Skip to content

Bump cryptography from 46.0.5 to 46.0.7 in /scripts/deployment/spark#617

Open
dependabot[bot] wants to merge 61 commits intomainfrom
dependabot/uv/scripts/deployment/spark/cryptography-46.0.7
Open

Bump cryptography from 46.0.5 to 46.0.7 in /scripts/deployment/spark#617
dependabot[bot] wants to merge 61 commits intomainfrom
dependabot/uv/scripts/deployment/spark/cryptography-46.0.7

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 8, 2026
edited
Loading

Bumps cryptography from 46.0.5 to 46.0.7.

Changelog

Sourced from cryptography's changelog.

46.0.7 - 2026-04-07


* **SECURITY ISSUE**: Fixed an issue where non-contiguous buffers could be
  passed to APIs that accept Python buffers, which could lead to buffer
  overflow. **CVE-2026-39892**
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.6.

.. _v46-0-6:


46.0.6 - 2026-03-25

  • SECURITY ISSUE: Fixed a bug where name constraints were not applied to peer names during verification when the leaf certificate contains a wildcard DNS SAN. Ordinary X.509 topologies are not affected by this bug, including those used by the Web PKI. Credit to Oleh Konko (1seal) for reporting the issue. CVE-2026-34073

.. _v46-0-5:

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Apr 8, 2026
reedscot and others added 26 commits April 16, 2026 20:07
@reedscot @ryhalabi
Add GROOT-N1.7
e311466
@xiaotongc0 @ryhalabi
n16->n17 migration fixes, modality, texts, install libs.
7b16d58
@xiaotongc0 @ryhalabi
add full pipeline trt export on n1.7
b014aa7
@xiaotongc0 @ryhalabi
fix nvbug https://nvbugspro.nvidia.com/bug/5977293 by using tensorrt1…
5ca98cd 
…2 than...
@reedscot @ryhalabi
Support loading and inferencing latest N1.7 checkpoints in Isaac-GR00T
2d1e82f
@xiaotongc0 @ryhalabi
update readme, license, attribution, added droid example and CI examp…
f0f11e4 
…le tests
@xiaotongc0 @ryhalabi
fix nvbugs by QA and VDR feedback
be889e7
@sgillen @ryhalabi
Deployment UV Fix
7c38732
@ryhalabi
update READMEs to 1.7
f67edb7
@xiaotongc0 @ryhalabi
fixed the trt and now able to run full pipeline, verified with cosine...
a6dfb9b
@xiaotongc0 @ryhalabi
Add dockerfile for aarch64 (gb200) and make gpu tests run on two gpu …
7b91a8e 
…runners with different python+cuda versions
@xiaotongc0 @ryhalabi
fix nv bugs
4ae893c
@xiaotongc0 @ryhalabi
Fix deployment docs: add model download step and interactive Docker f…
d80e1ee 
…or Spark/Thor/Orin; fix EA sync CI when files are deleted and cannot match
@xiaotongc0 @ryhalabi
fix online save_plot_path
57e6f6c
@xiaotongc0 @ryhalabi
add license headers to all python source files except external_depend…
ade260e 
…encies/, modify readme about n17 diff
@sgillen @ryhalabi
Orin N1.7 fixes
cfa7d48
@xiaotongc0 @ryhalabi
fix thor env and run-through trt and add benchmark to readme
8857b14
@xiaotongc0 @ryhalabi
correct supported embodiments
671b39e
@xiaotongc0 @ryhalabi
fix newest nvbugs
2a7748b
@xiaotongc0 @ryhalabi
simplify trt pipeline to 1 call; refine deployment/readme, add batchs…
6fa2302 
…ize support (default to 1)
@xiaotongc0 @ryhalabi
Xiaotongc/vdr fix
1698f0c
@ryhalabi
Minor fixes
676514d
@ryhalabi
ci: update metrics pipeline for n1.7
d8a823a
@xiaotongc0 @ryhalabi
Final doc, ci, cache, vdr, test fixes before EA
a22873f
@jiajingc-nv @ryhalabi
Add unit test coverage reporting to CI
2a23f0b
@ryhalabi
metrics pipeline update
98dc4ae
jiajingc-nv and others added 28 commits April 16, 2026 20:07
@jiajingc-nv @ryhalabi
Parameterize standalone inference tests to support LIBERO and DROID
89664ed
@jiajingc-nv @ryhalabi
Add DROID finetune, server, and open-loop eval tests
5814f6b
@xiaotongc0 @ryhalabi
Fix latest VDR issues; torchcodec wheels on edge; refine tests and ma…
a4accfb 
…sk them in CI sync to EA
@xiaotongc0 @ryhalabi
fix gitlab->ea sync and orin setup, remove agents.md and skills.md fo…
6180ea6 
…r now
@jiajingc-nv @ryhalabi
fix(ci): include inference tests in GPU test groups
716b02b
@ryhalabi
cache path rename fix
9269fc0
@ryhalabi
correct simplerenv README
a775db0
@ryhalabi
Fixes to Isaac-GR00T/examples/DROID/main_gr00t.py to test 1.7 OSS che…
dd88cc7 
…ckpoint,...
@mharrim-nv @ryhalabi
Update README to link to the N1.6 release tag
a22f041
@jiajingc-nv @ryhalabi
fix: guard against HF API rate-limit crash during tokenizer loading
c5437fa
@jiajingc-nv @ryhalabi
Add HF config alignment checklist and automated validation script
4fea022 
Add a comprehensive checklist (hf_config_alignment_checklist.md) and an
automated validation script (scripts/validate_hf_config_alignment.py) to
verify that HuggingFace model checkpoint configs are consistent with the
source-of-truth definitions in this repository.

