Skip to content

Bump the pip group across 2 directories with 4 updates#987

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/scripts/pip-3edbaf7d59
Closed

Bump the pip group across 2 directories with 4 updates#987
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/scripts/pip-3edbaf7d59

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Mar 30, 2026

Bumps the pip group with 4 updates in the /scripts directory: authlib, cryptography, ecdsa and requests.
Bumps the pip group with 4 updates in the /sdk directory: authlib, cryptography, ecdsa and requests.

Updates authlib from 1.3.1 to 1.6.9

Release notes

Sourced from authlib's releases.

v1.6.9

Full Changelog: authlib/authlib@v1.6.8...v1.6.9

Changes in jose module

  • Not using header's jwk automatically
  • Add ES256K into default jwt algorithms
  • Remove deprecated algorithm from default registry
  • Generate random cek when cek length doesn't match

v1.6.8

Full Changelog: authlib/authlib@v1.6.7...v1.6.8

  • Add EdDSA to default jwt instance.

v1.6.7

Full Changelog: authlib/authlib@v1.6.6...v1.6.7

Set supported algorithms for the default jwt instance.

v1.6.6

What's Changed

New Contributors

Full Changelog: authlib/authlib@v1.6.5...v1.6.6

v1.6.5

What's Changed

New Contributors

Full Changelog: authlib/authlib@v1.6.4...v1.6.5

v1.6.4

What's Changed

... (truncated)

Commits
  • 9266eaa chore: release 1.6.9
  • b9bb2b2 fix(oidc): fail close at validating c_hash and at_hash
  • 1b0a1d9 fix(jose): generate random cek when cek length doesn't match
  • 5be3c51 fix(jose): add ES256K into default jwt algorithms
  • 48b345f fix(jose): remove deprecated algorithm from default registry
  • a5d4b2d fix(jose): do not use header's jwk automatically
  • a769f34 chore: release 1.6.8
  • 84f3fa2 fix: add EdDSA to default jwt algorithms
  • 38e872a chore: release 1.6.7
  • b87c32e fix: remove "none" algorithm from default jwt instance
  • Additional commits viewable in compare view

Updates cryptography from 43.0.0 to 46.0.6

Changelog

Sourced from cryptography's changelog.

46.0.6 - 2026-03-25


* **SECURITY ISSUE**: Fixed a bug where name constraints were not applied
  to peer names during verification when the leaf certificate contains a
  wildcard DNS SAN. Ordinary X.509 topologies are not affected by this bug,
  including those used by the Web PKI. Credit to **Oleh Konko (1seal)** for
  reporting the issue. **CVE-2026-34073**

.. _v46-0-5:


46.0.5 - 2026-02-10

  • An attacker could create a malicious public key that reveals portions of your private key when using certain uncommon elliptic curves (binary curves). This version now includes additional security checks to prevent this attack. This issue only affects binary elliptic curves, which are rarely used in real-world applications. Credit to XlabAI Team of Tencent Xuanwu Lab and Atuin Automated Vulnerability Discovery Engine for reporting the issue. CVE-2026-26007
  • Support for SECT* binary elliptic curves is deprecated and will be removed in the next release.

.. v46-0-4:

46.0.4 - 2026-01-27


* `Dropped support for win_arm64 wheels`_.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.5.

.. _v46-0-3:


46.0.3 - 2025-10-15

  • Fixed compilation when using LibreSSL 4.2.0.

.. _v46-0-2:

46.0.2 - 2025-09-30


* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.4.

.. _v46-0-1:


46.0.1 - 2025-09-16

... (truncated)

Commits

Updates ecdsa from 0.19.0 to 0.19.2

Release notes

Sourced from ecdsa's releases.

