Skip to content

chore(deps): Update argon2-cffi requirement from ~=23.1 to ~=25.1 in the all-dependencies group#25

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/pip/all-dependencies-d4a059d89f
Open

chore(deps): Update argon2-cffi requirement from ~=23.1 to ~=25.1 in the all-dependencies group#25
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/pip/all-dependencies-d4a059d89f

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 1, 2026

Updates the requirements on argon2-cffi to permit the latest version.
Updates argon2-cffi to 25.1.0

Release notes

Sourced from argon2-cffi's releases.

25.1.0

Highlights

This release is mostly about smoothing out packaging metadata and improve support for Pyodide / WebAssembly environments.

Full changelog below!

Special Thanks

This release would not be possible without my generous sponsors! Thank you to all of you making sustainable maintenance possible! If you would like to join them, go to https://github.com/sponsors/hynek and check out the sweet perks!

Above and Beyond

Variomedia AG (@variomedia), Tidelift (@tidelift), Klaviyo (@klaviyo), Privacy Solutions GmbH (@privacy-solutions), FilePreviews (@filepreviews), Doist (@Doist), nate nowack (@zzstoatzz), Daniel Fortunov (@asqui), and Kevin P. Fleming (@kpfleming).

Maintenance Sustainers

Buttondown (@buttondown), Christopher Dignam (@chdsbd), Magnus Watn (@magnuswatn), David Cramer (@dcramer), Jesse Snyder (@jessesnyder), Rivo Laks (@rivol), Polar (@polarsource), Mike Fiedler (@miketheman), Duncan Hill (@cricalix), Colin Marquardt (@cmarqu), Pieter Swinkels (@swinkels), Nick Libertini (@libertininick), Brian M. Dennis (@crossjam), Moving Content AG (@moving-content), ProteinQure (@ProteinQure), The Westervelt Company (@westerveltco), Sławomir Ehlert (@slafs), Mostafa Khalil (@khadrawy), Filip Mularczyk (@mukiblejlok), Thomas Klinger (@thmsklngr), Andreas Poehlmann (@ap--), August Trapper Bigelow (@atbigelow), Carlton Gibson (@carltongibson), and Roboflow (@roboflow).

Not to forget 14 more amazing humans who chose to be generous but anonymous!

Full Changelog

Added

  • Official support for Python 3.13 and 3.14. No code changes were necessary.

Removed

  • Python 3.7 is not supported anymore. #186

Changed

  • argon2.PasswordHasher.check_needs_rehash() now also accepts bytes like the rest of the API. #174

  • Improved parameter compatibility handling for Pyodide / WebAssembly environments. #190

This release contains contributions from @​alarmfox, @​hynek, @​isidroas, @​ngoldbaum, @​peterc-s, and @​twm.

Artifact Attestations

You can verify this release's artifact attestions using GitHub's CLI tool by downloading the sdist and wheel from PyPI and running:

... (truncated)

Changelog

Sourced from argon2-cffi's changelog.

25.1.0 - 2025-06-03

Added

  • Official support for Python 3.13 and 3.14. No code changes were necessary.

Removed

  • Python 3.7 and 3.8 are not supported anymore. #186

Changed

  • argon2.PasswordHasher.check_needs_rehash() now also accepts bytes like the rest of the API. #174

  • Improved parameter compatibility handling for Pyodide / WebAssembly environments. #190

23.1.0 - 2023-08-15

Removed

  • Python 3.6 is not supported anymore.

Deprecated

  • The InvalidHash exception is deprecated in favor of InvalidHashError. No plans for removal currently exist and the names can (but shouldn't) be used interchangeably.

  • argon2.hash_password(), argon2.hash_password_raw(), and argon2.verify_password() that have been soft-deprecated since 2016 are now hard-deprecated. They now raise DeprecationWarnings and will be removed in 2024.

Added

  • Official support for Python 3.11 and 3.12. No code changes were necessary.

  • argon2.exceptions.InvalidHashError as a replacement for InvalidHash.

  • salt parameter to argon2.PasswordHasher.hash() to allow for custom salts. This is only useful for specialized use-cases -- leave it on None unless you know exactly what you are doing. #153

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): Update argon2-cffi requirement
c9172fe 
Updates the requirements on [argon2-cffi](https://github.com/hynek/argon2-cffi) to permit the latest version.

Updates `argon2-cffi` to 25.1.0
- [Release notes](https://github.com/hynek/argon2-cffi/releases)
- [Changelog](https://github.com/hynek/argon2-cffi/blob/main/CHANGELOG.md)
- [Commits](hynek/argon2-cffi@23.1.0...25.1.0)

---
updated-dependencies:
- dependency-name: argon2-cffi
  dependency-version: 25.1.0
  dependency-type: direct:production
  dependency-group: all-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Apr 1, 2026
@codecov
Copy link
Copy Markdown

codecov bot commented Apr 1, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 85.73%. Comparing base (e9b17ac) to head (c9172fe).

Additional details and impacted files 
@@           Coverage Diff           @@
##           master      #25   +/-   ##
=======================================
  Coverage   85.73%   85.73%           
=======================================
  Files          10       10           
  Lines         631      631           
=======================================
  Hits          541      541           
  Misses         90       90

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kodiakhq kodiakhq[bot] kodiakhq[bot] approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants