Skip to content

bump cryptography + pyjwt for security advisories#25

Merged
Bernardo-Rufino merged 1 commit into
mainfrom
fix/security-bumps
Jun 18, 2026
Merged

bump cryptography + pyjwt for security advisories#25
Bernardo-Rufino merged 1 commit into
mainfrom
fix/security-bumps

Conversation

@Bernardo-Rufino

@Bernardo-Rufino Bernardo-Rufino commented Jun 18, 2026

Copy link
Copy Markdown
Owner

Closes the 7 remaining Dependabot alerts (3 high, 3 moderate, 1 low).

  • cryptography 46.0.7 -> 48.0.1 (fixes vulnerable OpenSSL bundled in the wheel)
  • pyjwt 2.12.1 -> 2.13.0 (PyJWT bundle: HS256 forgery, JWKClient SSRF, algorithm allow-list bypass, unbounded JWKS DoS, base64 DoS in detached JWS)

Widened the upper bound on cryptography to <49.0.0. Added an explicit floor on pyjwt (transitive via azure-identity / msal) so the lock cannot regress.

pytest tests/ -> 158 passed locally.

@github-actions

github-actions Bot commented Jun 18, 2026

Copy link
Copy Markdown

✅ All tests passed

============================= test session starts ==============================
platform linux -- Python 3.13.14, pytest-9.1.0, pluggy-1.6.0 -- /opt/hostedtoolcache/Python/3.13.14/x64/bin/python
cachedir: .pytest_cache
rootdir: /home/runner/work/msdev-kit/msdev-kit
configfile: pyproject.toml
collecting ... collected 158 items

tests/fabric/test_auth.py::TestGetToken::test_pbi_scope PASSED           [  0%]
tests/fabric/test_auth.py::TestGetToken::test_fabric_scope PASSED        [  1%]
tests/fabric/test_auth.py::TestGetToken::test_azure_scope PASSED         [  1%]
tests/fabric/test_auth.py::TestGetToken::test_graph_scope PASSED         [  2%]
tests/fabric/test_auth.py::TestGetToken::test_credential_created_once PASSED [  3%]
tests/fabric/test_auth.py::TestGetToken::test_invalid_service_raises PASSED [  3%]
tests/fabric/test_auth.py::TestGetTokenForUser::test_azure_scope PASSED  [  4%]
tests/fabric/test_auth.py::TestGetTokenForUser::test_invalid_service_raises PASSED [  5%]
tests/fabric/test_dataflow.py::TestGetDataflowName::test_returns_name_from_pbi_api PASSED [  5%]
tests/fabric/test_dataflow.py::TestGetDataflowName::test_falls_back_to_fabric_api PASSED [  6%]
tests/fabric/test_dataflow.py::TestGetDataflowName::test_returns_empty_when_both_fail PASSED [  6%]
tests/fabric/test_dataflow.py::TestGetDataflowName::test_missing_workspace_id PASSED [  7%]
tests/fabric/test_dataflow.py::TestGetDataflowName::test_missing_dataflow_id PASSED [  8%]
tests/fabric/test_dataflow.py::TestDataflowRetry::test_retries_on_429 PASSED [  8%]
tests/fabric/test_dataflow.py::TestDataflowRetry::test_respects_retry_after_header PASSED [  9%]
tests/fabric/test_dataflow.py::TestGetDataflowPbiDefinitionValidation::test_missing_workspace_id PASSED [ 10%]
tests/fabric/test_dataflow.py::TestGetDataflowPbiDefinitionValidation::test_missing_dataflow_id PASSED [ 10%]
tests/fabric/test_dataset.py::TestExtractTableExpression::test_simple_evaluate PASSED [ 11%]
tests/fabric/test_dataset.py::TestExtractTableExpression::test_evaluate_with_function PASSED [ 12%]
tests/fabric/test_dataset.py::TestExtractTableExpression::test_evaluate_case_insensitive PASSED [ 12%]
tests/fabric/test_dataset.py::TestExtractTableExpression::test_evaluate_with_filter PASSED [ 13%]
tests/fabric/test_dataset.py::TestExtractTableExpression::test_multiline_query PASSED [ 13%]
tests/fabric/test_dataset.py::TestExtractTableExpression::test_no_evaluate_returns_empty PASSED [ 14%]
tests/fabric/test_dataset.py::TestExtractTableExpression::test_empty_query PASSED [ 15%]
tests/fabric/test_dataset.py::TestExtractTableExpression::test_evaluate_with_define PASSED [ 15%]
tests/fabric/test_dataset.py::TestExecuteQueryValidation::test_missing_query PASSED [ 16%]
tests/fabric/test_dataset.py::TestExecuteQueryValidation::test_missing_workspace_id PASSED [ 17%]
tests/fabric/test_dataset.py::TestExecuteQueryValidation::test_missing_dataset_id PASSED [ 17%]
tests/fabric/test_dataset.py::TestExecuteQueryTruncation::test_no_truncation_small_result PASSED [ 18%]
tests/fabric/test_dataset.py::TestExecuteQueryTruncation::test_truncation_detected_by_countrows PASSED [ 18%]
tests/fabric/test_dataset.py::TestExecuteQueryTruncation::test_max_rows_with_few_columns PASSED [ 19%]
tests/fabric/test_dataset.py::TestExecuteQueryTruncation::test_countrows_failure_still_runs_query PASSED [ 20%]
tests/fabric/test_dataset.py::TestExecuteQueryTruncation::test_empty_result PASSED [ 20%]
tests/fabric/test_dataset.py::TestExecuteQueryTruncation::test_api_error_returns_error PASSED [ 21%]
tests/fabric/test_dataset.py::TestExecuteQueryTruncation::test_truncation_by_row_limit_hit PASSED [ 22%]
tests/fabric/test_dataset.py::TestDatasetParameterValidation::test_get_dataset_details_missing_workspace PASSED [ 22%]
tests/fabric/test_dataset.py::TestDatasetParameterValidation::test_get_dataset_details_missing_dataset PASSED [ 23%]
tests/fabric/test_dataset.py::TestDatasetParameterValidation::test_list_datasets_missing_workspace PASSED [ 24%]
tests/fabric/test_dataset.py::TestGetDatasetName::test_returns_name_from_pbi_api PASSED [ 24%]
tests/fabric/test_dataset.py::TestGetDatasetName::test_falls_back_to_fabric_api PASSED [ 25%]
tests/fabric/test_dataset.py::TestGetDatasetName::test_returns_empty_when_both_fail PASSED [ 25%]
