From 50467b7bbd6821adbc62206f7ffb5442f51b8f43 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 6 Aug 2025 11:18:30 +0000
Subject: [PATCH 1/3] Bump virtualenv from 20.33.0 to 20.33.1 (#11394)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.33.0 to
20.33.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/virtualenv/releases">virtualenv's
releases</a>.</em></p>
<blockquote>
<h2>20.33.1</h2>
<!-- raw HTML omitted -->
<h2>What's Changed</h2>
<ul>
<li>release 20.33.0 by <a
href="https://github.com/gaborbernat"><code>@​gaborbernat</code></a> in
<a
href="https://redirect.github.com/pypa/virtualenv/pull/2929">pypa/virtualenv#2929</a></li>
<li>fix(test): Restore mtime of py_info.py in test by <a
href="https://github.com/esafak"><code>@​esafak</code></a> in <a
href="https://redirect.github.com/pypa/virtualenv/pull/2938">pypa/virtualenv#2938</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>[bot]
in <a
href="https://redirect.github.com/pypa/virtualenv/pull/2937">pypa/virtualenv#2937</a></li>
<li>fix: Correctly unpack _get_tcl_tk_libs() response in PythonInfo by
<a href="https://github.com/esafak"><code>@​esafak</code></a> in <a
href="https://redirect.github.com/pypa/virtualenv/pull/2940">pypa/virtualenv#2940</a></li>
<li>chore: Request shell and python details in bug reports by <a
href="https://github.com/esafak"><code>@​esafak</code></a> in <a
href="https://redirect.github.com/pypa/virtualenv/pull/2942">pypa/virtualenv#2942</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pypa/virtualenv/compare/20.33.0...20.33.1">https://github.com/pypa/virtualenv/compare/20.33.0...20.33.1</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst">virtualenv's
changelog</a>.</em></p>
<blockquote>
<h2>v20.33.1 (2025-08-05)</h2>
<p>Bugfixes - 20.33.1</p>
<pre><code>- Correctly unpack _get_tcl_tk_libs() response in PythonInfo.
  Contributed by :user:`esafak`. (:issue:`2930`)
- Restore `py_info.py` timestamp in
`test_py_info_cache_invalidation_on_py_info_change`
  Contributed by :user:`esafak`. (:issue:`2933`)
</code></pre>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/virtualenv/commit/8cea2c7662fee3a1fd9e9228ceee74e02f89c0e1"><code>8cea2c7</code></a>
release 20.33.1</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/cac49420a71b8c2e0d091acd0ec47575bd5bd01b"><code>cac4942</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/virtualenv/issues/2942">#2942</a>
from esafak/bug_report_template</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/91d36184b69c8a60f46b334c98fed968d12a466f"><code>91d3618</code></a>
chore: Request shell and python details in bug reports</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/f528c193dfa33ce665fee4b601bdafe64f65be7a"><code>f528c19</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/virtualenv/issues/2940">#2940</a>
from esafak/fix/2930-tcl-library-bug</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/a7c68245cb2781fd39e679119ada8f78ab8ea9fa"><code>a7c6824</code></a>
Merge branch 'main' into fix/2930-tcl-library-bug</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/034f7179dd817a61a3ecfdc68206a3f9a6e935dc"><code>034f717</code></a>
[pre-commit.ci] auto fixes from pre-commit.com hooks</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/8c9e431fab80a843978a2e3a3aa8f6224e985862"><code>8c9e431</code></a>
Iterate on quoting</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/59078c56bcc6cb84f36904b296d096eabd6a5beb"><code>59078c5</code></a>
Remove investigation scripts, add changelog entry</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/7336c4314c06dbc2bda009402b3dc3e37271f84f"><code>7336c43</code></a>
fix: Correctly unpack _get_tcl_tk_libs() response in PythonInfo</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/94004cce5794fbbe46d37faf1bbb08ba7dd4ffc8"><code>94004cc</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/virtualenv/issues/2937">#2937</a>
