Bump cryptography from 46.0.5 to 46.0.7 in /.devcontainer/src/test/regress by dependabot[bot] · Pull Request #8538 · citusdata/citus

dependabot · 2026-04-08T22:01:00Z

Bumps cryptography from 46.0.5 to 46.0.7.

Changelog

Sourced from cryptography's changelog.

46.0.7 - 2026-04-07
* **SECURITY ISSUE**: Fixed an issue where non-contiguous buffers could be
  passed to APIs that accept Python buffers, which could lead to buffer
  overflow. **CVE-2026-39892**
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.6.
.. _v46-0-6:
46.0.6 - 2026-03-25
SECURITY ISSUE: Fixed a bug where name constraints were not applied to peer names during verification when the leaf certificate contains a wildcard DNS SAN. Ordinary X.509 topologies are not affected by this bug, including those used by the Web PKI. Credit to Oleh Konko (1seal) for reporting the issue. CVE-2026-34073

.. _v46-0-5:

Commits

622d672 46.0.7 release (#14602)
91d7288 Cherry-pick #14542 (#14543)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [cryptography](https://github.com/pyca/cryptography) from 46.0.5 to 46.0.7. - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](pyca/cryptography@46.0.5...46.0.7) --- updated-dependencies: - dependency-name: cryptography dependency-version: 46.0.7 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>

codecov · 2026-04-09T07:00:11Z

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 44.89%. Comparing base (4d6fb1d) to head (e4e4511).

❌ Your project check has failed because the head coverage (44.89%) is below the target coverage (87.50%). You can increase the head coverage or adjust the target coverage.

❗ There is a different number of reports uploaded between BASE (4d6fb1d) and HEAD (e4e4511). Click for more details.

HEAD has 89 uploads less than BASE

Flag BASE (4d6fb1d) HEAD (e4e4511)

16_regress_check-pytest 1 0

18_regress_check-pytest 1 0

17_regress_check-pytest 1 0

17_citus_upgrade 1 0

18_regress_check-query-generator 1 0

16_citus_upgrade 1 0

16_regress_check-tap 1 0

16_regress_check-follower-cluster 1 0

18_regress_check-tap 1 0

17_regress_check-columnar-isolation 1 0

16_17_upgrade 1 0

17_18_upgrade 1 0

18_regress_check-follower-cluster 1 0

18_regress_check-columnar-isolation 1 0

17_regress_check-enterprise-isolation-logicalrep-3 1 0

16_regress_check-query-generator 1 0

16_regress_check-enterprise-isolation-logicalrep-2 1 0

17_regress_check-tap 1 0

18_regress_check-enterprise-isolation-logicalrep-2 1 0

16_regress_check-add-backup-node 1 0

16_regress_check-enterprise-isolation-logicalrep-3 1 0

18_regress_check-add-backup-node 1 0

18_regress_check-columnar 1 0

17_regress_check-enterprise-isolation-logicalrep-2 1 0

16_regress_check-enterprise-failure 1 0

18_regress_check-enterprise-isolation-logicalrep-3 1 0

16_regress_check-split 1 0

17_regress_check-enterprise-failure 1 0

17_regress_check-split 1 0

18_regress_check-split 1 0

18_regress_check-failure 1 0

16_regress_check-enterprise-isolation-logicalrep-1 1 0

16_cdc_installcheck 1 0

17_regress_check-follower-cluster 1 0

17_regress_check-add-backup-node 1 0

16_18_upgrade 1 0

16_regress_check-columnar-isolation 1 0

18_regress_check-enterprise-isolation-logicalrep-1 1 0

16_regress_check-enterprise-isolation 1 0

17_regress_check-enterprise-isolation 1 0

17_cdc_installcheck 1 0

18_cdc_installcheck 1 0

17_regress_check-vanilla 1 0

17_regress_check-enterprise-isolation-logicalrep-1 1 0

17_regress_check-multi-1-create-citus 1 0

17_regress_check-failure 1 0

16_regress_check-multi-1-create-citus 1 0

18_regress_check-multi-1-create-citus 1 0

16_regress_check-multi-mx 1 0

16_regress_check-vanilla 1 0

17_regress_check-multi-mx 1 0

18_regress_check-enterprise-isolation 1 0

18_regress_check-multi-mx 1 0

18_regress_check-operations 1 0

16_regress_check-operations 1 0

17_regress_check-operations 1 0

18_regress_check-enterprise 1 0

17_regress_check-query-generator 1 0

18_regress_check-vanilla 1 0

18_regress_check-enterprise-failure 1 0

16_regress_check-failure 1 0

17_regress_check-enterprise 1 0

16_regress_check-enterprise 1 0

17_regress_check-isolation 1 0

18_regress_check-isolation 1 0

16_regress_check-isolation 1 0

16_regress_check-multi 1 0

18_regress_check-multi 1 0

18_arbitrary_configs_3 1 0

16_arbitrary_configs_3 1 0

17_regress_check-multi 1 0

17_arbitrary_configs_5 1 0

18_regress_check-multi-1 1 0

17_arbitrary_configs_2 1 0

16_arbitrary_configs_2 1 0

16_regress_check-multi-1 1 0

18_arbitrary_configs_2 1 0

17_regress_check-multi-1 1 0

18_arbitrary_configs_4 1 0

16_arbitrary_configs_4 1 0

17_arbitrary_configs_4 1 0

18_arbitrary_configs_0 1 0

16_arbitrary_configs_0 1 0

16_regress_check-columnar 1 0

17_regress_check-columnar 1 0

18_arbitrary_configs_5 1 0

16_arbitrary_configs_5 1 0

17_arbitrary_configs_0 1 0

16_arbitrary_configs_1 1 0

Additional details and impacted files

@@             Coverage Diff             @@
##             main    #8538       +/-   ##
===========================================
- Coverage   88.90%   44.89%   -44.02%     
===========================================
  Files         286      286               
  Lines       63227    62220     -1007     
  Branches     7937     7653      -284     
===========================================
- Hits        56214    27934    -28280     
- Misses       4736    31849    +27113     
- Partials     2277     2437      +160

🚀 New features to boost your workflow:

❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Apr 8, 2026

dependabot bot mentioned this pull request Apr 8, 2026

Bump cryptography from 46.0.5 to 46.0.6 in /.devcontainer/src/test/regress #8531

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump cryptography from 46.0.5 to 46.0.7 in /.devcontainer/src/test/regress#8538

Bump cryptography from 46.0.5 to 46.0.7 in /.devcontainer/src/test/regress#8538
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/dot-devcontainer/src/test/regress/cryptography-46.0.7

dependabot bot commented on behalf of github Apr 8, 2026

Uh oh!

codecov bot commented Apr 9, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot bot commented on behalf of github Apr 8, 2026

Uh oh!

codecov bot commented Apr 9, 2026

Codecov Report

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants