Skip to content

build(deps): update openssl requirement from ~> 3.3 to ~> 4.0 #2354

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
YYChen01988 merged 1 commit into from
Dec 16, 2025
Merged

build(deps): update openssl requirement from ~> 3.3 to ~> 4.0 #2354

YYChen01988 merged 1 commit into from
Dec 16, 2025

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 15, 2025

Updates the requirements on openssl to permit the latest version.

Release notes

Sourced from openssl's releases.

v4.0.0

A high-level overview is available in History.md: https://github.com/ruby/openssl/blob/master/History.md#version-400

Merged Pull Requests

... (truncated)

Changelog

Sourced from openssl's changelog.

Version 4.0.0

Compatibility

  • Ruby >= 2.7
  • OpenSSL >= 1.1.1, LibreSSL >= 3.9, and AWS-LC 1.66.0

Notable changes

  • OpenSSL::SSL
    • Reduce overhead when writing to OpenSSL::SSL::SSLSocket. #syswrite no longer creates a temporary String object. [[GitHub #831]](ruby/openssl#831)
    • Make OpenSSL::SSL::SSLContext#min_version= and #max_version= wrap the corresponding OpenSSL APIs directly, and remove the fallback to SSL options. [[GitHub #849]](ruby/openssl#849)
    • Add OpenSSL::SSL::SSLContext#sigalgs= and #client_sigalgs= for specifying signature algorithms to use for connections. [[GitHub #895]](ruby/openssl#895)
    • Rename OpenSSL::SSL::SSLContext#ecdh_curves= to #groups= following the underlying OpenSSL API rename. This method is no longer specific to ECDHE. The old method remains as an alias. [[GitHub #900]](ruby/openssl#900)
    • Add OpenSSL::SSL::SSLSocket#sigalg, #peer_sigalg, and #group for getting the signature algorithm and the key agreement group used in the current connection. [[GitHub #908]](ruby/openssl#908)
    • Enable SSL_CTX_set_dh_auto() for servers by default. [[GitHub #924]](ruby/openssl#924)
    • Improve Ractor compatibility. Note that the internal-use constant OpenSSL::SSL::SSLContext::DEFAULT_PARAMS is now frozen. [[GitHub #925]](ruby/openssl#925)
  • OpenSSL::PKey
    • Remove OpenSSL::PKey::EC::Point#mul support with array arguments. The underlying OpenSSL API has been removed, and the method has been deprecated since ruby/openssl v3.0.0. [[GitHub #843]](ruby/openssl#843)
    • OpenSSL::PKey::{RSA,DSA,DH}#params uses nil to indicate missing fields instead of the number 0. [[GitHub #774]](ruby/openssl#774)
    • Unify OpenSSL::PKey::PKeyError classes. The former subclasses OpenSSL::PKey::DHError, OpenSSL::PKey::DSAError,

... (truncated)

Commits
  • 5af1eda Ruby/OpenSSL 4.0.0
  • 5880083 Merge pull request #985 from rhenium/ky/freeze-string-constants
  • 2a6f41e Merge pull request #987 from ruby/dependabot/github_actions/step-security/har...
  • 16c58b9 Merge pull request #986 from ruby/dependabot/github_actions/actions/cache-5
  • 2b94376 build(deps): bump step-security/harden-runner from 2.13.3 to 2.14.0
  • 8641e35 build(deps): bump actions/cache from 4 to 5
  • b0de8ba ossl.c: improve docs for constants and methods under ::OpenSSL
  • 695126f Freeze more constants for Ractor compatibility
  • 42effce Merge pull request #983 from rhenium/ky/pkcs7-init-raise-pkcs7error
  • 3c38181 Merge pull request #984 from rhenium/ky/x509cert-eq-document-wrong
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build(deps): update openssl requirement from ~> 3.3 to ~> 4.0
4a2c3b6 
Updates the requirements on [openssl](https://github.com/ruby/openssl) to permit the latest version.
- [Release notes](https://github.com/ruby/openssl/releases)
- [Changelog](https://github.com/ruby/openssl/blob/master/History.md)
- [Commits](ruby/openssl@v3.3.0...v4.0.0)

---
updated-dependencies:
- dependency-name: openssl
  dependency-version: 4.0.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file ruby Pull requests that update ruby code labels Dec 15, 2025
@bugsnagbot
Copy link
Collaborator

bugsnagbot commented Dec 15, 2025

Android notifier sizes

Format Size impact of Bugsnag (kB) Size impact of Bugsnag when Minified (kB)
APK 1841.84 1603.14
arm64_v8a 651.52 409.86
armeabi_v7a 594.18 352.52
x86 725.23 483.57
x86_64 696.57 454.9

Generated by 🚫 Danger

@YYChen01988 YYChen01988 merged commit fea0249 into next Dec 16, 2025
40 checks passed
@YYChen01988 YYChen01988 deleted the dependabot/bundler/openssl-tw-4.0 branch December 16, 2025 08:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@YYChen01988 YYChen01988 YYChen01988 approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file ruby Pull requests that update ruby code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@bugsnagbot @YYChen01988