| 7e33b0e | Alex Gaynor | 14 December 2022, 06:50:06 UTC | Bump OpenSSL/BoringSSL and adapt for OpenSSL RSA bleichenbacher mitigation (#7895) * Bump BoringSSL and/or OpenSSL in CI * Attempt to work-around wycheproof tests Co-authored-by: pyca-boringbot[bot] <pyca-boringbot[bot]+106132319@users.noreply.github.com> | 14 December 2022, 06:50:06 UTC |
| 00e93c8 | dependabot[bot] | 13 December 2022, 12:39:57 UTC | Bump parking_lot_core from 0.8.5 to 0.8.6 in /src/rust (#7897) Bumps [parking_lot_core](https://github.com/Amanieu/parking_lot) from 0.8.5 to 0.8.6. - [Release notes](https://github.com/Amanieu/parking_lot/releases) - [Changelog](https://github.com/Amanieu/parking_lot/blob/master/CHANGELOG.md) - [Commits](https://github.com/Amanieu/parking_lot/compare/core-0.8.5...core-0.8.6) --- updated-dependencies: - dependency-name: parking_lot_core dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> | 13 December 2022, 12:39:57 UTC |
| 254e80d | dependabot[bot] | 13 December 2022, 12:14:58 UTC | Bump actions/checkout from 3.1.0 to 3.2.0 (#7896) Bumps [actions/checkout](https://github.com/actions/checkout) from 3.1.0 to 3.2.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v3.1.0...v3.2.0) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> | 13 December 2022, 12:14:58 UTC |
| a4c750a | Alex Gaynor | 12 December 2022, 22:40:25 UTC | ignore speakerdeck on linkcheck (#7893) | 12 December 2022, 22:40:25 UTC |
| ded8319 | pyca-boringbot[bot] | 12 December 2022, 03:23:49 UTC | Bump BoringSSL and/or OpenSSL in CI (#7890) Co-authored-by: pyca-boringbot[bot] <pyca-boringbot[bot]+106132319@users.noreply.github.com> | 12 December 2022, 03:23:49 UTC |
| 05baf6d | pyca-boringbot[bot] | 10 December 2022, 00:18:56 UTC | Bump BoringSSL and/or OpenSSL in CI (#7889) Co-authored-by: pyca-boringbot[bot] <pyca-boringbot[bot]+106132319@users.noreply.github.com> | 10 December 2022, 00:18:56 UTC |
| b1213f7 | dependabot[bot] | 09 December 2022, 12:18:59 UTC | Bump actions/setup-python from 4.3.0 to 4.3.1 (#7888) Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.3.0 to 4.3.1. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v4.3.0...v4.3.1) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> | 09 December 2022, 12:18:59 UTC |
| 13988f5 | pyca-boringbot[bot] | 09 December 2022, 04:07:57 UTC | Bump BoringSSL and/or OpenSSL in CI (#7884) Co-authored-by: pyca-boringbot[bot] <pyca-boringbot[bot]+106132319@users.noreply.github.com> | 09 December 2022, 04:07:57 UTC |
| 8fc5cfa | Paul Kehrer | 09 December 2022, 03:34:25 UTC | fixes for tox4 (#7887) * possibly fix tox4 * add a missing env we need to allow * lol how did this stuff ever work | 09 December 2022, 03:34:25 UTC |
| 56ca718 | pyca-boringbot[bot] | 07 December 2022, 00:21:27 UTC | Bump BoringSSL and/or OpenSSL in CI (#7882) Co-authored-by: pyca-boringbot[bot] <pyca-boringbot[bot]+106132319@users.noreply.github.com> | 07 December 2022, 00:21:27 UTC |
| c15e99c | pyca-boringbot[bot] | 06 December 2022, 00:23:36 UTC | Bump BoringSSL and/or OpenSSL in CI (#7881) Co-authored-by: pyca-boringbot[bot] <pyca-boringbot[bot]+106132319@users.noreply.github.com> | 06 December 2022, 00:23:36 UTC |
| f6f504e | Alex Gaynor | 06 December 2022, 00:17:33 UTC | remove unnecessary lifetime (#7880) clippy on nightly complains about it | 06 December 2022, 00:17:33 UTC |
