diff options
author | Shahar Naveh <50263213+ShaharNaveh@users.noreply.github.com> | 2022-07-08 22:57:48 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-07-08 22:57:48 +0300 |
commit | b9f6c3e5b68835a03bcf61ddd0bfbf5ad559c80c (patch) | |
tree | c560d0376d27855d6e42b316a03cdd350dcea045 | |
parent | 184e087edf5d440c996981c2975cb8518e08e779 (diff) |
DEP: Pin version of cryptography (#9339)
* DEP: Pin version of cryptography
* Added myself to authors:)
Co-authored-by: Shahar Naveh <>
-rw-r--r-- | AUTHORS.md | 1 | ||||
-rw-r--r-- | tools/pinning/current/pyproject.toml | 5 |
2 files changed, 6 insertions, 0 deletions
diff --git a/AUTHORS.md b/AUTHORS.md index 9e92568c5..95e63459b 100644 --- a/AUTHORS.md +++ b/AUTHORS.md @@ -289,3 +289,4 @@ Authors * [Yuseong Cho](https://github.com/g6123) * [Zach Shepherd](https://github.com/zjs) * [陈三](https://github.com/chenxsan) +* [Shahar Naveh](https://github.com/ShaharNaveh) diff --git a/tools/pinning/current/pyproject.toml b/tools/pinning/current/pyproject.toml index 3021d2956..5802f87f1 100644 --- a/tools/pinning/current/pyproject.toml +++ b/tools/pinning/current/pyproject.toml @@ -75,6 +75,11 @@ setuptools-rust = "*" # https://github.com/python-poetry/poetry-core/commit/4e1f2ab582d1fef0033c0d3f35a3f2f2365a4bc9 pylint = ">2.6.2" +# Bug in poetry, where still installes yanked versions from pypi (source: https://github.com/python-poetry/poetry/issues/2453) +# this version of cryptography intreduced a security vulnrability. +# Making sure that it would not get installed (Fixing https://github.com/certbot/certbot/issues/9336) +cryptography = "!= 37.0.3" + [tool.poetry.dev-dependencies] [build-system] |