0.19.2

Bug fixes:

  • Fix CVE-2026-33936, a DER parsing issue in remove_octet_string(), remove_constructed(), and remove_implitic() where a truncated buffer wasn't detected. This can lead to high level functions, like SigningKey.from_der() to raise unexpected exceptions. (Mohamed Abdelaal (0xmrma))

Maintenance:

  • Update CI to use newer version of Ubuntu.

ecdsa 0.19.1

New API:

  • der.remove_implicit and der.encode_implicit for decoding and encoding DER IMPLICIT values with custom tag values and arbitrary classes

Bug fixes:

  • Minor fixes around arithmetic with curves that have non-prime order (useful for experimentation, not practical deployments)
  • Fix arithmetic to work with curves that have (0, 0) on the curve
  • Fix canonicalization of signatures when s is just slightly above half of curve order

Maintenance:

  • Dropped official support for Python 3.5 (again, issues with CI, support for Python 2.6 and Python 2.7 is unchanged)
  • Officially support Python 3.12 and 3.13 (add them to CI)
  • Removal of few more unnecessary six.b literals (Alexandre Detiste)
  • Fix typos in warning messages
Changelog

Sourced from ecdsa's changelog.

  • Release 0.19.2 (26 Mar 2026)

Bug fixes:

  • Fix CVE-2026-33936, a DER parsing issue in remove_octet_string(), remove_constructed(), and remove_implitic() where a truncated buffer wasn't detected. This can lead to high level functions, like SigningKey.from_der() to raise unexpected exceptions. (Mohamed Abdelaal (0xmrma))

Maintenance:

  • Update CI to use newer version of Ubuntu.

  • Release 0.19.1 (13 Mar 2025)

New API:

  • der.remove_implitic and der.encode_implicit for decoding and encoding DER IMPLICIT values with custom tag values and arbitrary classes

Bug fixes:

  • Minor fixes around arithmetic with curves that have non-prime order (useful for experimentation, not practical deployments)
  • Fix arithmetic to work with curves that have (0, 0) on the curve
  • Fix canonicalization of signatures when s is just slightly above half of curve order

Maintenance:

  • Dropped official support for Python 3.5 (again, issues with CI, support for Python 2.6 and Python 2.7 is unchanged)

  • Officialy support Python 3.12 and 3.13 (add them to CI)

  • Removal of few more unnecessary six.b literals (Alexandre Detiste)

  • Fix typos in warning messages

  • Release 0.19.0 (08 Apr 2024)

New API:

  • to_ssh in VerifyingKey and SigningKey, supports Ed25519 keys only (Pablo Mazzini)

New features:

  • Support for twisted Brainpool curves

Doc fix:

  • Fix curve equation in glossary
  • Documentation for signature encoding and signature decoding functions

Maintenance:

  • Dropped official support for 3.3 and 3.4 (because of problems running them in CI, not because it's actually incompatible; support for 2.6 and 2.7 is

... (truncated)

Commits
  • bd66899 Merge commit from fork
  • 9c046ee tests: reject truncated DER lengths
  • acc40fd der: reject truncated lengths in octet/implicit/constructed
  • 55aca78 Merge pull request #363 from gstarovo/ubuntu20-deprecation
  • c4f0df1 chore: change to ubuntu-22 since u-20 is deprecated
  • 2a6593d Merge pull request #359 from tlsfuzzer/release-0.19.1
  • 658ddc8 add release notes for 0.19.1 release
  • 3c5df06 Merge pull request #358 from tlsfuzzer/high-s-values
  • b6d43c6 use integer division for canonicalization of signatures
  • aa81ba3 Merge pull request #357 from tlsfuzzer/new-badge
  • Additional commits viewable in compare view

Updates requests from 2.32.3 to 2.33.0

Release notes

Sourced from requests's releases.

v2.33.0

2.33.0 (2026-03-25)

Announcements

  • 📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at #7271. Give it a try, and report any gaps or feedback you may have in the issue. 📣

Security

  • CVE-2026-25645 requests.utils.extract_zipped_paths now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.

Improvements

  • Migrated to a PEP 517 build system using setuptools. (#7012)

Bugfixes

  • Fixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (#7205)

Deprecations

  • Dropped support for Python 3.9 following its end of support. (#7196)

Documentation

  • Various typo fixes and doc improvements.