| cb45eba | dependabot[bot] | 05 December 2022, 15:50:46 UTC | Bump dessant/lock-threads from 3.0.0 to 4.0.0 (#7879) Bumps [dessant/lock-threads](https://github.com/dessant/lock-threads) from 3.0.0 to 4.0.0. - [Release notes](https://github.com/dessant/lock-threads/releases) - [Changelog](https://github.com/dessant/lock-threads/blob/master/CHANGELOG.md) - [Commits](https://github.com/dessant/lock-threads/compare/e460dfeb36e731f3aeb214be6b0c9a9d9a67eda6...c1b35aecc5cdb1a34539d14196df55838bb2f836) --- updated-dependencies: - dependency-name: dessant/lock-threads dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> | 05 December 2022, 15:50:46 UTC |
| 7b79a46 | William Woodruff | 05 December 2022, 02:20:11 UTC | x509: add `load_pem_x509_certificates` (#7878) * x509: add `load_pem_x509_certificates` This behaves similarly to `load_pem_x509_certificate`, except that it returns a list of loaded certificates instead of just the first X.509 certificate. It raises if the input contains no PEM-encoded certificates, or if PEM or certificate parsing fail. Signed-off-by: William Woodruff <william@trailofbits.com> * tests/x509: blacken Signed-off-by: William Woodruff <william@trailofbits.com> * Update docs/x509/reference.rst Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com> * tests/x509: assert each item in the list is actually a certificate Signed-off-by: William Woodruff <william@trailofbits.com> * bindings: expose `load_pem_x509_certificates` in `x509.pyi` Signed-off-by: William Woodruff <william@trailofbits.com> * tests/x509: test the structure of each cert a bit This has the transitive effect of establishing a fixed order. Signed-off-by: William Woodruff <william@trailofbits.com> * CHANGELOG: record changes Signed-off-by: William Woodruff <william@trailofbits.com> * docs: add PEM to spellcheck allowlist Signed-off-by: William Woodruff <william@trailofbits.com> * docs/x509: document expected param Signed-off-by: William Woodruff <william@trailofbits.com> Signed-off-by: William Woodruff <william@trailofbits.com> Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com> | 05 December 2022, 02:20:11 UTC |
| 15e6acf | Paul Kehrer | 04 December 2022, 23:38:51 UTC | a few more mypy flags and fixes (#7877) | 04 December 2022, 23:38:51 UTC |
| 1e9513e | Alex Gaynor | 04 December 2022, 22:40:34 UTC | Annotate a few more functions (#7876) | 04 December 2022, 22:40:34 UTC |
| 5302b2a | pyca-boringbot[bot] | 04 December 2022, 00:22:48 UTC | Bump BoringSSL and/or OpenSSL in CI (#7875) Co-authored-by: pyca-boringbot[bot] <pyca-boringbot[bot]+106132319@users.noreply.github.com> | 04 December 2022, 00:22:48 UTC |
| 28d7fe3 | dependabot[bot] | 03 December 2022, 05:16:20 UTC | Bump libc from 0.2.137 to 0.2.138 in /src/rust (#7874) Bumps [libc](https://github.com/rust-lang/libc) from 0.2.137 to 0.2.138. - [Release notes](https://github.com/rust-lang/libc/releases) - [Commits](https://github.com/rust-lang/libc/compare/0.2.137...0.2.138) --- updated-dependencies: - dependency-name: libc dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> | 03 December 2022, 05:16:20 UTC |
| 8fcc252 | dependabot[bot] | 03 December 2022, 05:09:04 UTC | Bump cxx-build from 1.0.82 to 1.0.83 in /src/rust (#7873) Bumps [cxx-build](https://github.com/dtolnay/cxx) from 1.0.82 to 1.0.83. - [Release notes](https://github.com/dtolnay/cxx/releases) - [Commits](https://github.com/dtolnay/cxx/compare/1.0.82...1.0.83) --- updated-dependencies: - dependency-name: cxx-build dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> | 03 December 2022, 05:09:04 UTC |