The checklist covers 10 dimensions (A–J): processor_config.json, config.json,
embodiment_id.json, statistics.json, README docs, cross-file consistency,
checkpoint file layout, serialization gaps, HF metadata, and enum formats.

The validation script can be run without HF auth for internal consistency
checks, or with --hf-config-dir for full model-level validation.

Initial run found two issues:
- unitree_g1 action horizon (50) exceeds model max (40) in MODALITY_CONFIGS
- Test fixture embodiment_id.json maps libero_sim to projector 24 (should be 2)

Made-with: Cursor
@jiajingc-nv @ryhalabi
fix: DROID inference script sends T=2 video frames to match model exp…
2d6e240 
…ectation (delta_indices=[-15, 0])
@ryhalabi
Test Speedup and Optimizations
d4dbffc
@xiaotongc0 @ryhalabi
add aarch64 + linux flash-attn/torchcodec wheels; updated pyproject/u…
b581918 
…v/dockerfile to use local wheels than build from source
@ryhalabi
Remove Unsupported Readmes
b6215eb
@jiajingc-nv @ryhalabi
fix: align DROID euler convention and rotation correction across trai…
c5cadf5 
…ning and inference
@jiajingc-nv @ryhalabi
fix: align DROID MsgSerializer key with main server (as_dict -> as_json)
910c2ee
@jiajingc-nv @ryhalabi
test: add a check that guards against this gap at fixture load time
821e131
@jiajingc-nv @ryhalabi
data: regenerate droid_sample eef_9d with corrected rotation convention
07b9f2a
@jiajingc-nv @ryhalabi
fix: link pretrain tags to policy guide instead of saying "below"
978a863
@xiaotongc0 @ryhalabi
fix readmes
95193df
@xiaotongc0 @ryhalabi
finish fixing readme
cffd4dd
@jiajingc-nv @ryhalabi
fix(test): correct libero_sim projector index in test fixture
4396686
@jiajingc-nv @ryhalabi
feat: add SimplerEnv demo data and standalone inference test coverage
269e694
@ryhalabi
AGENTS.md addition
934b598
@ryhalabi
n1d7 Release Documentation
b7d8035
@ryhalabi
FAQ reorganization
95907b2
@dependabot
Bump cryptography from 46.0.5 to 46.0.7 in /scripts/deployment/spark
b439914 
Bumps [cryptography](https://github.com/pyca/cryptography) from 46.0.5 to 46.0.7.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](pyca/cryptography@46.0.5...46.0.7)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-version: 46.0.7
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/uv/scripts/deployment/spark/cryptography-46.0.7 branch from 4ef2f21 to b439914 Compare April 17, 2026 03:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@reedscot @xiaotongc0 @sgillen @ryhalabi @jiajingc-nv @mharrim-nv