New Contributors

Full Changelog: https://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25

v2.32.5

2.32.5 (2025-08-18)

Bugfixes

  • The SSLContext caching feature originally introduced in 2.32.0 has created a new class of issues in Requests that have had negative impact across a number of use cases. The Requests team has decided to revert this feature as long term maintenance of it is proving to be unsustainable in its current iteration.

Deprecations

  • Added support for Python 3.14.
  • Dropped support for Python 3.8 following its end of support.

v2.32.4

2.32.4 (2025-06-10)

... (truncated)

Changelog

Sourced from requests's changelog.

2.33.0 (2026-03-25)

Announcements

  • 📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at #7271. Give it a try, and report any gaps or feedback you may have in the issue. 📣

Security

  • CVE-2026-25645 requests.utils.extract_zipped_paths now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.

Improvements

  • Migrated to a PEP 517 build system using setuptools. (#7012)

Bugfixes

  • Fixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (#7205)

Deprecations

  • Dropped support for Python 3.9 following its end of support. (#7196)

Documentation

  • Various typo fixes and doc improvements.

2.32.5 (2025-08-18)

Bugfixes

  • The SSLContext caching feature originally introduced in 2.32.0 has created a new class of issues in Requests that have had negative impact across a number of use cases. The Requests team has decided to revert this feature as long term maintenance of it is proving to be unsustainable in its current iteration.

Deprecations

  • Added support for Python 3.14.
  • Dropped support for Python 3.8 following its end of support.

2.32.4 (2025-06-10)

Security

  • CVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted environment will retrieve credentials for the wrong hostname/machine from a netrc file.

... (truncated)

Commits
  • bc04dfd v2.33.0
  • 66d21cb Merge commit from fork
  • 8b9bc8f Move badges to top of README (#7293)
  • e331a28 Remove unused extraction call (#7292)
  • 753fd08 docs: fix FAQ grammar in httplib2 example
  • 774a0b8 docs(socks): same block as other sections
  • 9c72a41 Bump github/codeql-action from 4.33.0 to 4.34.1
  • ebf7190 Bump github/codeql-action from 4.32.0 to 4.33.0
  • 0e4ae38 docs: exclude Response.is_permanent_redirect from API docs (#7244)
  • d568f47 docs: clarify Quickstart POST example (#6960)
  • Additional commits viewable in compare view

Updates authlib from 1.3.2 to 1.6.9

Release notes

Sourced from authlib's releases.

v1.6.9

Full Changelog: authlib/authlib@v1.6.8...v1.6.9

Changes in jose module

  • Not using header's jwk automatically
  • Add ES256K into default jwt algorithms
  • Remove deprecated algorithm from default registry
  • Generate random cek when cek length doesn't match

v1.6.8

Full Changelog: authlib/authlib@v1.6.7...v1.6.8

  • Add EdDSA to default jwt instance.

v1.6.7

Full Changelog: authlib/authlib@v1.6.6...v1.6.7

Set supported algorithms for the default jwt instance.

v1.6.6

What's Changed

New Contributors

Full Changelog: authlib/authlib@v1.6.5...v1.6.6

v1.6.5

What's Changed

New Contributors

Full Changelog: authlib/authlib@v1.6.4...v1.6.5

v1.6.4

What's Changed

... (truncated)

Commits
  • 9266eaa chore: release 1.6.9
  • b9bb2b2 fix(oidc): fail close at validating c_hash and at_hash
  • 1b0a1d9 fix(jose): generate random cek when cek length doesn't match
  • 5be3c51 fix(jose): add ES256K into default jwt algorithms
  • 48b345f fix(jose): remove deprecated algorithm from default registry
  • a5d4b2d fix(jose): do not use header's jwk automatically
  • a769f34 chore: release 1.6.8
  • 84f3fa2 fix: add EdDSA to default jwt algorithms
  • 38e872a chore: release 1.6.7
  • b87c32e fix: remove "none" algorithm from default jwt instance
  • Additional commits viewable in compare view

Updates cryptography from 43.0.0 to 46.0.6

Changelog

Sourced from cryptography's changelog.