| 0170ca9 | dependabot[bot] | 03 December 2022, 05:01:52 UTC | Bump cxx from 1.0.82 to 1.0.83 in /src/rust (#7872) Bumps [cxx](https://github.com/dtolnay/cxx) from 1.0.82 to 1.0.83. - [Release notes](https://github.com/dtolnay/cxx/releases) - [Commits](https://github.com/dtolnay/cxx/compare/1.0.82...1.0.83) --- updated-dependencies: - dependency-name: cxx dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> | 03 December 2022, 05:01:52 UTC |
| 3133cd7 | pyca-boringbot[bot] | 03 December 2022, 00:18:21 UTC | Bump BoringSSL and/or OpenSSL in CI (#7871) Co-authored-by: pyca-boringbot[bot] <pyca-boringbot[bot]+106132319@users.noreply.github.com> | 03 December 2022, 00:18:21 UTC |
| 2066c7f | pyca-boringbot[bot] | 02 December 2022, 00:19:29 UTC | Bump BoringSSL and/or OpenSSL in CI (#7869) Co-authored-by: pyca-boringbot[bot] <pyca-boringbot[bot]+106132319@users.noreply.github.com> | 02 December 2022, 00:19:29 UTC |
| 420075c | dependabot[bot] | 01 December 2022, 12:35:04 UTC | Bump syn from 1.0.104 to 1.0.105 in /src/rust (#7867) Bumps [syn](https://github.com/dtolnay/syn) from 1.0.104 to 1.0.105. - [Release notes](https://github.com/dtolnay/syn/releases) - [Commits](https://github.com/dtolnay/syn/compare/1.0.104...1.0.105) --- updated-dependencies: - dependency-name: syn dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> | 01 December 2022, 12:35:04 UTC |
| ab2aff3 | Alex Gaynor | 01 December 2022, 01:40:48 UTC | be careful to only publish wheels from the right CI run (#7865) | 01 December 2022, 01:40:48 UTC |
| 6909cda | pyca-boringbot[bot] | 01 December 2022, 01:28:16 UTC | Bump BoringSSL and/or OpenSSL in CI (#7866) Co-authored-by: pyca-boringbot[bot] <pyca-boringbot[bot]+106132319@users.noreply.github.com> | 01 December 2022, 01:28:16 UTC |
| 622c983 | pyca-boringbot[bot] | 30 November 2022, 00:25:05 UTC | Bump BoringSSL and/or OpenSSL in CI (#7864) Co-authored-by: pyca-boringbot[bot] <pyca-boringbot[bot]+106132319@users.noreply.github.com> | 30 November 2022, 00:25:05 UTC |
| 21225b4 | pyca-boringbot[bot] | 29 November 2022, 00:23:02 UTC | Bump BoringSSL and/or OpenSSL in CI (#7862) Co-authored-by: pyca-boringbot[bot] <pyca-boringbot[bot]+106132319@users.noreply.github.com> | 29 November 2022, 00:23:02 UTC |
| 5a00c33 | Alex Gaynor | 28 November 2022, 13:31:10 UTC | use the correct param name in stale action (#7861) | 28 November 2022, 13:31:10 UTC |
| 0bd7ca9 | dependabot[bot] | 28 November 2022, 12:28:32 UTC | Bump syn from 1.0.103 to 1.0.104 in /src/rust (#7860) Bumps [syn](https://github.com/dtolnay/syn) from 1.0.103 to 1.0.104. - [Release notes](https://github.com/dtolnay/syn/releases) - [Commits](https://github.com/dtolnay/syn/compare/1.0.103...1.0.104) --- updated-dependencies: - dependency-name: syn dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> | 28 November 2022, 12:28:32 UTC |
| 39b96a1 | dependabot[bot] | 28 November 2022, 12:16:25 UTC | Bump peter-evans/create-pull-request from 4.2.2 to 4.2.3 (#7859) Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 4.2.2 to 4.2.3. - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](https://github.com/peter-evans/create-pull-request/compare/331d02c7e2104af23ad5974d4d5cbc58a3e6dc77...2b011faafdcbc9ceb11414d64d0573f37c774b04) --- updated-dependencies: - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> | 28 November 2022, 12:16:25 UTC |
