Bump cryptography from 3.4.8 to 37.0.4

[dependabot]

Bumps cryptography from 3.4.8 to 37.0.4.

Changelog

Sourced from cryptography's changelog.

37.0.4 - 2022-07-05

* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.5.
.. _v37-0-3:
37.0.3 - 2022-06-21 (YANKED)

.. attention::

This release was subsequently yanked from PyPI due to a regression in OpenSSL.

• Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.4.

.. _v37-0-2:

37.0.2 - 2022-05-03

* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.3.
* Added a constant needed for an upcoming pyOpenSSL release.
.. _v37-0-1:
37.0.1 - 2022-04-27

• Fixed an issue where parsing an encrypted private key with the public loader functions would hang waiting for console input on OpenSSL 3.0.x rather than raising an error.
• Restored some legacy symbols for older pyOpenSSL users. These will be removed again in the future, so pyOpenSSL users should still upgrade to the latest version of that package when they upgrade cryptography.

.. _v37-0-0:

37.0.0 - 2022-04-26

* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.0.2.
* **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL 2.9.x and 3.0.x.
  The new minimum LibreSSL version is 3.1+.
* **BACKWARDS INCOMPATIBLE:** Removed ``signer`` and ``verifier`` methods
  from the public key and private key classes. These methods were originally
  deprecated in version 2.0, but had an extended deprecation timeline due
  to usage. Any remaining users should transition to ``sign`` and ``verify``.
* Deprecated OpenSSL 1.1.0 support. OpenSSL 1.1.0 is no longer supported by
  the OpenSSL project. The next release of ``cryptography`` will be the last
</tr></table> 

... (truncated)

Commits

• 7ad17d8 Version bump and changelog for 37.0.4 (#7399)
• b71c392 Changelog and version bump for 37.0.3 (#7362)
• 5954a52 changelog and version bump for 37.0.2 (#7194)
• 8b72741 add a a constant for pyOpenSSL with OpenSSL 3 (#7157)
• 7dd4ff6 Backport mitmproxy & codecov changes (#7158)
• 3fb93cf 37.0.1 changelog and version bump (#7139)
• 8ec3192 restore some bindings for older pyopenssl temporarily (#7137)
• 2d4e0b2 Fix parsing of priv keys via pub key APIs to error properly in ossl3 (#7135)
• 82d9339 Add typings to default_backend() (#7133)
• cfdfb1a update wheel builder for lib64 path (#7122)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[Kludex]

How did it jump from 3.4.8 to 37.0.4? 👀

[euri10]

they changed the version scheme last year
https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst#3500---2021-09-29

[jhominal]

I think this version bump should be fine - here is a list of the changes marked as backwards incompatible by cryptography:

• Changes related to x509 parsing and formatting;
• signer and verifier objects removed - if we had used them, they would have had emitted deprecation messages (and thus failed the tests) for a long time;
• Dropped support for old versions of OpenSSL/LibreSSL - as I expect most developers will be using compiled wheels, that should not have a lot of impact;