tests/fabric/test_dataset.py::TestGetDatasetName::test_retries_on_429 PASSED [ 26%]
tests/fabric/test_notebook.py::TestListNotebooks::test_missing_workspace_id PASSED [ 27%]
tests/fabric/test_notebook.py::TestListNotebooks::test_success_single_page PASSED [ 27%]
tests/fabric/test_notebook.py::TestListNotebooks::test_success_paginated PASSED [ 28%]
tests/fabric/test_notebook.py::TestListNotebooks::test_api_error PASSED  [ 29%]
tests/fabric/test_notebook.py::TestGetNotebook::test_missing_workspace_id PASSED [ 29%]
tests/fabric/test_notebook.py::TestGetNotebook::test_missing_notebook_id PASSED [ 30%]
tests/fabric/test_notebook.py::TestGetNotebook::test_success PASSED      [ 31%]
tests/fabric/test_notebook.py::TestGetNotebook::test_not_found PASSED    [ 31%]
tests/fabric/test_notebook.py::TestNotebookRetry::test_retries_on_429 PASSED [ 32%]
tests/fabric/test_pipeline.py::TestGetPipeline::test_missing_workspace_id PASSED [ 32%]
tests/fabric/test_pipeline.py::TestGetPipeline::test_missing_pipeline_id PASSED [ 33%]
tests/fabric/test_pipeline.py::TestGetPipeline::test_success PASSED      [ 34%]
tests/fabric/test_pipeline.py::TestGetPipeline::test_not_found PASSED    [ 34%]
tests/fabric/test_pipeline.py::TestResolvePipeline::test_resolves_by_id PASSED [ 35%]
tests/fabric/test_pipeline.py::TestResolvePipeline::test_resolves_by_name PASSED [ 36%]
tests/fabric/test_pipeline.py::TestResolvePipeline::test_resolves_by_name_case_insensitive PASSED [ 36%]
tests/fabric/test_pipeline.py::TestResolvePipeline::test_returns_none_when_not_found PASSED [ 37%]
tests/fabric/test_pipeline.py::TestResolveDataflowId::test_resolves_by_id PASSED [ 37%]
tests/fabric/test_pipeline.py::TestResolveDataflowId::test_resolves_by_name PASSED [ 38%]
tests/fabric/test_pipeline.py::TestResolveDataflowId::test_resolves_by_name_case_insensitive PASSED [ 39%]
tests/fabric/test_pipeline.py::TestResolveDataflowId::test_returns_none_when_not_found PASSED [ 39%]
tests/fabric/test_pipeline.py::TestGetPipelineActivities::test_missing_workspace_id PASSED [ 40%]
tests/fabric/test_pipeline.py::TestGetPipelineActivities::test_missing_pipeline_id_or_name PASSED [ 41%]
tests/fabric/test_pipeline.py::TestGetPipelineActivities::test_returns_correct_keys PASSED [ 41%]
tests/fabric/test_pipeline.py::TestGetPipelineActivities::test_accepts_pipeline_name PASSED [ 42%]
tests/fabric/test_pipeline.py::TestGetPipelineActivities::test_pipeline_not_found PASSED [ 43%]
tests/fabric/test_pipeline.py::TestGetPipelineActivities::test_object_name_in_type_properties_for_dataflow PASSED [ 43%]
tests/fabric/test_pipeline.py::TestGetPipelineActivities::test_object_name_for_notebook PASSED [ 44%]
tests/fabric/test_pipeline.py::TestGetPipelineActivities::test_object_name_for_invoke_pipeline PASSED [ 44%]
tests/fabric/test_pipeline.py::TestGetPipelineActivities::test_object_name_for_dataset_refresh PASSED [ 45%]
tests/fabric/test_pipeline.py::TestGetPipelineActivities::test_no_object_name_for_unsupported_type PASSED [ 46%]
tests/fabric/test_pipeline.py::TestGetPipelineActivities::test_multiple_activities_mixed_types PASSED [ 46%]
tests/fabric/test_pipeline.py::TestGetPipelineActivities::test_deduplicates_resolution_for_same_id PASSED [ 47%]
tests/fabric/test_pipeline.py::TestGetPipelineActivities::test_uses_activity_workspace_when_different PASSED [ 48%]
tests/fabric/test_pipeline.py::TestGetPipelineActivities::test_no_pipeline_content_json PASSED [ 48%]
tests/fabric/test_pipeline.py::TestFindPipelinesByDataflow::test_missing_workspace_id PASSED [ 49%]
tests/fabric/test_pipeline.py::TestFindPipelinesByDataflow::test_missing_dataflow_id_or_name PASSED [ 50%]
tests/fabric/test_pipeline.py::TestFindPipelinesByDataflow::test_finds_matching_pipeline_by_dataflow_id PASSED [ 50%]
tests/fabric/test_pipeline.py::TestFindPipelinesByDataflow::test_finds_matching_pipeline_by_dataflow_name PASSED [ 51%]
