cryptography/pyproject.toml

[build-system]
# These requirements must be kept sync with the requirements in
# ./.github/requirements/build-requirements.{in,txt}
requires = [
    "maturin>=1,<2",

    # Must be kept in sync with `project.dependencies`
    "cffi>=1.12; platform_python_implementation != 'PyPy'",
    # Used by cffi (which import distutils, and in Python 3.12, distutils has
    # been removed from the stdlib, but installing setuptools puts it back) as
    # well as our build.rs for the rust/cffi bridge.
    "setuptools!=74.0.0,!=74.1.0,!=74.1.1,!=74.1.2",
]
build-backend = "maturin"

[project]
name = "cryptography"
version = "45.0.0.dev1"
authors = [
    { name = "The Python Cryptographic Authority and individual contributors", email = "cryptography-dev@python.org" },
]
description = "cryptography is a package which provides cryptographic recipes and primitives to Python developers."
readme = "README.rst"
license = { text = "Apache-2.0 OR BSD-3-Clause" }
classifiers = [
    "Development Status :: 5 - Production/Stable",
    "Intended Audience :: Developers",
    "License :: OSI Approved :: Apache Software License",
    "License :: OSI Approved :: BSD License",
    "Natural Language :: English",
    "Operating System :: MacOS :: MacOS X",
    "Operating System :: POSIX",
    "Operating System :: POSIX :: BSD",
    "Operating System :: POSIX :: Linux",
    'Operating System :: Microsoft :: Windows',
    "Programming Language :: Python",
    "Programming Language :: Python :: 3",
    "Programming Language :: Python :: 3 :: Only",
    "Programming Language :: Python :: 3.7",
    "Programming Language :: Python :: 3.8",
    "Programming Language :: Python :: 3.9",
    "Programming Language :: Python :: 3.10",
    "Programming Language :: Python :: 3.11",
    "Programming Language :: Python :: 3.12",
    "Programming Language :: Python :: 3.13",
    "Programming Language :: Python :: Implementation :: CPython",
    "Programming Language :: Python :: Implementation :: PyPy",
    "Topic :: Security :: Cryptography",
]
requires-python = ">=3.7,!=3.9.0,!=3.9.1"
dependencies = [
    # Must be kept in sync with `build-system.requires`
    "cffi>=1.12; platform_python_implementation != 'PyPy'",
]

[project.urls]
homepage = "https://github.com/pyca/cryptography"
documentation = "https://cryptography.io/"
source = "https://github.com/pyca/cryptography/"
issues = "https://github.com/pyca/cryptography/issues"
changelog = "https://cryptography.io/en/latest/changelog/"

[project.optional-dependencies]
ssh = ["bcrypt >=3.1.5"]

# All the following are used for our own testing.
nox = ["nox >=2024.04.15", "nox[uv] >=2024.03.02; python_version >= '3.8'"]
test = [
    "cryptography_vectors",
    "pytest >=7.4.0",
    "pytest-benchmark >=4.0",
    "pytest-cov >=2.10.1",
    "pytest-xdist >=3.5.0",
    "pretend >=0.7",
    "certifi >=2024",
]
test-randomorder = ["pytest-randomly"]
docs = [
    "sphinx >=5.3.0",
    "sphinx-rtd-theme >=3.0.0; python_version >= '3.8'",
    "sphinx-inline-tabs; python_version >= '3.8'",
]
docstest = [
    "pyenchant >=3",
    "readme-renderer >=30.0",
    "sphinxcontrib-spelling >=7.3.1",
]
sdist = ["build >=1.0.0"]
# `click` included because its needed to type check `release.py`
pep8test = [
    "ruff >=0.3.6",
    "mypy >=1.4",
    "check-sdist; python_version >= '3.8'",
    "click >=8.0.1",
]

[tool.maturin]
python-source = "src"
python-packages = ["cryptography"]
manifest-path = "src/rust/Cargo.toml"
module-name = "cryptography.hazmat.bindings._rust"
locked = true
sdist-generator = "git"
features = ["pyo3/abi3-py37"]
include = [
    "CHANGELOG.rst",
    "CONTRIBUTING.rst",
    "LICENSE",
    "LICENSE.APACHE",
    "LICENSE.BSD",

    "docs/**/*",

    "src/_cffi_src/**/*.py",
    "src/_cffi_src/**/*.c",
    "src/_cffi_src/**/*.h",

    "Cargo.toml",
    "Cargo.lock",
    "src/rust/**/Cargo.toml",
    "src/rust/**/Cargo.lock",
    "src/rust/**/*.rs",

    "tests/**/*.py",
]
exclude = [
    "vectors/**/*",
    "target/**/*",
    "docs/_build/**/*",
    ".github/**/*",
    ".readthedocs.yml",
    "ci-constraints-requirements.txt",
    "mypy.ini",
]

[tool.pytest.ini_options]
addopts = "-r s --capture=no --strict-markers --benchmark-disable"
console_output_style = "progress-even-when-capture-no"
markers = [
    "skip_fips: this test is not executed in FIPS mode",
    "supported: parametrized test requiring only_if and skip_message",
]