| 769a2cd | dependabot[bot] | 28 November 2022, 12:16:03 UTC | Bump dtolnay/rust-toolchain (#7858) Bumps [dtolnay/rust-toolchain](https://github.com/dtolnay/rust-toolchain) from 55c7845fad90d0ae8b2e83715cb900e5e861e8cb to e645b0cf01249a964ec099494d38d2da0f0b349f. - [Release notes](https://github.com/dtolnay/rust-toolchain/releases) - [Commits](https://github.com/dtolnay/rust-toolchain/compare/55c7845fad90d0ae8b2e83715cb900e5e861e8cb...e645b0cf01249a964ec099494d38d2da0f0b349f) --- updated-dependencies: - dependency-name: dtolnay/rust-toolchain dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> | 28 November 2022, 12:16:03 UTC |
| a125b12 | pyca-boringbot[bot] | 28 November 2022, 00:19:13 UTC | Bump BoringSSL and/or OpenSSL in CI (#7857) Co-authored-by: pyca-boringbot[bot] <pyca-boringbot[bot]+106132319@users.noreply.github.com> | 28 November 2022, 00:19:13 UTC |
| 49530e1 | Alex Gaynor | 27 November 2022, 20:39:19 UTC | Bump rust-asn1 to 0.13 (#7856) | 27 November 2022, 20:39:19 UTC |
| b1d881c | Paul Kehrer | 27 November 2022, 19:18:48 UTC | port 38.0.4 changelog to main (#7855) | 27 November 2022, 19:18:48 UTC |
| 884c2cb | Nicola Tuveri | 27 November 2022, 14:10:48 UTC | Update invalid EC key test for compatibility with upcoming OpenSSL changes (#7833) One of the tests checking behavior with invalid EC keys hardcoded the error reason. This commit replaces the string matching with a regex to match both the current string and a new reason, introduced by upcoming OpenSSL changes [0], which would otherwise trigger a false positive failure. [0]: https://github.com/openssl/openssl/pull/19681 | 27 November 2022, 14:10:48 UTC |
| fe5442c | Alex Gaynor | 26 November 2022, 23:00:44 UTC | update installation.rst for new CI OS (#7852) | 26 November 2022, 23:00:44 UTC |
| 0e21f57 | Alex Gaynor | 26 November 2022, 20:27:47 UTC | Revert "don't use flake8 6.0 (#7838)" (#7851) This reverts commit 169a803e0c4feece7b81eecefcd54a49d7ba4d31. | 26 November 2022, 20:27:47 UTC |
| 064d49d | Paul Kehrer | 26 November 2022, 20:10:05 UTC | add job to automatically mark issues/PRs stale and close them (#7850) | 26 November 2022, 20:10:05 UTC |
| 2c41ac4 | pyca-boringbot[bot] | 26 November 2022, 01:13:07 UTC | Bump BoringSSL and/or OpenSSL in CI (#7845) Co-authored-by: pyca-boringbot[bot] <pyca-boringbot[bot]+106132319@users.noreply.github.com> | 26 November 2022, 01:13:07 UTC |
| bf4a491 | Alex Gaynor | 25 November 2022, 23:25:54 UTC | Refs #7843 -- update py36 deprecation message (#7844) | 25 November 2022, 23:25:54 UTC |
| df542e9 | Alex Gaynor | 25 November 2022, 20:53:16 UTC | Rewrite PKCS7 signature generation in Rust (#7729) * Rewrite PKCS7 signature generation in Rust * Update src/rust/src/pkcs7.rs | 25 November 2022, 20:53:16 UTC |
| fce124a | pyca-boringbot[bot] | 25 November 2022, 00:21:41 UTC | Bump BoringSSL and/or OpenSSL in CI (#7842) Co-authored-by: pyca-boringbot[bot] <pyca-boringbot[bot]+106132319@users.noreply.github.com> | 25 November 2022, 00:21:41 UTC |
| 459afc5 | dependabot[bot] | 24 November 2022, 13:49:46 UTC | Bump peter-evans/create-pull-request from 4.2.1 to 4.2.2 (#7841) Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 4.2.1 to 4.2.2. - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](https://github.com/peter-evans/create-pull-request/compare/d7db273d6c7206ba99224e659c982ae34a1025e3...331d02c7e2104af23ad5974d4d5cbc58a3e6dc77) --- updated-dependencies: - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> | 24 November 2022, 13:49:46 UTC |
| b522c42 | Sviatoslav Sydorenko | 24 November 2022, 03:57:29 UTC | Correct the tripple-S typo in "OpenSSL" in bot PRs (#7840) | 24 November 2022, 03:57:29 UTC |