from pypa/pre-commit-ci-update-config</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/virtualenv/compare/20.33.0...20.33.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=virtualenv&package-manager=pip&previous-version=20.33.0&new-version=20.33.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 requirements/constraints.txt | 2 +-
 requirements/dev.txt         | 2 +-
 requirements/lint.txt        | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/requirements/constraints.txt b/requirements/constraints.txt
index 4a0557620fa..f68f4129860 100644
--- a/requirements/constraints.txt
+++ b/requirements/constraints.txt
@@ -288,7 +288,7 @@ uvloop==0.21.0 ; platform_system != "Windows"
     #   -r requirements/lint.in
 valkey==6.1.0
     # via -r requirements/lint.in
-virtualenv==20.33.0
+virtualenv==20.33.1
     # via pre-commit
 wait-for-it==2.3.0
     # via -r requirements/test.in
diff --git a/requirements/dev.txt b/requirements/dev.txt
index 42314c218ce..81bf6750227 100644
--- a/requirements/dev.txt
+++ b/requirements/dev.txt
@@ -279,7 +279,7 @@ uvloop==0.21.0 ; platform_system != "Windows" and implementation_name == "cpytho
     #   -r requirements/lint.in
 valkey==6.1.0
     # via -r requirements/lint.in
-virtualenv==20.33.0
+virtualenv==20.33.1
     # via pre-commit
 wait-for-it==2.3.0
     # via -r requirements/test.in
diff --git a/requirements/lint.txt b/requirements/lint.txt
index ad40d6e0cfb..fc37290b62a 100644
--- a/requirements/lint.txt
+++ b/requirements/lint.txt
@@ -117,7 +117,7 @@ uvloop==0.21.0 ; platform_system != "Windows"
     # via -r requirements/lint.in
 valkey==6.1.0
     # via -r requirements/lint.in
-virtualenv==20.33.0
+virtualenv==20.33.1
     # via pre-commit
 zlib-ng==0.5.1
     # via -r requirements/lint.in

From ba2e39c6ebc5e7024cf569d6f93032fd6150fc1e Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 6 Aug 2025 11:24:09 +0000
Subject: [PATCH 2/3] Bump pycares from 4.9.0 to 4.10.0 (#11395)

Bumps [pycares](https://github.com/saghul/pycares) from 4.9.0 to 4.10.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/saghul/pycares/commit/b0450c94fbb34f89731daaea1ab2198cee5b6b31"><code>b0450c9</code></a>
Set version to 4.10.0</li>
<li><a
href="https://github.com/saghul/pycares/commit/c3c931f5608da23a196b216edfcc2af5b626fc9a"><code>c3c931f</code></a>
Refactor channel destruction logic</li>
<li><a
href="https://github.com/saghul/pycares/commit/0486f675493a0d49c094f382f616745e2f1ae1a6"><code>0486f67</code></a>
Fixup test CI</li>
<li><a
href="https://github.com/saghul/pycares/commit/8b59ceaccf19fb346a32df690defe7ad3099046a"><code>8b59cea</code></a>
Remove context manager support</li>
<li><a
href="https://github.com/saghul/pycares/commit/3b1912cc9d8f23dddb23dc31b103e45892c4fcaf"><code>3b1912c</code></a>
build(deps): bump pypa/cibuildwheel from 2.23.3 to 3.0.0</li>
<li><a
href="https://github.com/saghul/pycares/commit/b66e5359d8e1f77ce993cd0993ebaf04371ee61b"><code>b66e535</code></a>
Add new process_read_fd process_write_fd to test</li>
<li><a
href="https://github.com/saghul/pycares/commit/78f386648076ac2a95607985c7fef73d6d3cec4a"><code>78f3866</code></a>
Add read &amp; write process_fd functions</li>
<li><a
href="https://github.com/saghul/pycares/commit/1787759068374f30e88a16b7784e34b5df0c9f5e"><code>1787759</code></a>
Idna resource reduction using a length check (<a
href="https://redirect.github.com/saghul/pycares/issues/247">#247</a>)</li>
<li><a
href="https://github.com/saghul/pycares/commit/881a3a1ba41b5f21035f3d2bd60aa8554e5eae67"><code>881a3a1</code></a>
Make result.type Final</li>
<li><a
href="https://github.com/saghul/pycares/commit/04e45e836b435a25adc4508af0c24106e893c7b0"><code>04e45e8</code></a>
Fix OpenBSD build</li>
<li>Additional commits viewable in <a
