On Mon, 7 Sep 2020 09:41:28 +0200 Tristan Seligmann <mithra...@mithrandi.net> wrote: > I think the upper bound is just bogus and should be removed. Upstream > seems to have added it under the assumption that cryptography follows > semver, but it does not: 2.9 to 3.0 offers the same compatibility > guarantees as 2.8 to 2.9.
There are several backward incompatible changes, as one can see from the changelog: https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst As documented, only "patch" increments are guaranteed to be backward compatible: https://cryptography.io/en/latest/api-stability/ I'll check and see if azure-cli is affected by those breakages. -- Kind regards, Luca Boccassi
signature.asc
Description: This is a digitally signed message part