[tool.mypy]
show_error_codes = true
check_untyped_defs = true
no_implicit_reexport = true
warn_redundant_casts = true
warn_unused_ignores = true
warn_unused_configs = true
strict_equality = true

[[tool.mypy.overrides]]
module = ["pretend"]
ignore_missing_imports = true

[tool.coverage.run]
branch = true
relative_files = true
source = ["cryptography", "tests/"]

[tool.coverage.paths]
source = [
    "src/cryptography",
    "*.nox/*/lib*/python*/site-packages/cryptography",
    "*.nox\\*\\Lib\\site-packages\\cryptography",
    "*.nox/pypy/site-packages/cryptography",
]
tests = ["tests/", "*tests\\"]

[tool.coverage.report]
exclude_lines = [
    "@abc.abstractmethod",
    "@typing.overload",
    "if typing.TYPE_CHECKING",
]

[tool.ruff]
line-length = 79

lint.ignore = ['N818']
lint.select = ['E', 'F', 'I', 'N', 'W', 'UP', 'RUF']

[tool.ruff.lint.isort]
known-first-party = ["cryptography", "cryptography_vectors", "tests"]

[tool.check-sdist]
git-only = [
    "vectors/*",
    "release.py",
    "ci-constraints-requirements.txt",
    ".gitattributes",
    ".gitignore",
]
Fixes #3548 - add a pyproject.toml (#4363) 2018-07-23 17:10:13 +00:00			`[build-system]`
fixed typos and confusing phrasing in comment (#10477) 2024-02-25 19:49:27 +00:00			`# These requirements must be kept sync with the requirements in`
fixed typo in comment (#11490) 2024-08-26 22:55:00 +00:00			`# ./.github/requirements/build-requirements.{in,txt}`
Fixes #3548 - add a pyproject.toml (#4363) 2018-07-23 17:10:13 +00:00			`requires = [`
Switch to maturin. (#8815) It seems to be much faster at doing things locally. 2024-07-05 18:57:08 +00:00			`"maturin>=1,<2",`

Migrate from setup.cfg to pyproject.toml completely (#8116) One less file? 2023-03-24 20:59:44 +00:00			# Must be kept in sync with `project.dependencies`
Revert "Ban cffi version that makes CI sad (#6418)" (#6441) * Revert "Ban cffi version that makes CI sad (#6418)" This reverts commit bba65084eadca64776d520004ded10375ab5d30e. * Run the necessary teardown code always * Restore this 2021-10-19 11:45:04 +00:00			`"cffi>=1.12; platform_python_implementation != 'PyPy'",`
Update explanation for setuptools dep (#12254) 2025-01-08 12:09:29 +00:00			`# Used by cffi (which import distutils, and in Python 3.12, distutils has`
			`# been removed from the stdlib, but installing setuptools puts it back) as`
			`# well as our build.rs for the rust/cffi bridge.`
Use uv for building sdists (#11549) Hash-pin dependencies refs #11548 2024-09-07 02:39:35 +00:00			`"setuptools!=74.0.0,!=74.1.0,!=74.1.1,!=74.1.2",`
Fixes #3548 - add a pyproject.toml (#4363) 2018-07-23 17:10:13 +00:00			`]`
Switch to maturin. (#8815) It seems to be much faster at doing things locally. 2024-07-05 18:57:08 +00:00			`build-backend = "maturin"`
Paint it Black by the Rolling Stones (#5324) 2020-07-20 18:06:29 +00:00
Migrate from setup.cfg to pyproject.toml completely (#8116) One less file? 2023-03-24 20:59:44 +00:00			`[project]`
			`name = "cryptography"`
reopen for 45 (#12053) 2024-11-27 18:16:39 +00:00			`version = "45.0.0.dev1"`
Migrate from setup.cfg to pyproject.toml completely (#8116) One less file? 2023-03-24 20:59:44 +00:00			`authors = [`
Update explanation for setuptools dep (#12254) 2025-01-08 12:09:29 +00:00			`{ name = "The Python Cryptographic Authority and individual contributors", email = "cryptography-dev@python.org" },`
Migrate from setup.cfg to pyproject.toml completely (#8116) One less file? 2023-03-24 20:59:44 +00:00			`]`
			`description = "cryptography is a package which provides cryptographic recipes and primitives to Python developers."`
Make the readme metadata static (#8639) 2023-03-31 06:13:40 +00:00			`readme = "README.rst"`
Update explanation for setuptools dep (#12254) 2025-01-08 12:09:29 +00:00			`license = { text = "Apache-2.0 OR BSD-3-Clause" }`
Migrate from setup.cfg to pyproject.toml completely (#8116) One less file? 2023-03-24 20:59:44 +00:00			`classifiers = [`
			`"Development Status :: 5 - Production/Stable",`
			`"Intended Audience :: Developers",`
			`"License :: OSI Approved :: Apache Software License",`
			`"License :: OSI Approved :: BSD License",`
			`"Natural Language :: English",`
			`"Operating System :: MacOS :: MacOS X",`
			`"Operating System :: POSIX",`
			`"Operating System :: POSIX :: BSD",`
			`"Operating System :: POSIX :: Linux",`
			`'Operating System :: Microsoft :: Windows',`
			`"Programming Language :: Python",`
			`"Programming Language :: Python :: 3",`
			`"Programming Language :: Python :: 3 :: Only",`
			`"Programming Language :: Python :: 3.7",`
			`"Programming Language :: Python :: 3.8",`
			`"Programming Language :: Python :: 3.9",`
			`"Programming Language :: Python :: 3.10",`
			`"Programming Language :: Python :: 3.11",`
Add Python 3.12 classifier (#9507) 2023-08-26 20:53:09 +00:00			`"Programming Language :: Python :: 3.12",`
added 3.13 trove classifier since we test on it (#11491) 2024-08-26 22:55:34 +00:00			`"Programming Language :: Python :: 3.13",`
Migrate from setup.cfg to pyproject.toml completely (#8116) One less file? 2023-03-24 20:59:44 +00:00			`"Programming Language :: Python :: Implementation :: CPython",`
			`"Programming Language :: Python :: Implementation :: PyPy",`
			`"Topic :: Security :: Cryptography",`
			`]`
Prohibit Python 3.9.0, 3.9.1 -- they have a bug that causes errors (#12045) 2024-11-26 16:23:15 +00:00			`requires-python = ">=3.7,!=3.9.0,!=3.9.1"`
Migrate from setup.cfg to pyproject.toml completely (#8116) One less file? 2023-03-24 20:59:44 +00:00			`dependencies = [`
			# Must be kept in sync with `build-system.requires`
Manually bump pydantic (#10106) * Manually bump pydantic For some reason, dependabot chokes on it * Update pyproject.toml 2024-01-01 19:17:08 +00:00			`"cffi>=1.12; platform_python_implementation != 'PyPy'",`
Migrate from setup.cfg to pyproject.toml completely (#8116) One less file? 2023-03-24 20:59:44 +00:00			`]`

