Conversation
Bumps [cryptography](https://github.com/pyca/cryptography) from 46.0.5 to 46.0.6. - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](pyca/cryptography@46.0.5...46.0.6) --- updated-dependencies: - dependency-name: cryptography dependency-version: 46.0.6 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
dependencies
dependabot
bot
requested review from
DanielMicrosoft,
ReaNAiveD,
bebound,
jiasli,
necusjz and
yonzhan
as code owners
️✔️AzureCLI-FullTest
|
|
Hi @dependabot[bot], |
️✔️AzureCLI-BreakingChangeTest
|
|
Thank you for your contribution! We will review the pull request and get back to you soon. |
|
The git hooks are available for azure-cli and azure-cli-extensions repos. They could help you run required checks before creating the PR. Please sync the latest code with latest dev branch (for azure-cli) or main branch (for azure-cli-extensions). pip install azdev --upgrade
azdev setup -c <your azure-cli repo path> -r <your azure-cli-extensions repo path>
|
microsoft-github-policy-service
bot
added
the
customer-reported
|
Thank you for your contribution @dependabot[bot]! We will review the pull request and get back to you soon. |
bebound
changed the title
There was a problem hiding this comment.
Pull request overview
Updates Azure CLI’s pinned cryptography dependency to address a reported security issue (CVE-2026-34073) by bumping the version across all OS-specific requirement pin files.
Changes:
- Bump
cryptographyfrom46.0.5to46.0.6on Windows. - Bump
cryptographyfrom46.0.5to46.0.6on Linux. - Bump
cryptographyfrom46.0.5to46.0.6on macOS.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| src/azure-cli/requirements.py3.windows.txt | Updates pinned cryptography version for Windows packaging/runtime. |
| src/azure-cli/requirements.py3.Linux.txt | Updates pinned cryptography version for Linux packaging/runtime. |
| src/azure-cli/requirements.py3.Darwin.txt | Updates pinned cryptography version for macOS packaging/runtime. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| chardet==5.2.0 | ||
| colorama==0.4.6 | ||
| cryptography==46.0.5 | ||
| cryptography==46.0.6 |
There was a problem hiding this comment.
PR metadata appears inconsistent: the title uses "{Packaging}" (non-customer-facing), but the description includes a customer-facing history note "[Core] Resolve CVE-2026-34073". If this change should generate a history note, the title likely needs to use the "[Core] ..." format; otherwise consider removing/adjusting the history note section in the description.
dependabot
bot
deleted the
dependabot/pip/src/azure-cli/cryptography-46.0.6
branch
Bumps cryptography from 46.0.5 to 46.0.6.
History Notes
[Core] Resolve CVE-2026-34073