| 230ef9c | Sviatoslav Sydorenko | 24 November 2022, 02:55:57 UTC | Fix the boringbot committer/author information (#7839) This patch makes the commit author field use the correct "user noreply" email. It helps GitHub to correctly assign the commit authorship in the UI. Refs: * https://github.com/sanitizers/patchback-github-app/commit/cee09976 * https://api.github.com/users/pyca-boringbot[bot] | 24 November 2022, 02:55:57 UTC |
| 4138532 | pyca-boringbot[bot] | 24 November 2022, 00:49:59 UTC | Bump BoringSSL and/or OpenSSL in CI (#7837) Co-authored-by: BoringSSL Bot <pyca-boringbot@users.noreply.github.com> | 24 November 2022, 00:49:59 UTC |
| 169a803 | Alex Gaynor | 24 November 2022, 00:32:37 UTC | don't use flake8 6.0 (#7838) it's not compatible with the latest flake8-import-order: https://github.com/PyCQA/flake8-import-order/issues/189 | 24 November 2022, 00:32:37 UTC |
| 2ab64b5 | pyca-boringbot[bot] | 23 November 2022, 01:13:39 UTC | Bump BoringSSL and/or OpenSSL in CI (#7835) Co-authored-by: BoringSSL Bot <pyca-boringbot@users.noreply.github.com> | 23 November 2022, 01:13:39 UTC |
| 95a2b50 | Theo Buehler | 22 November 2022, 15:33:32 UTC | LibreSSL 3.7 adds support for Ed25519 (#7803) * LibreSSL 3.7 adds support for Ed25519 This brings support for the raw public key API. * Use feature variable to enable Ed25519 Ed25519 support is available since OpenSSL 1.1.1b and LibreSSL 3.7.0. | 22 November 2022, 15:33:32 UTC |
| e06ab09 | dependabot[bot] | 22 November 2022, 12:43:09 UTC | Bump cc from 1.0.76 to 1.0.77 in /src/rust (#7832) Bumps [cc](https://github.com/rust-lang/cc-rs) from 1.0.76 to 1.0.77. - [Release notes](https://github.com/rust-lang/cc-rs/releases) - [Commits](https://github.com/rust-lang/cc-rs/compare/1.0.76...1.0.77) --- updated-dependencies: - dependency-name: cc dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> | 22 November 2022, 12:43:09 UTC |
| fe25c35 | dependabot[bot] | 22 November 2022, 12:15:49 UTC | Bump peter-evans/create-pull-request from 4.2.0 to 4.2.1 (#7831) Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 4.2.0 to 4.2.1. - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](https://github.com/peter-evans/create-pull-request/compare/b4d51739f96fca8047ad065eccef63442d8e99f7...d7db273d6c7206ba99224e659c982ae34a1025e3) --- updated-dependencies: - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> | 22 November 2022, 12:15:49 UTC |
| dcf5ec7 | pyca-boringbot[bot] | 22 November 2022, 00:25:13 UTC | Bump BoringSSL and/or OpenSSL in CI (#7830) Co-authored-by: BoringSSL Bot <pyca-boringbot@users.noreply.github.com> | 22 November 2022, 00:25:13 UTC |
| 8c9b412 | Alex Gaynor | 20 November 2022, 21:04:25 UTC | Remove some unused bindings (#7825) | 20 November 2022, 21:04:25 UTC |
| 41f6ff1 | Alex Gaynor | 20 November 2022, 20:57:22 UTC | Remove bindings related to SSLeay (#7826) | 20 November 2022, 20:57:22 UTC |
| ebd452f | pyca-boringbot[bot] | 19 November 2022, 00:54:40 UTC | Bump BoringSSL and/or OpenSSL in CI (#7823) Co-authored-by: BoringSSL Bot <pyca-boringbot@users.noreply.github.com> | 19 November 2022, 00:54:40 UTC |
| 9adc2e2 | dependabot[bot] | 18 November 2022, 12:54:54 UTC | Bump cxx-build from 1.0.81 to 1.0.82 in /src/rust (#7822) Bumps [cxx-build](https://github.com/dtolnay/cxx) from 1.0.81 to 1.0.82. - [Release notes](https://github.com/dtolnay/cxx/releases) - [Commits](https://github.com/dtolnay/cxx/compare/1.0.81...1.0.82) --- updated-dependencies: - dependency-name: cxx-build dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> | 18 November 2022, 12:54:54 UTC |
