-
Notifications
You must be signed in to change notification settings - Fork 1.5k
Closed
Description
After updating cryptography
to 43.0.0 to fix a vulnerability, this CryptographyDeprecationWarning
warning shows (and is loud in the sense it raises on important).
Environment
Which environment were you using when you encountered the problem?
$ python -m platform
# x86_64-unknown-linux-gnu
$ python -c "import pypdf;print(pypdf._debug_versions)"
# .venv/lib/python3.12/site-packages/pypdf/_crypt_providers/_cryptography.py:32: CryptographyDeprecationWarning: ARC4 has been moved to cryptography.hazmat.decrepit.ciphers.algorithms.ARC4 and will be removed from this module in 48.0.0.
from cryptography.hazmat.primitives.ciphers.algorithms import AES, ARC4
pypdf==3.17.4, crypt_provider=('cryptography', '43.0.1'), PIL=10.3.0
cryptography
Code + PDF
This is a minimal, complete example that shows the issue:
mypy
.venv/lib/python3.12/site-packages/pypdf/_crypt_providers/_cryptography.py:32: CryptographyDeprecationWarning: ARC4 has been moved to cryptography.hazmat.decrepit.ciphers.algorithms.ARC4 and will be removed from this module in 48.0.0.
from cryptography.hazmat.primitives.ciphers.algorithms import AES, ARC4
Success: no issues found in 3 source files
Does not require a PDF, merely having the module processed or eval'd into runtime shows the warning.
Traceback
This is the complete traceback I see:
.venv/lib/python3.12/site-packages/pypdf/_crypt_providers/_cryptography.py:32: CryptographyDeprecationWarning: ARC4 has been moved to cryptography.hazmat.decrepit.ciphers.algorithms.ARC4 and will be removed from this module in 48.0.0.
from cryptography.hazmat.primitives.ciphers.algorithms import AES, ARC4
Metadata
Metadata
Assignees
Labels
No labels