Specify cryptography version.

[claudevdm]

For vulneratibility in image

---

Thank you for your contribution! Follow this checklist to help us incorporate your contribution quickly and easily:

• Mention the appropriate issue in your description (for example: addresses #123), if applicable. This will automatically add a link to the pull request in the issue. If you would like the issue to automatically close on merging the pull request, comment fixes #<ISSUE NUMBER> instead.
• Update CHANGES.md with noteworthy changes.
• If this contribution is large, please file an Apache Individual Contributor License Agreement.

See the Contributor Guide for more tips on how to make review process smoother.

To check the build health, please visit https://github.com/apache/beam/blob/master/.test-infra/BUILD_STATUS.md

GitHub Actions Tests Status (on master branch)

See CI.md for more information about GitHub Actions CI or the workflows README to see a list of phrases to trigger workflows.

[github-actions]

Checks are failing. Will not request review until checks are succeeding. If you'd like to override that behavior, comment assign set of reviewers

[github-actions]

Assigning reviewers:

R: @liferoad for label python.

Note: If you would like to opt out of this review, comment assign to next reviewer.

Available commands:

• stop reviewer notifications - opt out of the automated review tooling
• remind me after tests pass - tag the comment author after tests pass
• waiting on author - shift the attention set back to the author (any comment or push by the author will return the attention set to the reviewers)

The PR bot will only process comments in the main thread (not review comments).

[liferoad]

cc @Abacn you probably still need to run the package updates as the post-release task.

[liferoad]

2025-05-09T16:25:55.0570757Z Collecting crcmod<2.0,>=1.7
2025-05-09T16:25:55.0572835Z   Downloading crcmod-1.7.tar.gz (89 kB)
2025-05-09T16:25:55.0574962Z   Installing build dependencies: started
2025-05-09T16:25:55.0577695Z   Installing build dependencies: finished with status 'done'
2025-05-09T16:25:55.0580333Z   Getting requirements to build wheel: started
2025-05-09T16:25:55.0583785Z   Getting requirements to build wheel: finished with status 'done'
2025-05-09T16:25:55.0596781Z �[31m  error: subprocess-exited-with-error
2025-05-09T16:25:55.0599269Z   
2025-05-09T16:25:55.0601501Z   ?? Getting requirements to build wheel did not run successfully.
2025-05-09T16:25:55.0604374Z   ??? exit code: 1
2025-05-09T16:25:55.0759695Z   ??????> [17 lines of output]
2025-05-09T16:25:55.0761860Z       Traceback (most recent call last):
2025-05-09T16:25:55.0839119Z         File "/runner/_work/beam/beam/sdks/python/test-suites/tox/py310/build/srcs/sdks/python/target/.tox-py310-ml/py310-ml/lib/python3.10/site-packages/pip/_vendor/pyproject_hooks/_in_process/_in_process.py", line 389, in <module>
2025-05-09T16:25:55.0845236Z           main()
2025-05-09T16:25:55.0850494Z         File "/runner/_work/beam/beam/sdks/python/test-suites/tox/py310/build/srcs/sdks/python/target/.tox-py310-ml/py310-ml/lib/python3.10/site-packages/pip/_vendor/pyproject_hooks/_in_process/_in_process.py", line 373, in main
2025-05-09T16:25:55.0855586Z           json_out["return_val"] = hook(**hook_input["kwargs"])
2025-05-09T16:25:55.0861189Z         File "/runner/_work/beam/beam/sdks/python/test-suites/tox/py310/build/srcs/sdks/python/target/.tox-py310-ml/py310-ml/lib/python3.10/site-packages/pip/_vendor/pyproject_hooks/_in_process/_in_process.py", line 143, in get_requires_for_build_wheel
2025-05-09T16:25:55.0865846Z           return hook(config_settings)
2025-05-09T16:25:55.0869324Z         File "/tmp/pip-build-env-tsh3ftqv/overlay/lib/python3.10/site-packages/setuptools/build_meta.py", line 331, in get_requires_for_build_wheel
2025-05-09T16:25:55.0872269Z           return self._get_build_requires(config_settings, requirements=[])
2025-05-09T16:25:55.0875762Z         File "/tmp/pip-build-env-tsh3ftqv/overlay/lib/python3.10/site-packages/setuptools/build_meta.py", line 301, in _get_build_requires
2025-05-09T16:25:55.0879186Z           self.run_setup()
2025-05-09T16:25:55.0882933Z         File "/tmp/pip-build-env-tsh3ftqv/overlay/lib/python3.10/site-packages/setuptools/build_meta.py", line 512, in run_setup
2025-05-09T16:25:55.0886266Z           super().run_setup(setup_script=setup_script)
2025-05-09T16:25:55.0890411Z         File "/tmp/pip-build-env-tsh3ftqv/overlay/lib/python3.10/site-packages/setuptools/build_meta.py", line 317, in run_setup
2025-05-09T16:25:55.0896069Z           exec(code, locals())
2025-05-09T16:25:55.0897646Z         File "<string>", line 34, in <module>
2025-05-09T16:25:55.0900128Z       RuntimeError: Python version 2.7 or 3.4+ is required.
2025-05-09T16:25:55.0902369Z       [end of output]
2025-05-09T16:25:55.0904059Z   
2025-05-09T16:25:55.0906098Z   note: This error originates from a subprocess, and is likely not a problem with pip.
2025-05-09T16:25:55.0908724Z error: subprocess-exited-with-error

[github-actions]

Reminder, please take a look at this pr: @liferoad

[liferoad]

@Abacn do we still need this PR?

[Abacn]

this will break beam installation on any python environment that has a dependency with upper bounded cryptography<44

To resolve vulnerability in container, update container requirements are sufficient