A python implementation of our standard object-oriented encryption package, shipped with most apps.

Overview

Encryption Manager (python edition)

VerseGroup's native encryption manager adapted for python applications.

Function

  • Generate new set of private and public keys
  • Encrypt using private and public keys
  • Decrypt using private keys
  • Encode in base64 for networking with encrypted messages

Implementation

  • VerseGroup's Encryption Manager uses an object oriented approach, so encryption will take place through methods and attribute within a class

Documentation

class EncryptionManager

Attributes

  • private key
  • public key

Methods

  • serialize and deserialize private and public keys
  • encrypt/decrypt using self's keys

Construction

  • Initialize using either preexisting keys in any format or generate a new set of keys

To Add

  • Modern architecture also uses SHA to sign AES encrypted messages, as RSA has size limitations. Instead RSA is used to send over an AES symmetric key for a singular session, and then further message's are sent with the AES key and signed in SHA by the RSA private key.
Comments
  • Bump cryptography from 37.0.0 to 38.0.4

    Bump cryptography from 37.0.0 to 38.0.4

    Bumps cryptography from 37.0.0 to 38.0.4.

    Changelog

    Sourced from cryptography's changelog.

    38.0.4 - 2022-11-27

    
    * Fixed compilation when using LibreSSL 3.6.0.
    * Fixed error when using ``py2app`` to build an application with a
      ``cryptography`` dependency.
    

    .. _v38-0-3:

    38.0.3 - 2022-11-01

    • Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.7, which resolves CVE-2022-3602 and CVE-2022-3786.

    .. _v38-0-2:

    38.0.2 - 2022-10-11 (YANKED)

    
    .. attention::
    
    This release was subsequently yanked from PyPI due to a regression in OpenSSL.
    
    • Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.6.

    .. _v38-0-1:

    38.0.1 - 2022-09-07

    
    * Fixed parsing TLVs in ASN.1 with length greater than 65535 bytes (typically
      seen in large CRLs).
    

    .. _v38-0-0:

    38.0.0 - 2022-09-06

    • Final deprecation of OpenSSL 1.1.0. The next release of cryptography will drop support.
    • We no longer ship manylinux2010 wheels. Users should upgrade to the latest pip to ensure this doesn't cause issues downloading wheels on their platform. We now ship manylinux_2_28 wheels for users on new enough platforms.
    • Updated the minimum supported Rust version (MSRV) to 1.48.0, from 1.41.0. Users with the latest pip will typically get a wheel and not need Rust installed, but check :doc:/installation for documentation on installing a newer rustc if required. </tr></table>

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependencies 
opened by dependabot[bot] 1
  • Bump cryptography from 37.0.0 to 38.0.3

    Bump cryptography from 37.0.0 to 38.0.3

    Bumps cryptography from 37.0.0 to 38.0.3.

    Changelog

    Sourced from cryptography's changelog.

    38.0.3 - 2022-11-01

    
    * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.7,
      which resolves *CVE-2022-3602* and *CVE-2022-3786*.
    

    .. _v38-0-2:

    38.0.2 - 2022-10-11 (YANKED)

    .. attention::

    This release was subsequently yanked from PyPI due to a regression in OpenSSL.
    
    • Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.6.

    .. _v38-0-1:

    38.0.1 - 2022-09-07

    
    * Fixed parsing TLVs in ASN.1 with length greater than 65535 bytes (typically
      seen in large CRLs).
    

    .. _v38-0-0:

    38.0.0 - 2022-09-06

    • Final deprecation of OpenSSL 1.1.0. The next release of cryptography will drop support.
    • We no longer ship manylinux2010 wheels. Users should upgrade to the latest pip to ensure this doesn't cause issues downloading wheels on their platform. We now ship manylinux_2_28 wheels for users on new enough platforms.
    • Updated the minimum supported Rust version (MSRV) to 1.48.0, from 1.41.0. Users with the latest pip will typically get a wheel and not need Rust installed, but check :doc:/installation for documentation on installing a newer rustc if required.
    • :meth:~cryptography.fernet.Fernet.decrypt and related methods now accept both str and bytes tokens.
    • Parsing CertificateSigningRequest restores the behavior of enforcing that the Extension critical field must be correctly encoded DER. See the issue <https://github.com/pyca/cryptography/issues/6368>_ for complete details.
    • Added two new OpenSSL functions to the bindings to support an upcoming pyOpenSSL release.
    • When parsing :class:~cryptography.x509.CertificateRevocationList and

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • Bump cryptography from 37.0.0 to 38.0.1

    Bump cryptography from 37.0.0 to 38.0.1

    Bumps cryptography from 37.0.0 to 38.0.1.

    Changelog

    Sourced from cryptography's changelog.

    38.0.1 - 2022-09-07

    
    * Fixed parsing TLVs in ASN.1 with length greater than 65535 bytes (typically
      seen in large CRLs).
    

    .. _v38-0-0:

    38.0.0 - 2022-09-06

    • Final deprecation of OpenSSL 1.1.0. The next release of cryptography will drop support.
    • We no longer ship manylinux2010 wheels. Users should upgrade to the latest pip to ensure this doesn't cause issues downloading wheels on their platform. We now ship manylinux_2_28 wheels for users on new enough platforms.
    • Updated the minimum supported Rust version (MSRV) to 1.48.0, from 1.41.0. Users with the latest pip will typically get a wheel and not need Rust installed, but check :doc:/installation for documentation on installing a newer rustc if required.
    • :meth:~cryptography.fernet.Fernet.decrypt and related methods now accept both str and bytes tokens.
    • Parsing CertificateSigningRequest restores the behavior of enforcing that the Extension critical field must be correctly encoded DER. See the issue <https://github.com/pyca/cryptography/issues/6368>_ for complete details.
    • Added two new OpenSSL functions to the bindings to support an upcoming pyOpenSSL release.
    • When parsing :class:~cryptography.x509.CertificateRevocationList and :class:~cryptography.x509.CertificateSigningRequest values, it is now enforced that the version value in the input must be valid according to the rules of :rfc:2986 and :rfc:5280.
    • Using MD5 or SHA1 in :class:~cryptography.x509.CertificateBuilder and other X.509 builders is deprecated and support will be removed in the next version.
    • Added additional APIs to :class:~cryptography.x509.certificate_transparency.SignedCertificateTimestamp, including :attr:~cryptography.x509.certificate_transparency.SignedCertificateTimestamp.signature_hash_algorithm, :attr:~cryptography.x509.certificate_transparency.SignedCertificateTimestamp.signature_algorithm, :attr:~cryptography.x509.certificate_transparency.SignedCertificateTimestamp.signature, and :attr:~cryptography.x509.certificate_transparency.SignedCertificateTimestamp.extension_bytes.
    • Added :attr:~cryptography.x509.Certificate.tbs_precertificate_bytes, allowing users to access the to-be-signed pre-certificate data needed for signed certificate timestamp verification.
    • :class:~cryptography.hazmat.primitives.kdf.kbkdf.KBKDFHMAC and :class:~cryptography.hazmat.primitives.kdf.kbkdf.KBKDFCMAC now support :attr:~cryptography.hazmat.primitives.kdf.kbkdf.CounterLocation.MiddleFixed counter location.
    • Fixed :rfc:4514 name parsing to reverse the order of the RDNs according

