:28:14.813223462 +0200 @@ -8,21 +8,21 @@ tests/bench/test_x509.py | 16 ++++++------- 7 files changed, 37 insertions(+), 68 deletions(-) -Index: cryptography-42.0.1/pyproject.toml +Index: cryptography-43.0.0/pyproject.toml =================================================================== ---- cryptography-42.0.1.orig/pyproject.toml -+++ cryptography-42.0.1/pyproject.toml -@@ -71,8 +71,6 @@ ssh = ["bcrypt >=3.1.5"] - nox = ["nox"] +--- cryptography-43.0.0.orig/pyproject.toml ++++ cryptography-43.0.0/pyproject.toml +@@ -66,8 +66,6 @@ nox = ["nox"] test = [ + "cryptography_vectors==43.0.0", "pytest >=6.2.0", - "pytest-benchmark", - "pytest-cov", "pytest-xdist", "pretend", "certifi", -@@ -92,7 +90,7 @@ rust-version = ">=1.63.0" - +@@ -118,7 +116,7 @@ exclude = [ + ] [tool.pytest.ini_options] -addopts = "-r s --capture=no --strict-markers --benchmark-disable" @@ -30,7 +30,7 @@ console_output_style = "progress-even-when-capture-no" markers = [ "skip_fips: this test is not executed in FIPS mode", -@@ -114,33 +112,6 @@ module = [ +@@ -140,33 +138,6 @@ module = [ ] ignore_missing_imports = true @@ -62,25 +62,12 @@ -] - [tool.ruff] - ignore = ['N818'] - select = ['E', 'F', 'I', 'N', 'W', 'UP', 'RUF'] -Index: cryptography-42.0.1/src/cryptography.egg-info/requires.txt -=================================================================== ---- cryptography-42.0.1.orig/src/cryptography.egg-info/requires.txt -+++ cryptography-42.0.1/src/cryptography.egg-info/requires.txt -@@ -28,8 +28,6 @@ bcrypt>=3.1.5 - - [test] - pytest>=6.2.0 --pytest-benchmark --pytest-cov - pytest-xdist - pretend - certifi -Index: cryptography-42.0.1/tests/bench/test_aead.py + line-length = 79 + +Index: cryptography-43.0.0/tests/bench/test_aead.py =================================================================== ---- cryptography-42.0.1.orig/tests/bench/test_aead.py -+++ cryptography-42.0.1/tests/bench/test_aead.py +--- cryptography-43.0.0.orig/tests/bench/test_aead.py ++++ cryptography-43.0.0/tests/bench/test_aead.py @@ -26,84 +26,84 @@ def _aead_supported(cls): not _aead_supported(ChaCha20Poly1305), reason="Requires OpenSSL with ChaCha20Poly1305 support", @@ -186,10 +173,10 @@ ct = aes.encrypt(b"\x00" * 12, b"hello world plaintext", None) - benchmark(aes.decrypt, b"\x00" * 12, ct, None) + aes.decrypt(b"\x00" * 12, ct, None) -Index: cryptography-42.0.1/tests/bench/test_ec_load.py +Index: cryptography-43.0.0/tests/bench/test_ec_load.py =================================================================== ---- cryptography-42.0.1.orig/tests/bench/test_ec_load.py -+++ cryptography-42.0.1/tests/bench/test_ec_load.py +--- cryptography-43.0.0.orig/tests/bench/test_ec_load.py ++++ cryptography-43.0.0/tests/bench/test_ec_load.py @@ -5,9 +5,9 @@ from ..hazmat.primitives.fixtures_ec import EC_KEY_SECP256R1 @@ -204,10 +191,10 @@ - benchmark(EC_KEY_SECP256R1.private_key) +def test_load_ec_private_numbers(): + EC_KEY_SECP256R1.private_key() -Index: cryptography-42.0.1/tests/bench/test_hashes.py +Index: cryptography-43.0.0/tests/bench/test_hashes.py =================================================================== ---- cryptography-42.0.1.orig/tests/bench/test_hashes.py -+++ cryptography-42.0.1/tests/bench/test_hashes.py +--- cryptography-43.0.0.orig/tests/bench/test_hashes.py ++++ cryptography-43.0.0/tests/bench/test_hashes.py @@ -5,10 +5,10 @@ from cryptography.hazmat.primitives import hashes @@ -221,10 +208,10 @@ - benchmark(bench) + bench() -Index: cryptography-42.0.1/tests/bench/test_hmac.py +Index: cryptography-43.0.0/tests/bench/test_hmac.py =================================================================== ---- cryptography-42.0.1.orig/tests/bench/test_hmac.py -+++ cryptography-42.0.1/tests/bench/test_hmac.py +--- cryptography-43.0.0.orig/tests/bench/test_hmac.py ++++ cryptography-43.0.0/tests/bench/test_hmac.py @@ -5,10 +5,10 @@ from cryptography.hazmat.primitives import hashes, hmac @@ -238,10 +225,10 @@ - benchmark(bench) + bench() -Index: cryptography-42.0.1/tests/bench/test_x509.py +Index: cryptography-43.0.0/tests/bench/test_x509.py =================================================================== ---- cryptography-42.0.1.orig/tests/bench/test_x509.py -+++ cryptography-42.0.1/tests/bench/test_x509.py +--- cryptography-43.0.0.orig/tests/bench/test_x509.py ++++ cryptography-43.0.0/tests/bench/test_x509.py @@ -13,40 +13,40 @@ from cryptography import x509 from ..utils import load_vectors_from_file @@ -298,4 +285,17 @@ - benchmark(bench) + bench +Index: cryptography-43.0.0/tests/bench/test_fernet.py +=================================================================== +--- cryptography-43.0.0.orig/tests/bench/test_fernet.py ++++ cryptography-43.0.0/tests/bench/test_fernet.py +@@ -5,6 +5,6 @@ + from cryptography import fernet + + +-def test_fernet_encrypt(benchmark): ++def test_fernet_encrypt(): + f = fernet.Fernet(fernet.Fernet.generate_key()) +- benchmark(f.encrypt, b"\x00" * 256) ++ f.encrypt(b"\x00" * 256) ++++++ use-offline-build.patch ++++++ Index: cryptography-43.0.0/pyproject.toml =================================================================== --- cryptography-43.0.0.orig/pyproject.toml +++ cryptography-43.0.0/pyproject.toml @@ -84,7 +84,8 @@ python-source = "src" python-packages = ["cryptography"] manifest-path = "src/rust/Cargo.toml" module-name = "cryptography.hazmat.bindings._rust" -locked = true +locked = false +offline = true sdist-generator = "git" features = ["pyo3/abi3-py37"] include = [ ++++++ vendor.tar.zst ++++++ ++++ 113600 lines of diff (skipped)