| e78159c | dependabot[bot] | 18 November 2022, 12:17:27 UTC | Bump cxx from 1.0.81 to 1.0.82 in /src/rust (#7821) Bumps [cxx](https://github.com/dtolnay/cxx) from 1.0.81 to 1.0.82. - [Release notes](https://github.com/dtolnay/cxx/releases) - [Commits](https://github.com/dtolnay/cxx/compare/1.0.81...1.0.82) --- updated-dependencies: - dependency-name: cxx dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> | 18 November 2022, 12:17:27 UTC |
| 95edbd1 | pyca-boringbot[bot] | 18 November 2022, 00:23:10 UTC | Bump BoringSSL and/or OpenSSL in CI (#7820) Co-authored-by: BoringSSL Bot <pyca-boringbot@users.noreply.github.com> | 18 November 2022, 00:23:10 UTC |
| 7e01d58 | jeanluc | 17 November 2022, 23:12:51 UTC | Add *_SHA3 signature algorithms to OID <-> hash map (#7819) * Add test for issue 7818 * Add *_SHA3 signature algorithms to OID <-> hash map * Use type instead of __class__ | 17 November 2022, 23:12:51 UTC |
| d9f6ef6 | Alex Gaynor | 17 November 2022, 03:59:49 UTC | update for new fedora (#7817) | 17 November 2022, 03:59:49 UTC |
| a77fc27 | pyca-boringbot[bot] | 17 November 2022, 03:04:41 UTC | Bump BoringSSL and/or OpenSSL in CI (#7816) Co-authored-by: BoringSSL Bot <pyca-boringbot@users.noreply.github.com> | 17 November 2022, 03:04:41 UTC |
| 1730e7a | Alex Gaynor | 16 November 2022, 07:40:43 UTC | Clear out some dead code from the OS random engine, now that macOS 10.12 is our minimum (#7813) | 16 November 2022, 07:40:43 UTC |
| 5625168 | pyca-boringbot[bot] | 16 November 2022, 00:20:53 UTC | Bump BoringSSL and/or OpenSSL in CI (#7814) Co-authored-by: BoringSSL Bot <pyca-boringbot@users.noreply.github.com> | 16 November 2022, 00:20:53 UTC |
| b907413 | Alex Gaynor | 15 November 2022, 03:44:09 UTC | Increased minimum macOS version to 10.12 (#7806) | 15 November 2022, 03:44:09 UTC |
| 5c7defc | pyca-boringbot[bot] | 15 November 2022, 03:29:36 UTC | Bump BoringSSL and/or OpenSSL in CI (#7809) Co-authored-by: BoringSSL Bot <pyca-boringbot@users.noreply.github.com> | 15 November 2022, 03:29:36 UTC |
| cbc06f3 | Alex Gaynor | 15 November 2022, 03:23:02 UTC | Don't use double space after a period (#7808) | 15 November 2022, 03:23:02 UTC |
| 8632fe8 | Alex Gaynor | 15 November 2022, 01:59:17 UTC | attempt to un-curse our CI (#7810) | 15 November 2022, 01:59:17 UTC |
| f308612 | Alex Gaynor | 13 November 2022, 20:55:25 UTC | Update chrono and resolve deprecations (#7805) | 13 November 2022, 20:55:25 UTC |
| 3489d7a | pyca-boringbot[bot] | 13 November 2022, 00:23:19 UTC | Bump BoringSSL and/or OpenSSL in CI (#7804) Co-authored-by: BoringSSL Bot <pyca-boringbot@users.noreply.github.com> | 13 November 2022, 00:23:19 UTC |
| 06db9e3 | Alex Gaynor | 12 November 2022, 01:36:26 UTC | Use OctetStringEncoded in OCSP Response implementation (#7802) | 12 November 2022, 01:36:26 UTC |
| 6b9f2d5 | dependabot[bot] | 12 November 2022, 01:16:47 UTC | Bump asn1 from 0.12.2 to 0.12.3 in /src/rust (#7801) Bumps [asn1](https://github.com/alex/rust-asn1) from 0.12.2 to 0.12.3. - [Release notes](https://github.com/alex/rust-asn1/releases) - [Commits](https://github.com/alex/rust-asn1/compare/0.12.2...0.12.3) --- updated-dependencies: - dependency-name: asn1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> | 12 November 2022, 01:16:47 UTC |
