Bump cryptography from 43.0.0 to 44.0.0

[dependabot]

Bumps cryptography from 43.0.0 to 44.0.0.

Changelog

Sourced from cryptography's changelog.

44.0.0 - 2024-11-27

* **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL < 3.9.
* Deprecated Python 3.7 support. Python 3.7 is no longer supported by the
  Python core team. Support for Python 3.7 will be removed in a future
  ``cryptography`` release.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.0.
* macOS wheels are now built against the macOS 10.13 SDK. Users on older
  versions of macOS should upgrade, or they will need to build
  ``cryptography`` themselves.
* Enforce the :rfc:`5280` requirement that extended key usage extensions must
  not be empty.
* Added support for timestamp extraction to the
  :class:`~cryptography.fernet.MultiFernet` class.
* Relax the Authority Key Identifier requirements on root CA certificates
  during X.509 verification to allow fields permitted by :rfc:`5280` but
  forbidden by the CA/Browser BRs.
* Added support for :class:`~cryptography.hazmat.primitives.kdf.argon2.Argon2id`
  when using OpenSSL 3.2.0+.
* Added support for the :class:`~cryptography.x509.Admissions` certificate extension.
* Added basic support for PKCS7 decryption (including S/MIME 3.2) via
  :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_der`,
  :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_pem`, and
  :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_smime`.
.. _v43-0-3:
43.0.3 - 2024-10-18

• Fixed release metadata for cryptography-vectors

.. _v43-0-2:

43.0.2 - 2024-10-18

* Fixed compilation when using LibreSSL 4.0.0.
.. _v43-0-1:
43.0.1 - 2024-09-03

• Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.3.2.

.. _v43-0-0:

Commits

• f299a48 remove deprecated call (#12052)
• 439eb05 Bump version for 44.0.0 (#12051)
• 2c5ad4d chore(deps): bump maturin from 1.7.4 to 1.7.5 in /.github/requirements (#12050)
• d23968a chore(deps): bump libc from 0.2.165 to 0.2.166 (#12049)
• 133c0e0 Bump x509-limbo and/or wycheproof in CI (#12047)
• f2259d7 Bump BoringSSL and/or OpenSSL in CI (#12046)
• e201c87 fixed metadata in changelog (#12044)
• c6104cc Prohibit Python 3.9.0, 3.9.1 -- they have a bug that causes errors (#12045)
• d6cac75 Add support for decrypting S/MIME messages (#11555)
• b8e5bfd chore(deps): bump libc from 0.2.164 to 0.2.165 (#12042)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
celery-insights-bldx	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Dec 2, 2024 8:04pm

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 1 package(s) with unknown licenses.

See the Details below.

License Issues

poetry.lock

Package	Version	License	Issue Type
cryptography	44.0.0	Null	Unknown License

OpenSSF Scorecard

Package	Version	Score	Details
pip/cryptography	44.0.0	🟢 8.2	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 20 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 10 all changesets reviewed Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions 🟢 9 detected GitHub workflow tokens with excessive permissions License 🟢 9 license file detected Signed-Releases ⚠️ -1 no releases found Fuzzing 🟢 10 project is fuzzed Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging 🟢 10 packaging workflow detected Pinned-Dependencies 🟢 4 dependency not pinned by hash detected -- score normalized to 4 SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 7 3 existing vulnerabilities detected

Scanned Files

• poetry.lock