    ... (truncated)

    Commits
    • 3ff5218 Backport tlv fix, 38.0.1 bump (#7576)
    • 52d6f1a version bump for 38 release (#7567)
    • 8c687e6 Bump rust-asn1 to 0.12.1 (#7564)
    • aca4b10 Bump rust-asn1 to 0.12.0 (#7563)
    • 1742975 support setting more PKCS12 serialization encryption options (#7560)
    • abb1f54 Bump once_cell from 1.13.1 to 1.14.0 in /src/rust (#7559)
    • 01a0e3b Bump BoringSSL version to 8462a367bb57e9524c3d8eca9c62733c63a63cf4 (#7558)
    • 35a965f Bump ouroboros from 0.15.3 to 0.15.4 in /src/rust (#7557)
    • 9a208e1 Bump BoringSSL version to 19009c51bff0706362e824f66a0b189326a1c27d (#7555)
    • b342224 Bump iana-time-zone from 0.1.46 to 0.1.47 in /src/rust (#7552)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • Bump pytest from 7.1.2 to 7.1.3

    Bump pytest from 7.1.2 to 7.1.3

    Bumps pytest from 7.1.2 to 7.1.3.

    Release notes

    Sourced from pytest's releases.

    7.1.3

    pytest 7.1.3 (2022-08-31)

    Bug Fixes

    • #10060: When running with --pdb, TestCase.tearDown is no longer called for tests when the class has been skipped via unittest.skip or pytest.mark.skip.
    • #10190: Invalid XML characters in setup or teardown error messages are now properly escaped for JUnit XML reports.
    • #10230: Ignore .py files created by pyproject.toml-based editable builds introduced in pip 21.3.
    • #3396: Doctests now respect the --import-mode flag.
    • #9514: Type-annotate FixtureRequest.param as Any as a stop gap measure until 8073{.interpreted-text role="issue"} is fixed.
    • #9791: Fixed a path handling code in rewrite.py that seems to work fine, but was incorrect and fails in some systems.
    • #9917: Fixed string representation for pytest.approx{.interpreted-text role="func"} when used to compare tuples.

    Improved Documentation

    • #9937: Explicit note that tmpdir{.interpreted-text role="fixture"} fixture is discouraged in favour of tmp_path{.interpreted-text role="fixture"}.

    Trivial/Internal Changes

    Commits
    • 4645bcd Remove incorrect output in how-to/fixtures.rst
    • fadfb4f Prepare release version 7.1.3
    • ab96ea8 Merge pull request #10258 from pytest-dev/backport-10252-to-7.1.x
    • fc0e024 [7.1.x] Fix regendoc
    • 8f5088f Merge pull request #10249 from pytest-dev/backport-10231-to-7.1.x
    • aae93d6 Ignore type-errors related to attr.asdict
    • 71b79fc [7.1.x] Ignore editable installation modules
    • 89f7518 Merge pull request #10222 from pytest-dev/backport-10171-to-7.1.x
    • 88fc45b [7.1.x] Update fixtures.rst w/ finalizer order
    • d0b53d6 Merge pull request #10221 from pytest-dev/backport-10217-to-7.1.x
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • Bump attrs from 21.4.0 to 22.1.0

    Bump attrs from 21.4.0 to 22.1.0

    Bumps attrs from 21.4.0 to 22.1.0.

    Release notes

    Sourced from attrs's releases.

    22.1.0

    Highlights

    The main features of this release are:

    • The departure of Python 2.7 (enjoy your retirement!),
    • and the arrival of Python 3.11.

    We had loftier goals feature-wise, but didn't want to block others embracing Python 3.11.

    ❤️ Huge thanks to my GitHub sponsors, Tidelift subscribers, and Ko-fi buyers! ❤️

    None of my projects would exist in their current form without you!

    Full Changelog

    Backwards-incompatible Changes

    • Python 2.7 is not supported anymore.

      Dealing with Python 2.7 tooling has become too difficult for a volunteer-run project.

      We have supported Python 2 more than 2 years after it was officially discontinued and feel that we have paid our dues. All version up to 21.4.0 from December 2021 remain fully functional, of course. #936

    • The deprecated cmp attribute of attrs.Attribute has been removed. This does not affect the cmp argument to attr.s that can be used as a shortcut to set eq and order at the same time. #939

    Changes

    • Instantiation of frozen slotted classes is now faster. #898
    • If an eq key is defined, it is also used before hashing the attribute. #909
    • Added attrs.validators.min_len(). #916
    • attrs.validators.deep_iterable()'s member_validator argument now also accepts a list of validators and wraps them in an attrs.validators.and_(). #925
    • Added missing type stub re-imports for attrs.converters and attrs.filters. #931
    • Added missing stub for attr(s).cmp_using(). #949
    • attrs.validators._in()'s ValueError is not missing the attribute, expected options, and the value it got anymore. #951
    • Python 3.11 is now officially supported. #969
    Changelog

    Sourced from attrs's changelog.

    22.1.0 (2022-07-28)

    Backwards-incompatible Changes ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

    • Python 2.7 is not supported anymore.