tests/fabric/test_pipeline.py::TestFindPipelinesByDataflow::test_dataflow_not_found PASSED [ 51%]
tests/fabric/test_pipeline.py::TestFindPipelinesByDataflow::test_no_matches PASSED [ 52%]
tests/fabric/test_pipeline.py::TestPipelineRetry::test_retries_on_429 PASSED [ 53%]
tests/fabric/test_pipeline.py::TestPipelineRetry::test_gives_up_after_max_retries PASSED [ 53%]
tests/fabric/test_report.py::TestParseReportExtensions::test_extracts_all_measures PASSED [ 54%]
tests/fabric/test_report.py::TestParseReportExtensions::test_measure_fields PASSED [ 55%]
tests/fabric/test_report.py::TestParseReportExtensions::test_multiline_expression PASSED [ 55%]
tests/fabric/test_report.py::TestParseReportExtensions::test_format_from_formatInformation PASSED [ 56%]
tests/fabric/test_report.py::TestParseReportExtensions::test_empty_entities PASSED [ 56%]
tests/fabric/test_report.py::TestParseReportExtensions::test_missing_entities_key PASSED [ 57%]
tests/fabric/test_report.py::TestParseReportExtensions::test_carriage_return_stripped PASSED [ 58%]
tests/fabric/test_report.py::TestGetModelMeasureReferences::test_excludes_extension_schema PASSED [ 58%]
tests/fabric/test_report.py::TestGetModelMeasureReferences::test_deduplicates PASSED [ 59%]
tests/fabric/test_report.py::TestGetModelMeasureReferences::test_sorted_by_name PASSED [ 60%]
tests/fabric/test_report.py::TestGetModelMeasureReferences::test_empty_references PASSED [ 60%]
tests/fabric/test_report.py::TestGetModelMeasureReferences::test_no_measures_key PASSED [ 61%]
tests/fabric/test_report.py::TestGenerateDaxQueryScript::test_contains_define_and_evaluate PASSED [ 62%]
tests/fabric/test_report.py::TestGenerateDaxQueryScript::test_contains_all_measures PASSED [ 62%]
tests/fabric/test_report.py::TestGenerateDaxQueryScript::test_model_measures_as_comments PASSED [ 63%]
tests/fabric/test_report.py::TestGenerateDaxQueryScript::test_multiline_expression_formatting PASSED [ 63%]
tests/fabric/test_report.py::TestGenerateDaxQueryScript::test_single_measure PASSED [ 64%]
tests/fabric/test_report.py::TestGenerateTmdlScript::test_contains_createOrReplace PASSED [ 65%]
tests/fabric/test_report.py::TestGenerateTmdlScript::test_groups_by_entity PASSED [ 65%]
tests/fabric/test_report.py::TestGenerateTmdlScript::test_single_line_expression PASSED [ 66%]
tests/fabric/test_report.py::TestGenerateTmdlScript::test_multiline_expression PASSED [ 67%]
tests/fabric/test_report.py::TestGenerateTmdlScript::test_includes_format_string PASSED [ 67%]
tests/fabric/test_report.py::TestGenerateTmdlScript::test_includes_display_folder PASSED [ 68%]
tests/fabric/test_report.py::TestGenerateTmdlScript::test_includes_description_as_comment PASSED [ 68%]
tests/fabric/test_report.py::TestGetLegacyReportPagesAndVisuals::test_extracts_visuals PASSED [ 69%]
tests/fabric/test_report.py::TestGetLegacyReportPagesAndVisuals::test_extracts_page_names PASSED [ 70%]
tests/fabric/test_report.py::TestGetLegacyReportPagesAndVisuals::test_extracts_visual_title PASSED [ 70%]
tests/fabric/test_report.py::TestGetLegacyReportPagesAndVisuals::test_visual_group_detected PASSED [ 71%]
tests/fabric/test_report.py::TestGetLegacyReportPagesAndVisuals::test_visual_without_title_falls_back_to_type PASSED [ 72%]
tests/fabric/test_report.py::TestGetLegacyReportPagesAndVisuals::test_invalid_json_returns_empty_df PASSED [ 72%]
tests/fabric/test_report.py::TestGetLegacyReportPagesAndVisuals::test_visual_container_config_as_string PASSED [ 73%]
tests/fabric/test_report.py::TestGetPbirReportPagesAndVisuals::test_page_names PASSED [ 74%]
tests/fabric/test_report.py::TestGetPbirReportPagesAndVisuals::test_visual_count PASSED [ 74%]
tests/fabric/test_report.py::TestGetPbirReportPagesAndVisuals::test_title_extracted_from_objects PASSED [ 75%]
tests/fabric/test_report.py::TestGetPbirReportPagesAndVisuals::test_visual_group_type_and_title PASSED [ 75%]