46.0.6 - 2026-03-25


* **SECURITY ISSUE**: Fixed a bug where name constraints were not applied
  to peer names during verification when the leaf certificate contains a
  wildcard DNS SAN. Ordinary X.509 topologies are not affected by this bug,
  including those used by the Web PKI. Credit to **Oleh Konko (1seal)** for
  reporting the issue. **CVE-2026-34073**

.. _v46-0-5:


46.0.5 - 2026-02-10

  • An attacker could create a malicious public key that reveals portions of your private key when using certain uncommon elliptic curves (binary curves). This version now includes additional security checks to prevent this attack. This issue only affects binary elliptic curves, which are rarely used in real-world applications. Credit to XlabAI Team of Tencent Xuanwu Lab and Atuin Automated Vulnerability Discovery Engine for reporting the issue. CVE-2026-26007
  • Support for SECT* binary elliptic curves is deprecated and will be removed in the next release.

.. v46-0-4:

46.0.4 - 2026-01-27


* `Dropped support for win_arm64 wheels`_.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.5.

.. _v46-0-3:


46.0.3 - 2025-10-15

  • Fixed compilation when using LibreSSL 4.2.0.

.. _v46-0-2:

46.0.2 - 2025-09-30


* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.4.

.. _v46-0-1:


46.0.1 - 2025-09-16

... (truncated)

Commits

Updates ecdsa from 0.19.0 to 0.19.2

Release notes

Sourced from ecdsa's releases.

0.19.2

Bug fixes:

  • Fix CVE-2026-33936, a DER parsing issue in remove_octet_string(), remove_constructed(), and remove_implitic() where a truncated buffer wasn't detected. This can lead to high level functions, like SigningKey.from_der() to raise unexpected exceptions. (Mohamed Abdelaal (0xmrma))

Maintenance:

  • Update CI to use newer version of Ubuntu.

ecdsa 0.19.1

New API:

  • der.remove_implicit and der.encode_implicit for decoding and encoding DER IMPLICIT values with custom tag values and arbitrary classes

Bug fixes:

  • Minor fixes around arithmetic with curves that have non-prime order (useful for experimentation, not practical deployments)
  • Fix arithmetic to work with curves that have (0, 0) on the curve
  • Fix canonicalization of signatures when s is just slightly above half of curve order

Maintenance:

  • Dropped official support for Python 3.5 (again, issues with CI, support for Python 2.6 and Python 2.7 is unchanged)
  • Officially support Python 3.12 and 3.13 (add them to CI)
  • Removal of few more unnecessary six.b literals (Alexandre Detiste)
  • Fix typos in warning messages
Changelog

Sourced from ecdsa's changelog.

  • Release 0.19.2 (26 Mar 2026)

Bug fixes:

  • Fix CVE-2026-33936, a DER parsing issue in remove_octet_string(), remove_constructed(), and remove_implitic() where a truncated buffer wasn't detected. This can lead to high level functions, like SigningKey.from_der() to raise unexpected exceptions. (Mohamed Abdelaal (0xmrma))

Maintenance:

  • Update CI to use newer version of Ubuntu.