      Dealing with Python 2.7 tooling has become too difficult for a volunteer-run project.

      We have supported Python 2 more than 2 years after it was officially discontinued and feel that we have paid our dues. All version up to 21.4.0 from December 2021 remain fully functional, of course. [#936](https://github.com/python-attrs/attrs/issues/936) <https://github.com/python-attrs/attrs/issues/936>_

    • The deprecated cmp attribute of attrs.Attribute has been removed. This does not affect the cmp argument to attr.s that can be used as a shortcut to set eq and order at the same time. [#939](https://github.com/python-attrs/attrs/issues/939) <https://github.com/python-attrs/attrs/issues/939>_

    Changes ^^^^^^^

    • Instantiation of frozen slotted classes is now faster. [#898](https://github.com/python-attrs/attrs/issues/898) <https://github.com/python-attrs/attrs/issues/898>_
    • If an eq key is defined, it is also used before hashing the attribute. [#909](https://github.com/python-attrs/attrs/issues/909) <https://github.com/python-attrs/attrs/issues/909>_
    • Added attrs.validators.min_len(). [#916](https://github.com/python-attrs/attrs/issues/916) <https://github.com/python-attrs/attrs/issues/916>_
    • attrs.validators.deep_iterable()'s member_validator argument now also accepts a list of validators and wraps them in an attrs.validators.and_(). [#925](https://github.com/python-attrs/attrs/issues/925) <https://github.com/python-attrs/attrs/issues/925>_
    • Added missing type stub re-imports for attrs.converters and attrs.filters. [#931](https://github.com/python-attrs/attrs/issues/931) <https://github.com/python-attrs/attrs/issues/931>_
    • Added missing stub for attr(s).cmp_using(). [#949](https://github.com/python-attrs/attrs/issues/949) <https://github.com/python-attrs/attrs/issues/949>_
    • attrs.validators._in()'s ValueError is not missing the attribute, expected options, and the value it got anymore. [#951](https://github.com/python-attrs/attrs/issues/951) <https://github.com/python-attrs/attrs/issues/951>_
    • Python 3.11 is now officially supported. [#969](https://github.com/python-attrs/attrs/issues/969) <https://github.com/python-attrs/attrs/issues/969>_

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • Bump cryptography from 37.0.0 to 37.0.4

    Bump cryptography from 37.0.0 to 37.0.4

    Bumps cryptography from 37.0.0 to 37.0.4.

    Changelog

    Sourced from cryptography's changelog.

    37.0.4 - 2022-07-05

    
    * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.5.
    

    .. _v37-0-3:

    37.0.3 - 2022-06-21 (YANKED)

    .. attention::

    This release was subsequently yanked from PyPI due to a regression in OpenSSL.
    
    • Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.4.

    .. _v37-0-2:

    37.0.2 - 2022-05-03

    
    * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.3.
    * Added a constant needed for an upcoming pyOpenSSL release.
    

    .. _v37-0-1:

    37.0.1 - 2022-04-27

    • Fixed an issue where parsing an encrypted private key with the public loader functions would hang waiting for console input on OpenSSL 3.0.x rather than raising an error.
    • Restored some legacy symbols for older pyOpenSSL users. These will be removed again in the future, so pyOpenSSL users should still upgrade to the latest version of that package when they upgrade cryptography.

    .. _v37-0-0:

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • Bump cryptography from 37.0.0 to 37.0.2

    Bump cryptography from 37.0.0 to 37.0.2

    Bumps cryptography from 37.0.0 to 37.0.2.

    Changelog

    Sourced from cryptography's changelog.

    37.0.2 - 2022-05-03

    
    * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.3.
    * Added a constant needed for an upcoming pyOpenSSL release.
    

    .. _v37-0-1:

    37.0.1 - 2022-04-27

    • Fixed an issue where parsing an encrypted private key with the public loader functions would hang waiting for console input on OpenSSL 3.0.x rather than raising an error.
    • Restored some legacy symbols for older pyOpenSSL users. These will be removed again in the future, so pyOpenSSL users should still upgrade to the latest version of that package when they upgrade cryptography.

    .. _v37-0-0:

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • Bump cryptography from 37.0.0 to 37.0.1

    Bump cryptography from 37.0.0 to 37.0.1

    Bumps cryptography from 37.0.0 to 37.0.1.

    Changelog

    Sourced from cryptography's changelog.

    37.0.1 - 2022-04-27

    
    * Fixed an issue where parsing an encrypted private key with the public
      loader functions would hang waiting for console input on OpenSSL 3.0.x rather
      than raising an error.
    * Restored some legacy symbols for older ``pyOpenSSL`` users. These will be
      removed again in the future, so ``pyOpenSSL`` users should still upgrade
      to the latest version of that package when they upgrade ``cryptography``.
    

    .. _v37-0-0:

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • Bump cryptography from 36.0.2 to 37.0.0

    Bump cryptography from 36.0.2 to 37.0.0

    Bumps cryptography from 36.0.2 to 37.0.0.

    Changelog

    Sourced from cryptography's changelog.

