Skip to content

chore(deps): update cryptography to ==46.0.7 to fix security vulnerabilities#14190

Draft
angelcaamal wants to merge 2 commits into
GoogleCloudPlatform:mainfrom
angelcaamal:security/patch-cryptography-vulnerability
Draft

chore(deps): update cryptography to ==46.0.7 to fix security vulnerabilities#14190
angelcaamal wants to merge 2 commits into
GoogleCloudPlatform:mainfrom
angelcaamal:security/patch-cryptography-vulnerability

Conversation

@angelcaamal
Copy link
Copy Markdown
Contributor

@angelcaamal angelcaamal commented May 15, 2026
edited
Loading

Description

Fixes #

Note: Before submitting a pull request, please open an issue for discussion if you are not associated with Google.

Checklist

@product-auto-label product-auto-label Bot added samples Issues that are directly related to samples. api: cloudkms Issues related to the Cloud Key Management Service API. api: compute Issues related to the Compute Engine API. api: edgecache Issues related to the Media CDN API. api: run Issues related to the Cloud Run API. api: security-privateca Issues related to the Certificate Authority Service API. labels May 15, 2026
gemini-code-assist[bot]
gemini-code-assist Bot reviewed May 15, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@gemini-code-assist gemini-code-assist Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request updates the cryptography dependency from version 45.0.1 to >=46.0.7 across several requirements files. The reviewer recommends pinning the version to exactly 46.0.7 using the == operator instead of >= to ensure reproducible builds and maintain consistency with other pinned dependencies in the project.

Comment thread compute/encryption/requirements.txt Outdated
Comment thread kms/attestations/requirements.txt Outdated
Comment thread kms/snippets/requirements.txt Outdated
Comment thread media_cdn/requirements.txt Outdated
Comment thread privateca/snippets/requirements-test.txt Outdated
@angelcaamal angelcaamal changed the title chore(deps): update cryptography to >=46.0.7 to fix security vulnerabilities chore(deps): update cryptography to ==46.0.7 to fix security vulnerabilities May 15, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

api: cloudkms Issues related to the Cloud Key Management Service API. api: compute Issues related to the Compute Engine API. api: edgecache Issues related to the Media CDN API. api: run Issues related to the Cloud Run API. api: security-privateca Issues related to the Certificate Authority Service API. samples Issues that are directly related to samples.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@angelcaamal