  • Release 0.19.1 (13 Mar 2025)

New API:

  • der.remove_implitic and der.encode_implicit for decoding and encoding DER IMPLICIT values with custom tag values and arbitrary classes

Bug fixes:

  • Minor fixes around arithmetic with curves that have non-prime order (useful for experimentation, not practical deployments)
  • Fix arithmetic to work with curves that have (0, 0) on the curve
  • Fix canonicalization of signatures when s is just slightly above half of curve order

Maintenance:

  • Dropped official support for Python 3.5 (again, issues with CI, support for Python 2.6 and Python 2.7 is unchanged)

  • Officialy support Python 3.12 and 3.13 (add them to CI)

  • Removal of few more unnecessary six.b literals (Alexandre Detiste)

  • Fix typos in warning messages

  • Release 0.19.0 (08 Apr 2024)

New API:

  • to_ssh in VerifyingKey and SigningKey, supports Ed25519 keys only (Pablo Mazzini)

New features:

  • Support for twisted Brainpool curves

Doc fix:

  • Fix curve equation in glossary
  • Documentation for signature encoding and signature decoding functions

Maintenance:

  • Dropped official support for 3.3 and 3.4 (because of problems running them in CI, not because it's actually incompatible; support for 2.6 and 2.7 is

... (truncated)

Commits
  • bd66899 Merge commit from fork
  • 9c046ee tests: reject truncated DER lengths
  • acc40fd der: reject truncated lengths in octet/implicit/constructed
  • 55aca78 Merge pull request #363 from gstarovo/ubuntu20-deprecation
  • c4f0df1 chore: change to ubuntu-22 since u-20 is deprecated
  • 2a6593d Merge pull request #359 from tlsfuzzer/release-0.19.1
  • 658ddc8 add release notes for 0.19.1 release
  • 3c5df06 Merge pull request #358 from tlsfuzzer/high-s-values
  • b6d43c6 use integer division for canonicalization of signatures
  • aa81ba3 Merge pull request #357 from tlsfuzzer/new-badge
  • Additional commits viewable in compare view

Updates requests from 2.32.3 to 2.33.0

Release notes

Sourced from requests's releases.

v2.33.0

2.33.0 (2026-03-25)

Announcements

  • 📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at #7271. Give it a try, and report any gaps or feedback you may have in the issue. 📣

Security

  • CVE-2026-25645 requests.utils.extract_zipped_paths now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.

Improvements

  • Migrated to a PEP 517 build system using setuptools. (#7012)

Bugfixes

  • Fixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (#7205)

Deprecations

  • Dropped support for Python 3.9 following its end of support. (#7196)

Documentation

  • Various typo fixes and doc improvements.

New Contributors

Full Changelog: https://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25

v2.32.5

2.32.5 (2025-08-18)

Bugfixes

  • The SSLContext caching feature originally introduced in 2.32.0 has created a new class of issues in Requests that have had negative impact across a number of use cases. The Requests team has decided to revert this feature as long term maintenance of it is proving to be unsustainable in its current iteration.

Deprecations

  • Added support for Python 3.14.
  • Dropped support for Python 3.8 following its end of support.

v2.32.4

2.32.4 (2025-06-10)

... (truncated)

Changelog

Sourced from requests's changelog.

2.33.0 (2026-03-25)

Announcements

  • 📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at #7271. Give it a try, and report any gaps or feedback you may have in the issue. 📣

Security

  • CVE-2026-25645 requests.utils.extract_zipped_paths now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.

Improvements

  • Migrated to a PEP 517 build system using setuptools. (#7012)

Bugfixes

  • Fixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (#7205)

Deprecations

  • Dropped support for Python 3.9 following its end of support. (#7196)

Documentation

  • Various typo fixes and doc improvements.

2.32.5 (2025-08-18)

Bugfixes

  • The SSLContext caching feature originally introduced in 2.32.0 has created a new class of issues in Requests that have had negative impact across a number of use cases. The Requests team has decided to revert this feature as long term maintenance of it is proving to be unsustainable in its current iteration.

Deprecations

  • Added support for Python 3.14.
  • Dropped support for Python 3.8 following its end of support.

2.32.4 (2025-06-10)

Security

  • CVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted environment will retrieve credentials for the wrong hostname/machine from a netrc file.

