Summary

Update cryptography and bleach dependencies.

Review Request #15127 — Created June 22, 2026 and updated June 22, 2026, 8:36 a.m.

Information

Owner

david

Repository

Review Board

Branch

release-7.x

Bugs

Depends On

Reviewers

Groups

reviewboard

People

Description

This change bumps two of our dependencies to account for some pip-audit

flags:
cryptography has been updated to 49.0 (on Python versions that support

it), and pyOpenSSL updated to match. There's a log warning that the

CFB8 cipher was going to be moved in 49.0, but it looks like that didn't

actually happen and it's still available in the old import path, so we

don't need to handle that move yet.
bleach has been updated to >=6.1. 6.1 is the last version that

supported Python 3.8, and 6.4 is the last release that will ever happen.

I've filed a task for us to find a replacement for bleach, since there

won't be any python version or security updates in the future.

Testing Done

Ran unit tests.

Commits

Summary	ID
Update cryptography and bleach dependencies. This change bumps two of our dependencies to account for some pip-audit flags: `cryptography` has been updated to 49.0 (on Python versions that support it), and `pyOpenSSL` updated to match. There's a log warning that the CFB8 cipher was going to be moved in 49.0, but it looks like that didn't actually happen and it's still available in the old import path, so we don't need to handle that move yet. `bleach` has been updated to >=6.1. 6.1 is the last version that supported Python 3.8, and 6.4 is the last release that will ever happen. I've filed a task for us to find a replacement for bleach, since there won't be any python version or security updates in the future. Testing Done: Ran unit tests.	pvxsyzrswpmrpmvtsnuttwyqpnsvszkv

Summary

Update cryptography and bleach dependencies.

This change bumps two of our dependencies to account for some pip-audit flags: `cryptography` has been updated to 49.0 (on Python versions that support it), and `pyOpenSSL` updated to match. There's a log warning that the CFB8 cipher was going to be moved in 49.0, but it looks like that didn't actually happen and it's still available in the old import path, so we don't need to handle that move yet. `bleach` has been updated to >=6.1. 6.1 is the last version that supported Python 3.8, and 6.4 is the last release that will ever happen. I've filed a task for us to find a replacement for bleach, since there won't be any python version or security updates in the future. Testing Done: Ran unit tests.

pvxsyzrswpmrpmvtsnuttwyqpnsvszkv

flake8 passed.

JSHint passed.