chore(deps): update dependency pyopenssl to v23.3.0

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
pyOpenSSL (source)	==23.1.0 -> ==23.3.0

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

pyca/pyopenssl (pyOpenSSL)

v23.3.0

Compare Source

Backward-incompatible changes:
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

• Dropped support for Python 3.6.
• The minimum cryptography version is now 41.0.5.
• Removed OpenSSL.crypto.loads_pkcs7 and OpenSSL.crypto.loads_pkcs12 which had been deprecated for 3 years.
• Added OpenSSL.SSL.OP_LEGACY_SERVER_CONNECT to allow legacy insecure renegotiation between OpenSSL and unpatched servers.
  #&#8203;1234 <https://github.com/pyca/pyopenssl/pull/1234>_.

Deprecations:
^^^^^^^^^^^^^

• Deprecated OpenSSL.crypto.PKCS12 (which was intended to have been deprecated at the same time as OpenSSL.crypto.load_pkcs12).
• Deprecated OpenSSL.crypto.NetscapeSPKI.
• Deprecated OpenSSL.crypto.CRL
• Deprecated OpenSSL.crypto.Revoked
• Deprecated OpenSSL.crypto.load_crl and OpenSSL.crypto.dump_crl
• Deprecated OpenSSL.crypto.sign and OpenSSL.crypto.verify
• Deprecated OpenSSL.crypto.X509Extension

Changes:
^^^^^^^^

• Changed OpenSSL.crypto.X509Store.add_crl to also accept
  cryptography's x509.CertificateRevocationList arguments in addition
  to the now deprecated OpenSSL.crypto.CRL arguments.
• Fixed test_set_default_verify_paths test so that it is skipped if no
  network connection is available.

v23.2.0

Compare Source

Backward-incompatible changes:
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

• Removed X509StoreFlags.NOTIFY_POLICY.
  #&#8203;1213 <https://github.com/pyca/pyopenssl/pull/1213>_.

Deprecations:
^^^^^^^^^^^^^

Changes:
^^^^^^^^

• cryptography maximum version has been increased to 41.0.x.
• Invalid versions are now rejected in OpenSSL.crypto.X509Req.set_version.
• Added X509VerificationCodes to OpenSSL.SSL.
  #&#8203;1202 <https://github.com/pyca/pyopenssl/pull/1202>_.

v23.1.1

Compare Source

Backward-incompatible changes:
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Deprecations:
^^^^^^^^^^^^^

Changes:
^^^^^^^^

• Worked around an issue in OpenSSL 3.1.0 which caused X509Extension.get_short_name to raise an exception when no short name was known to OpenSSL.
  #&#8203;1204 <https://github.com/pyca/pyopenssl/pull/1204>_.

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - "after 9am every weekday,before 5pm every weekday" (UTC).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[renovate]

⚠ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: pdm.lock

Command failed: pdm update --no-sync pyOpenSSL
STATUS: Resolving dependencies
STATUS: Resolving: new pin python>=3.10
STATUS: Resolving: new pin bazel-runfiles 0.25.0
STATUS: Resolving: new pin black 23.3.0
STATUS: Resolving: new pin pulumi 3.86.0
STATUS: Resolving: new pin pyyaml 6.0
STATUS: Resolving: new pin semver 2.13.0
STATUS: Resolving: new pin pulumi-command 0.9.1
STATUS: Resolving: new pin pulumi-kubernetes 4.3.0
STATUS: Resolving: new pin requests 2.31.0
STATUS: Resolving: new pin pyinfra 2.7
STATUS: Resolving: new pin pyOpenSSL 23.3.0
STATUS: Resolving: new pin pytest 7.3.1
STATUS: Resolving: new pin pytest-cov 3.0.0
STATUS: Resolving: new pin pytest-homeassistant-custom-component 0.13.39
STATUS: Resolving: new pin pytest-opentelemetry 1.0.0
STATUS: Resolving: new pin pytest-testinfra 9.0.0
STATUS: Resolving: new pin tzdata 2023.3
STATUS: Resolving: new pin poetry-core 1.7.0
STATUS: Resolving: new pin setuptools 68.2.2
STATUS: Resolving: new pin wheel 0.41.2
STATUS: Resolving: new pin tomli 2.0.1
STATUS: Resolving: new pin coverage 7.2.4
STATUS: Resolving: new pin freezegun 1.2.2
STATUS: Resolving: new pin grpcio 1.56.2
🔒 Lock failed
WARNING: Unable to find a resolution for cryptography
because of the following conflicts:
  cryptography<42,>=41.0.5 (from [email protected])
  cryptography==40.0.2 (from [email protected])
To fix this, you could loosen the dependency version constraints in pyproject.toml. See https://pdm-project.org/latest/usage/dependency/#solve-the-locking-failure for more details.
See /tmp/pdm-lock-ddfwb4uh.log for detailed debug log.
[ResolutionImpossible]: Unable to find a resolution
WARNING: Add '-v' to see the detailed traceback