    37.0.0 - 2022-04-26

    
    * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.2.
    * **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL 2.9.x and 3.0.x.
      The new minimum LibreSSL version is 3.1+.
    * **BACKWARDS INCOMPATIBLE:** Removed ``signer`` and ``verifier`` methods
      from the public key and private key classes. These methods were originally
      deprecated in version 2.0, but had an extended deprecation timeline due
      to usage. Any remaining users should transition to ``sign`` and ``verify``.
    * Deprecated OpenSSL 1.1.0 support. OpenSSL 1.1.0 is no longer supported by
      the OpenSSL project. The next release of ``cryptography`` will be the last
      to support compiling with OpenSSL 1.1.0.
    * Deprecated Python 3.6 support. Python 3.6 is no longer supported by the
      Python core team. Support for Python 3.6 will be removed in a future
      ``cryptography`` release.
    * Deprecated the current minimum supported Rust version (MSRV) of 1.41.0.
      In the next release we will raise MSRV to 1.48.0. Users with the latest
      ``pip`` will typically get a wheel and not need Rust installed, but check
      :doc:`/installation` for documentation on installing a newer ``rustc`` if
      required.
    * Deprecated
      :class:`~cryptography.hazmat.primitives.ciphers.algorithms.CAST5`,
      :class:`~cryptography.hazmat.primitives.ciphers.algorithms.SEED`,
      :class:`~cryptography.hazmat.primitives.ciphers.algorithms.IDEA`, and
      :class:`~cryptography.hazmat.primitives.ciphers.algorithms.Blowfish` because
      they are legacy algorithms with extremely low usage. These will be removed
      in a future version of ``cryptography``.
    * Added limited support for distinguished names containing a bit string.
    * We now ship ``universal2`` wheels on macOS, which contain both ``arm64``
      and ``x86_64`` architectures. Users on macOS should upgrade to the latest
      ``pip`` to ensure they can use this wheel, although we will continue to
      ship ``x86_64`` specific wheels for now to ease the transition.
    * This will be the final release for which we ship ``manylinux2010`` wheels.
      Going forward the minimum supported ``manylinux`` ABI for our wheels will
      be ``manylinux2014``. The vast majority of users will continue to receive
      ``manylinux`` wheels provided they have an up to date ``pip``. For PyPy
      wheels this release already requires ``manylinux2014`` for compatibility
      with binaries distributed by upstream.
    * Added support for multiple
      :class:`~cryptography.x509.ocsp.OCSPSingleResponse` in a
      :class:`~cryptography.x509.ocsp.OCSPResponse`.
    * Restored support for signing certificates and other structures in
      :doc:`/x509/index` with SHA3 hash algorithms.
    * :class:`~cryptography.hazmat.primitives.ciphers.algorithms.TripleDES` is
      disabled in FIPS mode.
    * Added support for serialization of PKCS#12 CA friendly names/aliases in
      :func:`~cryptography.hazmat.primitives.serialization.pkcs12.serialize_key_and_certificates`
    * Added support for 12-15 byte (96 to 120 bit) nonces to
      :class:`~cryptography.hazmat.primitives.ciphers.aead.AESOCB3`. This class
    </tr></table> 
    

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • Bump pytest from 7.1.1 to 7.1.2

    Bump pytest from 7.1.1 to 7.1.2

    Bumps pytest from 7.1.1 to 7.1.2.

    Release notes

    Sourced from pytest's releases.

    7.1.2

    pytest 7.1.2 (2022-04-23)

    Bug Fixes

    • #9726: An unnecessary numpy import inside pytest.approx{.interpreted-text role="func"} was removed.
    • #9820: Fix comparison of dataclasses with InitVar.
    • #9869: Increase stacklevel for the NODE_CTOR_FSPATH_ARG deprecation to point to the user's code, not pytest.
    • #9871: Fix a bizarre (and fortunately rare) bug where the [temp_path]{.title-ref} fixture could raise an internal error while attempting to get the current user's username.
    Commits
    • 2f2f1a6 Prepare release version 7.1.2
    • 5c04f3a [7.1.x] Fix wrong log_file docs (#9879)
    • 078733c Merge pull request #9872 from pytest-dev/backport-9871-to-7.1.x
    • 3a7ead6 [7.1.x] fix: move 'import getpass' statement to try-clause
    • 6d75333 [7.1.x] Increase stacklevel to point at user's code (#9870)
    • ddbb998 [7.1.x] Increase stacklevel to point at user's code
    • 0ec5886 Merge pull request #9855 from pytest-dev/backport-9854-to-7.1.x
    • f2469fc [7.1.x] Docs: link to easy issues in contributing guide
    • 94ec0f8 Merge pull request #9846 from pytest-dev/backport-9842-to-7.1.x
    • 5ef96fd [7.1.x] fix comparison of dataclasses with InitVar
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • Bump pyparsing from 3.0.7 to 3.0.8

    Bump pyparsing from 3.0.7 to 3.0.8

    Bumps pyparsing from 3.0.7 to 3.0.8.

    Release notes

    Sourced from pyparsing's releases.

    pyparsing 3.0.8

    Version 3.0.8 -

    • API CHANGE: modified pyproject.toml to require Python version 3.6.8 or later for pyparsing 3.x. Earlier minor versions of 3.6 fail in evaluating the version_info class (implemented using typing.NamedTuple). If you are using an earlier version of Python 3.6, you will need to use pyparsing 2.4.7.

    • Improved pyparsing import time by deferring regex pattern compiles. PR submitted by Anthony Sottile to fix issue #362, thanks!

    • Updated build to use flit, PR by Michał Górny, added BUILDING.md doc and removed old Windows build scripts - nice cleanup work!

    • More type-hinting added for all arithmetic and logical operator methods in ParserElement. PR from Kazantcev Andrey, thank you.

    • Fixed infix_notation's definitions of lpar and rpar, to accept parse expressions such that they do not get suppressed in the parsed results. PR submitted by Philippe Prados, nice work.

    • Fixed bug in railroad diagramming with expressions containing Combine elements. Reported by Jeremy White, thanks!

    • Added show_groups argument to create_diagram to highlight grouped elements with an unlabeled bounding box.

    • Added unicode_denormalizer.py to the examples as a demonstration of how Python's interpreter will accept Unicode characters in identifiers, but normalizes them back to ASCII so that identifiers print and 𝕡𝓻ᵢ𝓃𝘁 and 𝖕𝒓𝗂𝑛ᵗ are all equivalent.

    • Removed imports of deprecated sre_constants module for catching exceptions when compiling regular expressions. PR submitted by Serhiy Storchaka, thank you.

    Changelog

    Sourced from pyparsing's changelog.

    Version 3.0.8 -

    • API CHANGE: modified pyproject.toml to require Python version 3.6.8 or later for pyparsing 3.x. Earlier minor versions of 3.6 fail in evaluating the version_info class (implemented using typing.NamedTuple). If you are using an earlier version of Python 3.6, you will need to use pyparsing 2.4.7.

    • Improved pyparsing import time by deferring regex pattern compiles. PR submitted by Anthony Sottile to fix issue #362, thanks!

    • Updated build to use flit, PR by Michał Górny, added BUILDING.md doc and removed old Windows build scripts - nice cleanup work!