| 2afee12 | dependabot[bot] | 12 November 2022, 00:54:37 UTC | Bump dtolnay/rust-toolchain (#7799) Bumps [dtolnay/rust-toolchain](https://github.com/dtolnay/rust-toolchain) from ba37adf8f94a7d9affce79bd3baff1b9e3189c33 to 55c7845fad90d0ae8b2e83715cb900e5e861e8cb. - [Release notes](https://github.com/dtolnay/rust-toolchain/releases) - [Commits](https://github.com/dtolnay/rust-toolchain/compare/ba37adf8f94a7d9affce79bd3baff1b9e3189c33...55c7845fad90d0ae8b2e83715cb900e5e861e8cb) --- updated-dependencies: - dependency-name: dtolnay/rust-toolchain dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> | 12 November 2022, 00:54:37 UTC |
| 2c3bcf1 | dependabot[bot] | 12 November 2022, 00:50:01 UTC | Bump asn1_derive from 0.12.2 to 0.12.3 in /src/rust (#7800) Bumps [asn1_derive](https://github.com/alex/rust-asn1) from 0.12.2 to 0.12.3. - [Release notes](https://github.com/alex/rust-asn1/releases) - [Commits](https://github.com/alex/rust-asn1/compare/0.12.2...0.12.3) --- updated-dependencies: - dependency-name: asn1_derive dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> | 12 November 2022, 00:50:01 UTC |
| 8f231a8 | pyca-boringbot[bot] | 12 November 2022, 00:23:09 UTC | Bump BoringSSL and/or OpenSSL in CI (#7798) Co-authored-by: BoringSSL Bot <pyca-boringbot@users.noreply.github.com> | 12 November 2022, 00:23:09 UTC |
| 15ec317 | pyca-boringbot[bot] | 11 November 2022, 00:20:59 UTC | Bump BoringSSL and/or OpenSSL in CI (#7796) Co-authored-by: BoringSSL Bot <pyca-boringbot@users.noreply.github.com> | 11 November 2022, 00:20:59 UTC |
| 039ef53 | Alex Gaynor | 10 November 2022, 21:22:48 UTC | Add issuing a GHSA to our release process for OpenSSL releases (#7776) | 10 November 2022, 21:22:48 UTC |
| 883a13f | Alex Gaynor | 10 November 2022, 03:50:20 UTC | Stop testing and producing wheels for PyPy 3.7 (#7795) | 10 November 2022, 03:50:20 UTC |
| 9b788ec | pyca-boringbot[bot] | 10 November 2022, 00:21:35 UTC | Bump BoringSSL and/or OpenSSL in CI (#7793) Co-authored-by: BoringSSL Bot <pyca-boringbot@users.noreply.github.com> | 10 November 2022, 00:21:35 UTC |
| 8d70560 | Alex Gaynor | 09 November 2022, 20:25:48 UTC | add python 3.12-dev to CI (#7792) | 09 November 2022, 20:25:48 UTC |
| 923f661 | dependabot[bot] | 09 November 2022, 12:34:06 UTC | Bump cc from 1.0.74 to 1.0.76 in /src/rust (#7791) Bumps [cc](https://github.com/rust-lang/cc-rs) from 1.0.74 to 1.0.76. - [Release notes](https://github.com/rust-lang/cc-rs/releases) - [Commits](https://github.com/rust-lang/cc-rs/compare/1.0.74...1.0.76) --- updated-dependencies: - dependency-name: cc dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> | 09 November 2022, 12:34:06 UTC |
| 57577b5 | pyca-boringbot[bot] | 09 November 2022, 00:23:17 UTC | Bump BoringSSL and/or OpenSSL in CI (#7790) Co-authored-by: BoringSSL Bot <pyca-boringbot@users.noreply.github.com> | 09 November 2022, 00:23:17 UTC |
| 03fd121 | Alex Gaynor | 08 November 2022, 20:31:33 UTC | use triple dots in github comparison (#7789) | 08 November 2022, 20:31:33 UTC |
| 3aef9db | dependabot[bot] | 08 November 2022, 12:38:06 UTC | Bump cxx-build from 1.0.80 to 1.0.81 in /src/rust (#7788) Bumps [cxx-build](https://github.com/dtolnay/cxx) from 1.0.80 to 1.0.81. - [Release notes](https://github.com/dtolnay/cxx/releases) - [Commits](https://github.com/dtolnay/cxx/compare/1.0.80...1.0.81) --- updated-dependencies: - dependency-name: cxx-build dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> | 08 November 2022, 12:38:06 UTC |