tests/fabric/test_report.py::TestGetPbirReportPagesAndVisuals::test_no_title_falls_back_to_type PASSED [ 76%]
tests/fabric/test_report.py::TestGetPbirReportPagesAndVisuals::test_page_index_follows_page_order PASSED [ 77%]
tests/fabric/test_report.py::TestGetPbirReportPagesAndVisuals::test_missing_pages_json_returns_empty_df PASSED [ 77%]
tests/fabric/test_report.py::TestGetReportPagesAndVisuals::test_pbir_format_routes_to_pbir_parser PASSED [ 78%]
tests/fabric/test_report.py::TestGetReportPagesAndVisuals::test_pbir_legacy_format_routes_to_legacy_parser PASSED [ 79%]
tests/fabric/test_report.py::TestGetReportPagesAndVisuals::test_format_check_is_case_insensitive PASSED [ 79%]
tests/fabric/test_report.py::TestGetReportPagesAndVisuals::test_metadata_failure_returns_empty_df PASSED [ 80%]
tests/fabric/test_report.py::TestGetReportPagesAndVisuals::test_definition_failure_returns_empty_df PASSED [ 81%]
tests/fabric/test_report.py::TestGetReportPagesAndVisuals::test_unknown_format_returns_empty_df PASSED [ 81%]
tests/fabric/test_report.py::TestGetReportPagesAndVisuals::test_pbir_legacy_missing_report_json_returns_empty_df PASSED [ 82%]
tests/graph/test_graph.py::TestGetUserId::test_found_by_upn PASSED       [ 82%]
tests/graph/test_graph.py::TestGetUserId::test_404_falls_back_to_mail_found PASSED [ 83%]
tests/graph/test_graph.py::TestGetUserId::test_not_found_returns_none PASSED [ 84%]
tests/graph/test_graph.py::TestGetGroupId::test_found PASSED             [ 84%]
tests/graph/test_graph.py::TestGetGroupId::test_not_found_returns_none PASSED [ 85%]
tests/graph/test_graph.py::TestListGroupMembers::test_single_page PASSED [ 86%]
tests/graph/test_graph.py::TestListGroupMembers::test_pagination PASSED  [ 86%]
tests/graph/test_graph.py::TestAddGroupMember::test_success PASSED       [ 87%]
tests/graph/test_graph.py::TestAddGroupMember::test_already_member_silently_ignored PASSED [ 87%]
tests/graph/test_graph.py::TestRemoveGroupMember::test_success PASSED    [ 88%]
tests/graph/test_graph.py::TestRemoveGroupMember::test_404_silently_ignored PASSED [ 89%]
tests/graph/test_graph.py::TestRemoveGroupMember::test_403_silently_ignored PASSED [ 89%]
tests/sharepoint/test_sharepoint.py::TestInit::test_short_hostname_normalized PASSED [ 90%]
tests/sharepoint/test_sharepoint.py::TestInit::test_https_hostname_normalized PASSED [ 91%]
tests/sharepoint/test_sharepoint.py::TestInit::test_fqdn_hostname_unchanged PASSED [ 91%]
tests/sharepoint/test_sharepoint.py::TestInit::test_site_path_without_prefix_normalized PASSED [ 92%]
tests/sharepoint/test_sharepoint.py::TestInit::test_site_path_with_prefix_unchanged PASSED [ 93%]
tests/sharepoint/test_sharepoint.py::TestInit::test_site_path_with_leading_slash_normalized PASSED [ 93%]
tests/sharepoint/test_sharepoint.py::TestGetSiteId::test_resolves_site_id PASSED [ 94%]
tests/sharepoint/test_sharepoint.py::TestGetSiteId::test_caches_site_id PASSED [ 94%]
tests/sharepoint/test_sharepoint.py::TestDownloadFile::test_returns_local_path PASSED [ 95%]
tests/sharepoint/test_sharepoint.py::TestDownloadFile::test_writes_file_content PASSED [ 96%]
tests/sharepoint/test_sharepoint.py::TestCreateFolder::test_single_part PASSED [ 96%]
tests/sharepoint/test_sharepoint.py::TestCreateFolder::test_multi_part PASSED [ 97%]
tests/sharepoint/test_sharepoint.py::TestUploadFile::test_bytes_source PASSED [ 98%]
tests/sharepoint/test_sharepoint.py::TestUploadFile::test_file_path_source PASSED [ 98%]
tests/sharepoint/test_sharepoint.py::TestUploadFile::test_content_type_inferred PASSED [ 99%]
tests/sharepoint/test_sharepoint.py::TestUploadFile::test_content_type_explicit PASSED [100%]

============================= 158 passed in 2.66s ==============================

@Bernardo-Rufino Bernardo-Rufino merged commit 029587e into main Jun 18, 2026
3 checks passed
@Bernardo-Rufino Bernardo-Rufino deleted the fix/security-bumps branch June 18, 2026 13:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Bernardo-Rufino