    • More type-hinting added for all arithmetic and logical operator methods in ParserElement. PR from Kazantcev Andrey, thank you.

    • Fixed infix_notation's definitions of lpar and rpar, to accept parse expressions such that they do not get suppressed in the parsed results. PR submitted by Philippe Prados, nice work.

    • Fixed bug in railroad diagramming with expressions containing Combine elements. Reported by Jeremy White, thanks!

    • Added show_groups argument to create_diagram to highlight grouped elements with an unlabeled bounding box.

    • Added unicode_denormalizer.py to the examples as a demonstration of how Python's interpreter will accept Unicode characters in identifiers, but normalizes them back to ASCII so that identifiers print and 𝕡𝓻ᵢ𝓃𝘁 and 𝖕𝒓𝗂𝑛ᵗ are all equivalent.

    • Removed imports of deprecated sre_constants module for catching exceptions when compiling regular expressions. PR submitted by Serhiy Storchaka, thank you.

    Commits
    • 4e627f2 Added show_groups arg to create_diagram; prep for release
    • 6afabf9 Updates to CHANGES and CONTRIBUTING.md resulting from PR #379
    • 3c03942 No longer use undocumented module "sre_constants" (#379)
    • ac30c72 Fix issue #361
    • 27519e1 Support Python 3.6.8 or later
    • 62fa342 Add unicode_denormalizer.py to examples.
    • f72586d Add tests and updated docs for changes to lpar and rpar args to infix_notatio...
    • 4f98463 Add tests and updated docs for changes to lpar and rpar args to infix_notatio...
    • 1a40d17 Fix bug #375 (#376)
    • 7661493 Add guard inside _trim_arity to protect against black reformatting in spacing...
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • Bump cryptography from 37.0.0 to 39.0.0

    Bump cryptography from 37.0.0 to 39.0.0

    Bumps cryptography from 37.0.0 to 39.0.0.

    Changelog

    Sourced from cryptography's changelog.

    39.0.0 - 2023-01-01

    
    * **BACKWARDS INCOMPATIBLE:** Support for OpenSSL 1.1.0 has been removed.
      Users on older version of OpenSSL will need to upgrade.
    * **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL < 3.5. The new
      minimum LibreSSL version is 3.5.0. Going forward our policy is to support
      versions of LibreSSL that are available in versions of OpenBSD that are
      still receiving security support.
    * **BACKWARDS INCOMPATIBLE:** Removed the ``encode_point`` and
      ``from_encoded_point`` methods on
      :class:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicNumbers`,
      which had been deprecated for several years.
      :meth:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey.public_bytes`
      and
      :meth:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey.from_encoded_point`
      should be used instead.
    * **BACKWARDS INCOMPATIBLE:** Support for using MD5 or SHA1 in
      :class:`~cryptography.x509.CertificateBuilder`, other X.509 builders, and
      PKCS7 has been removed.
    * **BACKWARDS INCOMPATIBLE:** Dropped support for macOS 10.10 and 10.11, macOS
      users must upgrade to 10.12 or newer.
    * **ANNOUNCEMENT:** The next version of ``cryptography`` (40.0) will change
      the way we link OpenSSL. This will only impact users who build
      ``cryptography`` from source (i.e., not from a ``wheel``), and specify their
      own version of OpenSSL. For those users, the ``CFLAGS``, ``LDFLAGS``,
      ``INCLUDE``, ``LIB``, and ``CRYPTOGRAPHY_SUPPRESS_LINK_FLAGS`` environment
      variables will no longer be respected. Instead, users will need to
      configure their builds `as documented here`_.
    * Added support for
      :ref:`disabling the legacy provider in OpenSSL 3.0.x<legacy-provider>`.
    * Added support for disabling RSA key validation checks when loading RSA
      keys via
      :func:`~cryptography.hazmat.primitives.serialization.load_pem_private_key`,
      :func:`~cryptography.hazmat.primitives.serialization.load_der_private_key`,
      and
      :meth:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateNumbers.private_key`.
      This speeds up key loading but is :term:`unsafe` if you are loading potentially
      attacker supplied keys.
    * Significantly improved performance for
      :class:`~cryptography.hazmat.primitives.ciphers.aead.ChaCha20Poly1305`
      when repeatedly calling ``encrypt`` or ``decrypt`` with the same key.
    * Added support for creating OCSP requests with precomputed hashes using
      :meth:`~cryptography.x509.ocsp.OCSPRequestBuilder.add_certificate_by_hash`.
    * Added support for loading multiple PEM-encoded X.509 certificates from
      a single input via :func:`~cryptography.x509.load_pem_x509_certificates`.
    

    .. _v38-0-4:

    38.0.4 - 2022-11-27 </tr></table>

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • Bump attrs from 21.4.0 to 22.2.0

    Bump attrs from 21.4.0 to 22.2.0

    Bumps attrs from 21.4.0 to 22.2.0.

    Release notes

    Sourced from attrs's releases.

    22.2.0

    Highlights

    It's been a lot busier than the changelog indicates, but a lot of the work happened under the hood (like some impressive performance improvements). But we've got still one big new feature that's are worthy the holidays:

    Fields now have an alias argument that allows you to set the field's name in the generated __init__ method. This is especially useful for those who aren't fans of attrs's behavior of stripping underscores from private attribute names.

    Special Thanks

    This release would not be possible without my generous sponsors! Thank you to all of you making sustainable maintenance possible! If you would like to join them, go to https://github.com/sponsors/hynek and check out the sweet perks!

    Above and Beyond

    Variomedia AG (@​variomedia), Tidelift (@​tidelift), Sentry (@​getsentry), HiredScore (@​HiredScore), FilePreviews (@​filepreviews), and Daniel Fortunov (@​asqui).

    Maintenance Sustainers

    @​rzijp, Adam Hill (@​adamghill), Dan Groshev (@​si14), Tamir Bahar (@​tmr232), Adi Roiban (@​adiroiban), Magnus Watn (@​magnuswatn), David Cramer (@​dcramer), Moving Content AG (@​moving-content), Stein Magnus Jodal (@​jodal), Iwan Aucamp (@​aucampia), ProteinQure (@​ProteinQure), Jesse Snyder (@​jessesnyder), Rivo Laks (@​rivol), Thomas Ballinger (@​thomasballinger), @​medecau, Ionel Cristian Mărieș (@​ionelmc), The Westervelt Company (@​westerveltco), Philippe Galvan (@​PhilippeGalvan), Birk Jernström (@​birkjernstrom), Jannis Leidel (@​jezdez), Tim Schilling (@​tim-schilling), Chris Withers (@​cjw296), and Christopher Dignam (@​chdsbd).