... (truncated)

Commits
  • bc04dfd v2.33.0
  • 66d21cb Merge commit from fork
  • 8b9bc8f Move badges to top of README (#7293)
  • e331a28 Remove unused extraction call (#7292)
  • 753fd08 docs: fix FAQ grammar in httplib2 example
  • 774a0b8 docs(socks): same block as other sections
  • 9c72a41 Bump github/codeql-action from 4.33.0 to 4.34.1
  • ebf7190 Bump github/codeql-action from 4.32.0 to 4.33.0
  • 0e4ae38 docs: exclude Response.is_permanent_redirect from API docs (#7244)
  • d568f47 docs: clarify Quickstart POST example (#6960)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump the pip group across 2 directories with 4 updates
9ec886c 
Bumps the pip group with 4 updates in the /scripts directory: [authlib](https://github.com/authlib/authlib), [cryptography](https://github.com/pyca/cryptography), [ecdsa](https://github.com/tlsfuzzer/python-ecdsa) and [requests](https://github.com/psf/requests).
Bumps the pip group with 4 updates in the /sdk directory: [authlib](https://github.com/authlib/authlib), [cryptography](https://github.com/pyca/cryptography), [ecdsa](https://github.com/tlsfuzzer/python-ecdsa) and [requests](https://github.com/psf/requests).


Updates `authlib` from 1.3.1 to 1.6.9
- [Release notes](https://github.com/authlib/authlib/releases)
- [Commits](authlib/authlib@v1.3.1...v1.6.9)

Updates `cryptography` from 43.0.0 to 46.0.6
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](pyca/cryptography@43.0.0...46.0.6)

Updates `ecdsa` from 0.19.0 to 0.19.2
- [Release notes](https://github.com/tlsfuzzer/python-ecdsa/releases)
- [Changelog](https://github.com/tlsfuzzer/python-ecdsa/blob/master/NEWS)
- [Commits](tlsfuzzer/python-ecdsa@python-ecdsa-0.19.0...python-ecdsa-0.19.2)

Updates `requests` from 2.32.3 to 2.33.0
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](psf/requests@v2.32.3...v2.33.0)

Updates `authlib` from 1.3.2 to 1.6.9
- [Release notes](https://github.com/authlib/authlib/releases)
- [Commits](authlib/authlib@v1.3.1...v1.6.9)

Updates `cryptography` from 43.0.0 to 46.0.6
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](pyca/cryptography@43.0.0...46.0.6)

Updates `ecdsa` from 0.19.0 to 0.19.2
- [Release notes](https://github.com/tlsfuzzer/python-ecdsa/releases)
- [Changelog](https://github.com/tlsfuzzer/python-ecdsa/blob/master/NEWS)
- [Commits](tlsfuzzer/python-ecdsa@python-ecdsa-0.19.0...python-ecdsa-0.19.2)

Updates `requests` from 2.32.3 to 2.33.0
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](psf/requests@v2.32.3...v2.33.0)

---
updated-dependencies:
- dependency-name: authlib
  dependency-version: 1.6.9
  dependency-type: indirect
  dependency-group: pip
- dependency-name: cryptography
  dependency-version: 46.0.6
  dependency-type: indirect
  dependency-group: pip
- dependency-name: ecdsa
  dependency-version: 0.19.2
  dependency-type: indirect
  dependency-group: pip
- dependency-name: requests
  dependency-version: 2.33.0
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: authlib
  dependency-version: 1.6.9
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: cryptography
  dependency-version: 46.0.6
  dependency-type: indirect
  dependency-group: pip
- dependency-name: ecdsa
  dependency-version: 0.19.2
  dependency-type: indirect
  dependency-group: pip
- dependency-name: requests
  dependency-version: 2.33.0
  dependency-type: indirect
  dependency-group: pip
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Mar 30, 2026
@dependabot dependabot Bot mentioned this pull request Mar 30, 2026
Closed
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Mar 30, 2026

Superseded by #988.

@dependabot dependabot Bot closed this Mar 30, 2026
@dependabot dependabot Bot deleted the dependabot/pip/scripts/pip-3edbaf7d59 branch March 30, 2026 17:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants