• 
  
    
 
    
 
    

    



    
    
    
    
     
    






    
 
    


 
    



    
 

 

  

  

 

    


  
    





    
 
    



  

    
 
 
    
  
    Update cryptography and bleach dependencies.
    
 
    

    



 
    
 
    

  Review Request #15127
  —
  Created June 22, 2026 and updated  — Latest diff uploaded 

 
    


    




    




    




 
    
  
    
   Information

  
    



    
 
 
    
  david
 
    

    





    
 
 
    
  Review Board
 
    

    





    
 
 
    
  release-7.x
 
    

    





    
 
 
    
  
 
    

    





    
 
 
    
  
 
    

    



 
    



 
    
  
    
   Reviewers

  
    



    
 
 
    
  reviewboard
 
    

    





    
 
 
    
  
 
    

    



 
    



    


    
 
    




  

    
 
 
    
  
    This change bumps two of our dependencies to account for some pip-audit
    
flags:
    

    cryptography has been updated to 49.0 (on Python versions that support
    
it), and pyOpenSSL updated to match. There's a log warning that the
    
CFB8 cipher was going to be moved in 49.0, but it looks like that didn't
    
actually happen and it's still available in the old import path, so we
    
don't need to handle that move yet.
    

    bleach has been updated to >=6.1. 6.1 is the last version that
    
supported Python 3.8, and 6.4 is the last release that will ever happen.
    
I've filed a task for us to find a replacement for bleach, since there
    
won't be any python version or security updates in the future.
    
 
    

    





  

    
 
 
    
  
    Ran unit tests.
    
 
    

    




 
    

    





    
 
    









 




 
    

    




   
    
    
    
    
    
    
    
    

    
    
      
    Commits
    
      
    
        
      
    
    
    

    
    

      
    Files