    Not to forget 2 more amazing humans who chose to be generous but anonymous!

    Full Changelog

    Backwards-incompatible Changes

    • Python 3.5 is not supported anymore. #988

    Deprecations

    • Python 3.6 is now deprecated and support will be removed in the next release. #1017

    Changes

    • attrs.field() now supports an alias option for explicit __init__ argument names.

      Get __init__ signatures matching any taste, peculiar or plain! The PEP 681 compatible alias option can be use to override private attribute name mangling, or add other arbitrary field argument name overrides. #950

    • attrs.NOTHING is now an enum value, making it possible to use with e.g. typing.Literal. #983

    • Added missing re-import of attr.AttrsInstance to the attrs namespace. #987

    • Fix slight performance regression in classes with custom __setattr__ and speedup even more. #991

    • Class-creation performance improvements by switching performance-sensitive templating operations to f-strings.

      You can expect an improvement of about 5% -- even for very simple classes. #995

    ... (truncated)

    Changelog

    Sourced from attrs's changelog.

    22.2.0 - 2022-12-21

    Backwards-incompatible Changes

    • Python 3.5 is not supported anymore. #988

    Deprecations

    • Python 3.6 is now deprecated and support will be removed in the next release. #1017

    Changes

    • attrs.field() now supports an alias option for explicit __init__ argument names.

      Get __init__ signatures matching any taste, peculiar or plain! The PEP 681 compatible alias option can be use to override private attribute name mangling, or add other arbitrary field argument name overrides. #950

    • attrs.NOTHING is now an enum value, making it possible to use with e.g. typing.Literal. #983

    • Added missing re-import of attr.AttrsInstance to the attrs namespace. #987

    • Fix slight performance regression in classes with custom __setattr__ and speedup even more. #991

    • Class-creation performance improvements by switching performance-sensitive templating operations to f-strings.

      You can expect an improvement of about 5% -- even for very simple classes. #995

    • attrs.has() is now a TypeGuard for AttrsInstance. That means that type checkers know a class is an instance of an attrs class if you check it using attrs.has() (or attr.has()) first. #997

    • Made attrs.AttrsInstance stub available at runtime and fixed type errors related to the usage of attrs.AttrsInstance in Pyright. #999

    • On Python 3.10 and later, call abc.update_abstractmethods() on dict classes after creation. This improves the detection of abstractness. #1001

    • attrs's pickling methods now use dicts instead of tuples. That is safer and more robust across different versions of a class. #1009

    • Added attrs.validators.not_(wrapped_validator) to logically invert wrapped_validator by accepting only values where wrapped_validator rejects the value with a ValueError or TypeError (by default, exception types configurable). #1010

    • The type stubs for attrs.cmp_using() now have default values. #1027

    • To conform with PEP 681, attr.s() and attrs.define() now accept unsafe_hash in addition to hash. #1065

    ... (truncated)

    Commits
    • a9960de Prepare 22.2.0
    • 566248a Don't linkcheck tree links
    • 0f62805 Make towncrier marker independent from warning
    • b9f35eb Fix minor stub issues (#1072)
    • 4ad4ea0 Use MyST-native include
    • 519423d Use MyST-native doctest blocks in all MD
    • 403adab Remove stray file
    • 6957e4a Use new typographic branding in the last rst file, too
    • 1bb2864 Convert examples.rst to md
    • c1c24cc Convert glossary.rst to md
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • Bump pytest from 7.1.2 to 7.2.0

    Bump pytest from 7.1.2 to 7.2.0

    Bumps pytest from 7.1.2 to 7.2.0.

    Release notes

    Sourced from pytest's releases.

    7.2.0

    pytest 7.2.0 (2022-10-23)

    Deprecations

    • #10012: Update pytest.PytestUnhandledCoroutineWarning{.interpreted-text role="class"} to a deprecation; it will raise an error in pytest 8.

    • #10396: pytest no longer depends on the py library. pytest provides a vendored copy of py.error and py.path modules but will use the py library if it is installed. If you need other py.* modules, continue to install the deprecated py library separately, otherwise it can usually be removed as a dependency.

    • #4562: Deprecate configuring hook specs/impls using attributes/marks.

      Instead use :pypytest.hookimpl{.interpreted-text role="func"} and :pypytest.hookspec{.interpreted-text role="func"}. For more details, see the docs <legacy-path-hooks-deprecated>{.interpreted-text role="ref"}.

    • #9886: The functionality for running tests written for nose has been officially deprecated.

      This includes:

      • Plain setup and teardown functions and methods: this might catch users by surprise, as setup() and teardown() are not pytest idioms, but part of the nose support.
      • Setup/teardown using the @​with_setup decorator.

      For more details, consult the deprecation docs <nose-deprecation>{.interpreted-text role="ref"}.

    Features

    • #9897: Added shell-style wildcard support to testpaths.

    Improvements

    • #10218: @pytest.mark.parametrize() (and similar functions) now accepts any Sequence[str] for the argument names, instead of just list[str] and tuple[str, ...].

      (Note that str, which is itself a Sequence[str], is still treated as a comma-delimited name list, as before).

    • #10381: The --no-showlocals flag has been added. This can be passed directly to tests to override --showlocals declared through addopts.

    • #3426: Assertion failures with strings in NFC and NFD forms that normalize to the same string now have a dedicated error message detailing the issue, and their utf-8 representation is expresed instead.

    • #7337: A warning is now emitted if a test function returns something other than [None]{.title-ref}. This prevents a common mistake among beginners that expect that returning a [bool]{.title-ref} (for example [return foo(a, b) == result]{.title-ref}) would cause a test to pass or fail, instead of using [assert]{.title-ref}.

