[PR #109] [MERGED] Bump pycryptodomex from 3.12.0 to 3.13.0 #159

New issue

Closed

opened 2026-02-27 08:12:09 +03:00 by kerem · 0 comments

kerem commented

2026-02-27 08:12:09 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/kokarare1212/librespot-python/pull/109
Author: @dependabot[bot]
Created: 1/24/2022
Status: ✅ Merged
Merged: 1/24/2022
Merged by: @kokarare1212

Base: rewrite ← Head: dependabot/pip/pycryptodomex-3.13.0

📝 Commits (1)

24f0db3 Bump pycryptodomex from 3.12.0 to 3.13.0

📊 Changes

1 file changed (+1 additions, -1 deletions)

View changed files

📝 requirements.txt (+1 -1)

📄 Description

Bumps pycryptodomex from 3.12.0 to 3.13.0.

Changelog

Sourced from pycryptodomex's changelog.

3.13.0 (23 January 2022) ++++++++++++++++++++++++++

New features

Add support for curve NIST P-224.

Resolved issues

GH#590: Fixed typing info for Crypto.PublicKey.ECC.

Other changes

Relaxed ECDSA requirements for FIPS 186 signatures and accept any SHA-2 or SHA-3 hash. sign() and verify() will be performed even if the hash is stronger than the ECC key.

Commits

960f14d Bump version
d73b27c Allow truncated SHA-512 to be used with ECDSA FIPS 186
93ff33e Detect if public key is used to sign in DSS
aa0f6d2 Allow all SHA-2 or SHA-3 hashes for ECDSA FIPS 186
074b620 Add support for P-224
fb31be7 Update to ECDSA docs
b1cac0e Fix GH#591: missing variable in AES example
feccaac Fix GH#590: fixed typing info for ECC
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/kokarare1212/librespot-python/pull/109 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 1/24/2022 **Status:** ✅ Merged **Merged:** 1/24/2022 **Merged by:** [@kokarare1212](https://github.com/kokarare1212) **Base:** `rewrite` ← **Head:** `dependabot/pip/pycryptodomex-3.13.0` --- ### 📝 Commits (1) - [`24f0db3`](https://github.com/kokarare1212/librespot-python/commit/24f0db321928d03a8c27d4ffeb325a14937acc3e) Bump pycryptodomex from 3.12.0 to 3.13.0 ### 📊 Changes **1 file changed** (+1 additions, -1 deletions) <details> <summary>View changed files</summary> 📝 `requirements.txt` (+1 -1) </details> ### 📄 Description Bumps [pycryptodomex](https://github.com/Legrandin/pycryptodome) from 3.12.0 to 3.13.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst">pycryptodomex's changelog</a>.</em></p> <blockquote> <p>3.13.0 (23 January 2022) ++++++++++++++++++++++++++</p> <h2>New features</h2> <ul> <li>Add support for curve NIST P-224.</li> </ul> <h2>Resolved issues</h2> <ul> <li>GH#590: Fixed typing info for <code>Crypto.PublicKey.ECC</code>.</li> </ul> <h2>Other changes</h2> <ul> <li>Relaxed ECDSA requirements for FIPS 186 signatures and accept any SHA-2 or SHA-3 hash. <code>sign()</code> and <code>verify()</code> will be performed even if the hash is stronger than the ECC key.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/Legrandin/pycryptodome/commit/960f14d12339e721af1e2b20a557000d7189116b"><code>960f14d</code></a> Bump version</li> <li><a href="https://github.com/Legrandin/pycryptodome/commit/d73b27c93ce744449f1b3e64bcc3a8ae616e723f"><code>d73b27c</code></a> Allow truncated SHA-512 to be used with ECDSA FIPS 186</li> <li><a href="https://github.com/Legrandin/pycryptodome/commit/93ff33ec4c1c90460fbc717c5ab90b88160ee180"><code>93ff33e</code></a> Detect if public key is used to sign in DSS</li> <li><a href="https://github.com/Legrandin/pycryptodome/commit/aa0f6d2dd3dbf358fc14800ff5df2f0daccb62f3"><code>aa0f6d2</code></a> Allow all SHA-2 or SHA-3 hashes for ECDSA FIPS 186</li> <li><a href="https://github.com/Legrandin/pycryptodome/commit/074b620d6588c49f3de54f1c0e80eb926f4509d6"><code>074b620</code></a> Add support for P-224</li> <li><a href="https://github.com/Legrandin/pycryptodome/commit/fb31be733a2a9966f0a2032065ee6ef14f5517de"><code>fb31be7</code></a> Update to ECDSA docs</li> <li><a href="https://github.com/Legrandin/pycryptodome/commit/b1cac0eea429200e3b236224df341252161c7945"><code>b1cac0e</code></a> Fix GH#591: missing variable in AES example</li> <li><a href="https://github.com/Legrandin/pycryptodome/commit/feccaacbab3effade846436f453942d81db1dfdb"><code>feccaac</code></a> Fix GH#590: fixed typing info for ECC</li> <li>See full diff in <a href="https://github.com/Legrandin/pycryptodome/compare/v3.12.0...v3.13.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pycryptodomex&package-manager=pip&previous-version=3.12.0&new-version=3.13.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>