href="https://github.com/saghul/pycares/compare/v4.9.0...v4.10.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pycares&package-manager=pip&previous-version=4.9.0&new-version=4.10.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 requirements/base.txt         | 22 +++++++++++-----------
 requirements/constraints.txt  |  2 +-
 requirements/dev.txt          |  2 +-
 requirements/lint.txt         |  2 +-
 requirements/runtime-deps.txt |  2 +-
 requirements/test.txt         |  2 +-
 6 files changed, 16 insertions(+), 16 deletions(-)

diff --git a/requirements/base.txt b/requirements/base.txt
index 6f23cc4a568..3faddb12da8 100644
--- a/requirements/base.txt
+++ b/requirements/base.txt
@@ -5,20 +5,20 @@
 #    pip-compile --allow-unsafe --output-file=requirements/base.txt --strip-extras requirements/base.in
 #
 aiodns==3.5.0
-    # via -r /home/dependabot/dependabot-updater/tmp/20250715-1382-lngh7e/dependabot_20250715-1382-a7k872/requirements/runtime-deps.in
+    # via -r requirements/runtime-deps.in
 aiohappyeyeballs==2.6.1
-    # via -r /home/dependabot/dependabot-updater/tmp/20250715-1382-lngh7e/dependabot_20250715-1382-a7k872/requirements/runtime-deps.in
+    # via -r requirements/runtime-deps.in
 aiosignal==1.4.0
-    # via -r /home/dependabot/dependabot-updater/tmp/20250715-1382-lngh7e/dependabot_20250715-1382-a7k872/requirements/runtime-deps.in
+    # via -r requirements/runtime-deps.in
 async-timeout==5.0.1 ; python_version < "3.11"
-    # via -r /home/dependabot/dependabot-updater/tmp/20250715-1382-lngh7e/dependabot_20250715-1382-a7k872/requirements/runtime-deps.in
+    # via -r requirements/runtime-deps.in
 brotli==1.1.0 ; platform_python_implementation == "CPython"
-    # via -r /home/dependabot/dependabot-updater/tmp/20250715-1382-lngh7e/dependabot_20250715-1382-a7k872/requirements/runtime-deps.in
+    # via -r requirements/runtime-deps.in
 cffi==1.17.1
     # via pycares
 frozenlist==1.7.0
     # via
-    #   -r /home/dependabot/dependabot-updater/tmp/20250715-1382-lngh7e/dependabot_20250715-1382-a7k872/requirements/runtime-deps.in
+    #   -r requirements/runtime-deps.in
     #   aiosignal
 gunicorn==23.0.0
     # via -r requirements/base.in
@@ -26,15 +26,15 @@ idna==3.6
     # via yarl
 multidict==6.6.3
     # via
-    #   -r /home/dependabot/dependabot-updater/tmp/20250715-1382-lngh7e/dependabot_20250715-1382-a7k872/requirements/runtime-deps.in
+    #   -r requirements/runtime-deps.in
     #   yarl
 packaging==25.0
     # via gunicorn
 propcache==0.3.2
     # via
-    #   -r /home/dependabot/dependabot-updater/tmp/20250715-1382-lngh7e/dependabot_20250715-1382-a7k872/requirements/runtime-deps.in
+    #   -r requirements/runtime-deps.in
     #   yarl
-pycares==4.9.0
+pycares==4.10.0
     # via aiodns
 pycparser==2.22
     # via cffi
@@ -45,6 +45,6 @@ typing-extensions==4.14.1
 uvloop==0.21.0 ; platform_system != "Windows" and implementation_name == "cpython"
     # via -r requirements/base.in
 yarl==1.20.1
-    # via -r /home/dependabot/dependabot-updater/tmp/20250715-1382-lngh7e/dependabot_20250715-1382-a7k872/requirements/runtime-deps.in
+    # via -r requirements/runtime-deps.in
 zstandard==0.23.0 ; platform_python_implementation == "CPython" and python_version < "3.14"
-    # via -r /home/dependabot/dependabot-updater/tmp/20250715-1382-lngh7e/dependabot_20250715-1382-a7k872/requirements/runtime-deps.in
+    # via -r requirements/runtime-deps.in
diff --git a/requirements/constraints.txt b/requirements/constraints.txt
index f68f4129860..0849a590c55 100644
--- a/requirements/constraints.txt
+++ b/requirements/constraints.txt
@@ -155,7 +155,7 @@ proxy-py==2.4.10
     # via
     #   -r requirements/lint.in
     #   -r requirements/test.in
-pycares==4.9.0
+pycares==4.10.0
     # via aiodns
 pycparser==2.22
     # via cffi
diff --git a/requirements/dev.txt b/requirements/dev.txt
index 81bf6750227..5d94ef0cd30 100644
--- a/requirements/dev.txt
+++ b/requirements/dev.txt
