chore: Update aws-encryption-sdk requirement from <4,>=3.1.1 to >=3.1.1,<5 by dependabot[bot] · Pull Request #37

chore: Update aws-encryption-sdk requirement from <4,>=3.1.1 to >=3.1.1,<5 by dependabot[bot] · Pull Request #37 · Specter099/envault-cli

Updates the requirements on aws-encryption-sdk to permit the latest version.

Release notes

Sourced from aws-encryption-sdk's releases.

4.0.4 -- 2026-02-26

Maintenance

deps: Extend supported MPL_ versions to include v1.11.2 #788

MPL v1.11.2 fixes de-serializing Error_OpaqueWithText and bumps cryptography upperbound to <47 due to CVE-2026-26007 (#1800)

NOTE

This library is NOT impacted by CVE-2026-26007. This library does not use SECT curves.

Changelog

Sourced from aws-encryption-sdk's changelog.

4.0.4 -- 2025-09-03

Maintenance

deps: Extend supported MPL_ versions to include v1.11.2 [#788](https://github.com/aws/aws-encryption-sdk-python/issues/788) <https://github.com/aws/aws-encryption-sdk-python/pull/788>_

MPL v1.11.2 fixes de-serializing Error_OpaqueWithText

4.0.3 -- 2025-09-03

Maintenance

deps: Extend supported MPL_ versions to include v1.11.1 [#770](https://github.com/aws/aws-encryption-sdk-python/issues/770) <https://github.com/aws/aws-encryption-sdk-python/pull/770>_

MPL v1.11.1 updates pytz version range to include 2025 releases.

4.0.2 -- 2025-06-30

Maintenance

deps: Extend supported MPL_ versions to include v1.11.0 [#763](https://github.com/aws/aws-encryption-sdk-python/issues/763) <https://github.com/aws/aws-encryption-sdk-python/pull/763>_

MPL v1.11.0 contains performance improvements for the hierarchical keyring and extends the range of supported cryptography versions.

4.0.1 -- 2025-03-26

Fixes

fix: Improve header serialization [#747](https://github.com/aws/aws-encryption-sdk-python/issues/747) <https://github.com/aws/aws-encryption-sdk-python/pull/747>_

ESDK-Python <4.0.1 would truncate non-ASCII key provider IDs it wrote to message headers. If a Raw or Custom MasterKeyProvider or Keyring supplied a non-ASCII key provider ID / key namespace, ESDK-Python would truncate the the key provider ID it wrote to the message's header. The message can be decrypted by replacing the truncated provider ID with the expected provider ID in decryption code. Contact AWS for any questions about this approach.

Maintenance

deps: Extend supported MPL_ versions to include v1.10.0

4.0.0 -- 2024-10-29

... (truncated)

Commits

2153057 chore: preflight for 4.0.4 release (#789)
5e0aed7 chore: extend mpl support for 1.11.2 (#788)
20ec402 chore(CI): fix CI (#785)
b441d84 chore: : scope down GitHub Token permissions (#786)
d316a18 chore: update CHANGELOG for v4.0.3 (#770)
cbfab66 chore(CI): clean up gha and unused files (#767)
ee9e3f8 chore: remove uploading fake artifacts during release (#765)
848f171 chore: Update CHANGELOG for v4.0.2 (#763)
b423f5c chore(CI): Use Github Actions to start CodeBuild builds (#762)
0dd4e16 chore: Update SUPPORT_POLICY.rst (#756)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)