    • #8508: Introduce multiline display for warning matching via :pypytest.warns{.interpreted-text role="func"} and enhance match comparison for :py_pytest._code.ExceptionInfo.match{.interpreted-text role="func"} as returned by :pypytest.raises{.interpreted-text role="func"}.

    • #8646: Improve :pypytest.raises{.interpreted-text role="func"}. Previously passing an empty tuple would give a confusing error. We now raise immediately with a more helpful message.

    • #9741: On Python 3.11, use the standard library's tomllib{.interpreted-text role="mod"} to parse TOML.

      tomli{.interpreted-text role="mod"}` is no longer a dependency on Python 3.11.

    • #9742: Display assertion message without escaped newline characters with -vv.

    • #9823: Improved error message that is shown when no collector is found for a given file.

    ... (truncated)

    Commits
    • 3af3f56 Prepare release version 7.2.0
    • bc2c3b6 Merge pull request #10408 from NateMeyvis/patch-2
    • d84ed48 Merge pull request #10409 from pytest-dev/asottile-patch-1
    • ffe49ac Merge pull request #10396 from pytest-dev/pylib-hax
    • d352098 allow jobs to pass if codecov.io fails
    • c5c562b Fix typos in CONTRIBUTING.rst
    • d543a45 add deprecation changelog for py library vendoring
    • f341a5c Merge pull request #10407 from NateMeyvis/patch-1
    • 1027dc8 [pre-commit.ci] auto fixes from pre-commit.com hooks
    • 6b905ee Add note on tags to CONTRIBUTING.rst
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • Bump cffi from 1.15.0 to 1.15.1

    Bump cffi from 1.15.0 to 1.15.1

    Bumps cffi from 1.15.0 to 1.15.1.

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • Bump pyparsing from 3.0.8 to 3.0.9

    Bump pyparsing from 3.0.8 to 3.0.9

    Bumps pyparsing from 3.0.8 to 3.0.9.

    Release notes

    Sourced from pyparsing's releases.

    pyparsing 3.0.9

    • Added Unicode set BasicMultilingualPlane (may also be referenced as BMP) representing the Basic Multilingual Plane (Unicode characters up to code point 65535). Can be used to parse most language characters, but omits emojis, wingdings, etc. Raised in discussion with Dave Tapley (issue #392).

    • To address mypy confusion of pyparsing.Optional and typing.Optional resulting in error: "_SpecialForm" not callable message reported in issue #365, fixed the import in exceptions.py. Nice sleuthing by Iwan Aucamp and Dominic Davis-Foster, thank you! (Removed definitions of OptionalType, DictType, and IterableType and replaced them with typing.Optional, typing.Dict, and typing.Iterable throughout.)

    • Fixed typo in jinja2 template for railroad diagrams, thanks for the catch Nioub (issue #388).

    • Removed use of deprecated pkg_resources package in railroad diagramming code (issue #391).

    • Updated bigquery_view_parser.py example to parse examples at https://cloud.google.com/bigquery/docs/reference/legacy-sql

    Changelog

    Sourced from pyparsing's changelog.

    Version 3.0.9 -

    • Added Unicode set BasicMultilingualPlane (may also be referenced as BMP) representing the Basic Multilingual Plane (Unicode characters up to code point 65535). Can be used to parse most language characters, but omits emojis, wingdings, etc. Raised in discussion with Dave Tapley (issue #392).

    • To address mypy confusion of pyparsing.Optional and typing.Optional resulting in error: "_SpecialForm" not callable message reported in issue #365, fixed the import in exceptions.py. Nice sleuthing by Iwan Aucamp and Dominic Davis-Foster, thank you! (Removed definitions of OptionalType, DictType, and IterableType and replaced them with typing.Optional, typing.Dict, and typing.Iterable throughout.)

    • Fixed typo in jinja2 template for railroad diagrams, thanks for the catch Nioub (issue #388).

    • Removed use of deprecated pkg_resources package in railroad diagramming code (issue #391).

    • Updated bigquery_view_parser.py example to parse examples at https://cloud.google.com/bigquery/docs/reference/legacy-sql

    Commits
    • 01969ff Back out Lox language parser (from Crafting Interpreters, by Robert Nystrom)
    • 17737d5 Added Lox language parser (from Crafting Interpreters, by Robert Nystrom)
    • a147c9d Added Lox language parser (from Crafting Interpreters, by Robert Nystrom)
    • 9c6f1fe Prep for 3.0.9 release
    • a73af6a Update UML class diagram, and add SVG rendering
    • 77206de Fix .rst markup for tables and some code samples
    • e9e56bd Added notes to HowToUsePyparsing.rst for using Unicode language sets
    • 17a39e8 Added test case to bigquery_view_parser.py from #291
    • 0ec8031 Added another test case to bigquery_view_parser.py
    • ed37b35 Update CHANGES to reflect latest fixes
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • Releases(v1.3.0)
    • v1.3.0(Feb 6, 2022)

      Release Notes (vgem v1.3.0)

      • Updating the hashing algorithm from plain sha256 to Scrypt as it is more memory intensive to prevent rainbow table attack
      • Added salt support, and returning salts to also prevent rainbow table attack
      • Minor dependency bumps
      Source code(tar.gz)
      Source code(zip)
    • v1.2.0(Jan 31, 2022)

      Release Notes (vgem v1.2.0)

      • Added function to hash a message (sha256)
      hash = handler.hash(message=message, base64=True)
      
      • Added function to check a message with a hash (sha256)
      equal = handler.check_hash(message=message, hash=hash, base64=True)
      
      Source code(tar.gz)
      Source code(zip)
    • v1.1.2(Jan 29, 2022)

      Release Notes (vgem v1.1.2)

      • all serialization is now by default base64 encoded/decoded to ensure no binary gets scrambled over a network
      • minor dependency updates
      Source code(tar.gz)
      Source code(zip)
    • v1.1.1(Jan 17, 2022)

      Release notes (vgem v1.1.1)

      • fixed small importing bug where os/sys was not allowing local imports
      • can directly run vgem by calling:
      from vgem import EM
      
      Source code(tar.gz)
      Source code(zip)
    • v1.1.0(Jan 16, 2022)

      Release Notes (vgem v1.1.0)