| 8db4bd8 | dependabot[bot] | 08 November 2022, 12:18:33 UTC | Bump cxx from 1.0.80 to 1.0.81 in /src/rust (#7787) Bumps [cxx](https://github.com/dtolnay/cxx) from 1.0.80 to 1.0.81. - [Release notes](https://github.com/dtolnay/cxx/releases) - [Commits](https://github.com/dtolnay/cxx/compare/1.0.80...1.0.81) --- updated-dependencies: - dependency-name: cxx dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> | 08 November 2022, 12:18:33 UTC |
| 65996c9 | pyca-boringbot[bot] | 08 November 2022, 02:49:28 UTC | Bump BoringSSL and/or OpenSSL in CI (#7786) Co-authored-by: BoringSSL Bot <pyca-boringbot@users.noreply.github.com> | 08 November 2022, 02:49:28 UTC |
| b6ccd53 | Alex Gaynor | 08 November 2022, 00:39:09 UTC | update for new mypy (with more accurate typing) (#7785) | 08 November 2022, 00:39:09 UTC |
| 94e3c2d | pyca-boringbot[bot] | 07 November 2022, 00:21:21 UTC | Bump BoringSSL and/or OpenSSL in CI (#7782) Co-authored-by: BoringSSL Bot <pyca-boringbot@users.noreply.github.com> | 07 November 2022, 00:21:21 UTC |
| 9a30cf5 | Alex Gaynor | 06 November 2022, 20:58:59 UTC | Update minimum LibreSSL to 3.5 (#7780) This is the version of LibreSSL in OpenBSD 7.1, which is the oldest currently supported. | 06 November 2022, 20:58:59 UTC |
| ae38e5f | Alex Gaynor | 06 November 2022, 20:58:02 UTC | remove reference to raising NotImplementedError in update_into (#7781) this hasn't happened in a long time | 06 November 2022, 20:58:02 UTC |
| c897708 | Alex Gaynor | 06 November 2022, 20:56:37 UTC | bump action version (#7779) | 06 November 2022, 20:56:37 UTC |
| 544ac2a | pyca-boringbot[bot] | 06 November 2022, 13:28:49 UTC | Bump BoringSSL and/or OpenSSL in CI (#7778) Co-authored-by: BoringSSL Bot <pyca-boringbot@users.noreply.github.com> | 06 November 2022, 13:28:49 UTC |
| 9925d2b | Paul Kehrer | 06 November 2022, 12:43:56 UTC | automatically bump openssl's master commit hash too (#7772) | 06 November 2022, 12:43:56 UTC |
| ef39db3 | Paul Kehrer | 04 November 2022, 02:10:52 UTC | update openssl version for docs (#7773) | 04 November 2022, 02:10:52 UTC |
| 89a32fc | Alex Gaynor | 04 November 2022, 00:06:41 UTC | Test against OpenSSL master in CI (#7770) * Test against OpenSSL master in CI A future PR will incorporate automatic revision bumping into our CI * Sigh, increase this.... | 04 November 2022, 00:06:41 UTC |
| 199100b | Alex Gaynor | 03 November 2022, 19:45:42 UTC | Make comment in ci.yml unambigious (#7769) In the future we may want to test against dev branches of other openssls | 03 November 2022, 19:45:42 UTC |
| 2a4cf7d | Alex Gaynor | 03 November 2022, 11:41:03 UTC | Build vectors and sdist artifacts in CI as well. (#7766) This is in preperation for ultimately uploading them from GHA once PyPI has OIDC integration. | 03 November 2022, 11:41:03 UTC |
| d04cfe1 | pyca-boringbot[bot] | 03 November 2022, 00:25:45 UTC | Bump BoringSSL version to 10458977f6a803859808365fad071731369f655a (#7768) Co-authored-by: BoringSSL Bot <pyca-boringbot@users.noreply.github.com> | 03 November 2022, 00:25:45 UTC |
| 4bb3263 | Alex Gaynor | 02 November 2022, 19:41:59 UTC | Revert workaround for yanked OpenSSL (#7765) Partial revert of 6578d86ec557e0b4af2ba9d0c0a821fe939044ee | 02 November 2022, 19:41:59 UTC |
| cf2ada6 | Paul Kehrer | 01 November 2022, 21:19:52 UTC | forward port 38.0.3 changelog (#7762) | 01 November 2022, 21:19:52 UTC |
| 382e759 | Alex Gaynor | 01 November 2022, 19:40:25 UTC | bumps for new openssl release (#7759) | 01 November 2022, 19:40:25 UTC |