@@ -152,7 +152,7 @@ proxy-py==2.4.10
     # via
     #   -r requirements/lint.in
     #   -r requirements/test.in
-pycares==4.9.0
+pycares==4.10.0
     # via aiodns
 pycparser==2.22
     # via cffi
diff --git a/requirements/lint.txt b/requirements/lint.txt
index fc37290b62a..a989a74a645 100644
--- a/requirements/lint.txt
+++ b/requirements/lint.txt
@@ -63,7 +63,7 @@ pre-commit==4.2.0
     # via -r requirements/lint.in
 proxy-py==2.4.10
     # via -r requirements/lint.in
-pycares==4.9.0
+pycares==4.10.0
     # via aiodns
 pycparser==2.22
     # via cffi
diff --git a/requirements/runtime-deps.txt b/requirements/runtime-deps.txt
index 1bf23ed8f21..327fae9055b 100644
--- a/requirements/runtime-deps.txt
+++ b/requirements/runtime-deps.txt
@@ -30,7 +30,7 @@ propcache==0.3.2
     # via
     #   -r requirements/runtime-deps.in
     #   yarl
-pycares==4.9.0
+pycares==4.10.0
     # via aiodns
 pycparser==2.22
     # via cffi
diff --git a/requirements/test.txt b/requirements/test.txt
index 7a6f5f79110..4e94f635320 100644
--- a/requirements/test.txt
+++ b/requirements/test.txt
@@ -83,7 +83,7 @@ propcache==0.3.2
     #   yarl
 proxy-py==2.4.10
     # via -r requirements/test.in
-pycares==4.9.0
+pycares==4.10.0
     # via aiodns
 pycparser==2.22
     # via cffi

From 48082a7c05c157daf2c85f48807f51e947cf9806 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 6 Aug 2025 11:29:24 +0000
Subject: [PATCH 3/3] Bump cryptography from 45.0.5 to 45.0.6 (#11396)

Bumps [cryptography](https://github.com/pyca/cryptography) from 45.0.5
to 45.0.6.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst">cryptography's
changelog</a>.</em></p>
<blockquote>
<p>45.0.6 - 2025-08-05</p>
<pre><code>
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL
3.5.2.
<p>.. _v45-0-5:<br />
</code></pre></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pyca/cryptography/commit/66198c23c97c9594d64540e5a866e4b4121aec2d"><code>66198c2</code></a>
Bump for release (<a
href="https://redirect.github.com/pyca/cryptography/issues/13249">#13249</a>)</li>
<li>See full diff in <a
href="https://github.com/pyca/cryptography/compare/45.0.5...45.0.6">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cryptography&package-manager=pip&previous-version=45.0.5&new-version=45.0.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 requirements/constraints.txt | 2 +-
 requirements/dev.txt         | 2 +-
 requirements/lint.txt        | 2 +-
 requirements/test.txt        | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/requirements/constraints.txt b/requirements/constraints.txt
index 0849a590c55..5da05f9ddd1 100644
--- a/requirements/constraints.txt
+++ b/requirements/constraints.txt
@@ -56,7 +56,7 @@ coverage==7.10.2
     # via
     #   -r requirements/test.in
     #   pytest-cov
-cryptography==45.0.5
+cryptography==45.0.6
     # via
     #   pyjwt
     #   trustme
diff --git a/requirements/dev.txt b/requirements/dev.txt
index 5d94ef0cd30..ac5f077151d 100644
--- a/requirements/dev.txt
+++ b/requirements/dev.txt
@@ -56,7 +56,7 @@ coverage==7.10.2
     # via
     #   -r requirements/test.in
     #   pytest-cov
-cryptography==45.0.5
+cryptography==45.0.6
     # via
     #   pyjwt
     #   trustme
diff --git a/requirements/lint.txt b/requirements/lint.txt
index a989a74a645..a82fd57f198 100644
--- a/requirements/lint.txt
+++ b/requirements/lint.txt
@@ -21,7 +21,7 @@ cfgv==3.4.0
     # via pre-commit
 click==8.1.8
     # via slotscheck
-cryptography==45.0.5
+cryptography==45.0.6
     # via trustme
 distlib==0.4.0
     # via virtualenv
diff --git a/requirements/test.txt b/requirements/test.txt
index 4e94f635320..096a24ca9d0 100644
--- a/requirements/test.txt
+++ b/requirements/test.txt
@@ -29,7 +29,7 @@ coverage==7.10.2
     # via
     #   -r requirements/test.in
     #   pytest-cov
-cryptography==45.0.5
+cryptography==45.0.6
     # via trustme
 exceptiongroup==1.3.0
     # via pytest