      • Version 1.1.0 brings significant updates
      • AES alpha removed in favour of Fernet wrapped AES which is more efficient
      • Fernet wrapped AES in full release (tested)
      • Can load fernet key or RSA encrypted fernet key on construction or after construction
      • Can encrypt/decrypt using fernet
      • Can serialize/deserialize fernet keys (and encrypt/encode through serialization)
      • Readme updates to explain adjustments
      Source code(tar.gz)
      Source code(zip)
    • v1.0.5(Jan 15, 2022)

      Release Notes (vgem v1.0.5)

      • vgem is fully operational on PyPi/pip
      • fixed bug where utils package was not being shipped (EM requires utils)
      Source code(tar.gz)
      Source code(zip)
    • v1.0.4(Jan 15, 2022)

    • v1.0.3(Jan 15, 2022)

    • v1.0.2(Jan 15, 2022)

    • v1.0.1(Jan 15, 2022)

      Release Notes (vg-em v1.0.1)

      • No longer in alpha stage, published to pip
      • Small bug fix to support importing (changing sole package to src)
      • RSA (fully supported), AES (alpha stage)
      Source code(tar.gz)
      Source code(zip)
    • v1.0.0-alpha(Jan 15, 2022)

      Release Notes (v.1.0.0-alpha)

      • First pre-release of "vg-em"
      • OOP approach added, as well as optional utils
      • Full support on RSA encryption, key handling, serialization for shipping RSA keys (tested)
      • Alpha support on AES methods (testing not complete)
      • Publishing to pip (pypi) as "vg-em"
      Source code(tar.gz)
      Source code(zip)
    Owner
    Verse Group LLC
    Verse Group LLC
    A Python library to wrap age and minisign to provide key management, encryption/decryption and signing/verification functionality.

    A Python library to wrap age and minisign to provide key management, encryption/decryption and signing/verification functionality.

    Vinay Sajip 3 Feb 01, 2022
    En- and decrypting text-messages by creating a key with of the fibonacci-sequence

    En- and decrypting text-messages by creating a key with of the fibonacci-sequence. This key helps to create mathematical functions, whose zeros should generates the encrypted message.

    Pulsar 1 Feb 05, 2022
    A simple, terminal password manager in Python.

    A simple, terminal password manager in Python.

    81 Nov 22, 2022
    Learn Blockchains by Building One, A simple Blockchain in Python using Flask as a micro web framework.

    Blockchain ✨ Learn Blockchains by Building One Yourself Installation Make sure Python 3.6+ is installed. Install Flask Web Framework. Clone this repos

    Vaibhaw 46 Jan 05, 2023
    A Python implementation of CWT/COSE.

    Python CWT - A Python implementation of CWT/COSE Python CWT is a CBOR Web Token (CWT) and CBOR Object Signing and Encryption (COSE) implementation com

    Ajitomi Daisuke 13 Dec 14, 2022
    XMRiGUI is free and open-source crypto miner for Linux. It uses XMRig for mining and GTK3 for GUI.

    XMRiGUI is free and open-source crypto miner for Linux. It uses XMRig for mining and GTK3 for GUI.

    29 Jul 07, 2022
    Signarly is a cryptocurrency trading bot.

    Signarly is a cryptocurrency trading bot.

    Zakaria EL Mesaoudi 5 Oct 06, 2022
    Crypto-curriences analysis

    Crypto_analysis Discription: simple streamlit(screener) app to make MMA and OSC analysis for cyrpto-currenices, and gives resaults for which coins are

    13 Nov 01, 2021
    Alpkunt 9 Sep 09, 2022
    Simple encryption-at-rest with key rotation support for Python.

    keyring Simple encryption-at-rest with key rotation support for Python. N.B.: keyring is not for encrypting passwords--for that, you should use someth

    Dann Luciano 1 Dec 23, 2021
    This is a webpage that contains login and signup page by which the password is stored using elliptic curve cryptography

    LoginPage_using_Elliptic_curve_cryptography- This is a webpage that contains login and signup page by which the password is stored using elliptic curv

    1 Oct 15, 2021
    SVSHI - Secure and Verified Smart Home Infrastructure

    The SVSHI (Secure and Verified Smart Home Infrastructure) (pronounced like "sushi") project is a platform/runtime/toolchain for developing and running formally verified smart infrastructures, such as

    Dependable Systems Laboratory 3 Oct 28, 2022
    Marketplace but with cryptocurrencies only.

    MoneroMarket Marketplace but with cryptocurrencies only. MoneroMarket was created as a way to be able to use cryptocurrencies as an actual currency to

    Janoher 35 Jan 01, 2023
    Crypto Portfolio Clustering with and without optimization techniques (elbow method, PCA).

    Crypto Portfolio Clustering Crypto Portfolio Clustering with and without optimization techniques (elbow method, PCA). Analysis This is an anlysis of c

    David L 0 Feb 18, 2022
    A simple graphical interface for encrypting sentences

    A simple graphical interface for encrypting sentences

    Marcus Vinícius Ribeiro Andrade 1 Oct 09, 2021
    Simple crypto & blockchain implementation written in Python

    JaamoCoin - simple Python blockchain example This is a very simple blockchain example written in Python. Based on this tutorial: https://medium.com/co

    Jaakko Alajoki 1 Jan 07, 2022
    Basic Ethereum Miner Lib

    EthMine ⛏ Basic Ethereum Miner Library. Developers can integrate this algorithm to mine blocks from their ethereum supported chain efficiently. Instal

    Jaival Patel 1 Oct 30, 2021
    Historical Crypto Price

    Made with Coingecko API, this is a VERY simple python script that asks you the crypto, date and currency you want and then proceeds to give you the price and MarketCap at that precise moment

    7 Oct 14, 2022
    Audits Python environments and dependency trees for known vulnerabilities

    pip-audit pip-audit is a prototype tool for scanning Python environments for packages with known vulnerabilities. It uses the Python Packaging Advisor

    Trail of Bits 701 Dec 28, 2022
    GmJEWEL - The monorepo for the Greedy Merchants Guild

    Greedy Merchants Guild Hello! Welcome to the monorepo for the Greedy Merchants G

    Greedy Merchants Guild 5 Mar 09, 2022