Bump cryptography to avoid security alerts

Based on the Dependabot the cryptography has two minor security alerts which can be solved by upgrading the version. Because the cryptography package is dependency only for Ansible plugin, this commit will move it the plugin setup. Reference: #5769 Signed-off-by: Jan Richter <jarichte@redhat.com>
avocado-framework · Oct 26, 2023 · 0fb8d41 · 0fb8d41
1 parent dc0ff7b
commit 0fb8d41
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 4 deletions.
diff --git a/optional_plugins/ansible/setup.py b/optional_plugins/ansible/setup.py
@@ -36,7 +36,12 @@
     url="http://avocado-framework.github.io/",
     packages=packages,
     include_package_data=True,
-    install_requires=[f"avocado-framework=={VERSION}", "ansible-core"],
+    install_requires=[
+        f"avocado-framework=={VERSION}",
+        "cffi",
+        "pycparser",
+        "ansible-core",
+    ],
     test_suite="tests",
     entry_points={
         "console_scripts": [

diff --git a/requirements-dev.txt b/requirements-dev.txt
@@ -30,6 +30,3 @@ jsonschema==3.2.0
 
 # For ansible plugin nested dep, compatible with Python 3.6
 setuptools_rust==1.1.2
-
-# For ansible plugin nested dep
-cryptography==41.0.2