			`[project.urls]`
			`homepage = "https://github.com/pyca/cryptography"`
			`documentation = "https://cryptography.io/"`
			`source = "https://github.com/pyca/cryptography/"`
			`issues = "https://github.com/pyca/cryptography/issues"`
			`changelog = "https://cryptography.io/en/latest/changelog/"`

			`[project.optional-dependencies]`
			`ssh = ["bcrypt >=3.1.5"]`

			`# All the following are used for our own testing.`
Added minimal bounds for a bunch of dependencies (#11953) 2024-11-17 14:34:00 +00:00			`nox = ["nox >=2024.04.15", "nox[uv] >=2024.03.02; python_version >= '3.8'"]`
Migrate from setup.cfg to pyproject.toml completely (#8116) One less file? 2023-03-24 20:59:44 +00:00			`test = [`
reopen for 45 (#12053) 2024-11-27 18:16:39 +00:00			`"cryptography_vectors",`
Added minimal bounds for a bunch of dependencies (#11953) 2024-11-17 14:34:00 +00:00			`"pytest >=7.4.0",`
			`"pytest-benchmark >=4.0",`
			`"pytest-cov >=2.10.1",`
			`"pytest-xdist >=3.5.0",`
			`"pretend >=0.7",`
			`"certifi >=2024",`
Migrate from setup.cfg to pyproject.toml completely (#8116) One less file? 2023-03-24 20:59:44 +00:00			`]`
			`test-randomorder = ["pytest-randomly"]`
Update explanation for setuptools dep (#12254) 2025-01-08 12:09:29 +00:00			`docs = [`
			`"sphinx >=5.3.0",`
			`"sphinx-rtd-theme >=3.0.0; python_version >= '3.8'",`
			`"sphinx-inline-tabs; python_version >= '3.8'",`
			`]`
			`docstest = [`
			`"pyenchant >=3",`
			`"readme-renderer >=30.0",`
			`"sphinxcontrib-spelling >=7.3.1",`
			`]`
Specify minimum versions for more deps (#11924) Right now our deps are basically wrong, and impossible to use with lowest version resolution. Let's start trying to specify minimums so our deps are properly accurate. 2024-11-11 14:31:49 +00:00			`sdist = ["build >=1.0.0"]`
Alway use ruff format (#9778) 2023-10-25 22:15:44 +00:00			# `click` included because its needed to type check `release.py`
Update explanation for setuptools dep (#12254) 2025-01-08 12:09:29 +00:00			`pep8test = [`
			`"ruff >=0.3.6",`
			`"mypy >=1.4",`
			`"check-sdist; python_version >= '3.8'",`
			`"click >=8.0.1",`
			`]`
Migrate from setup.cfg to pyproject.toml completely (#8116) One less file? 2023-03-24 20:59:44 +00:00
Switch to maturin. (#8815) It seems to be much faster at doing things locally. 2024-07-05 18:57:08 +00:00			`[tool.maturin]`
			`python-source = "src"`
			`python-packages = ["cryptography"]`
			`manifest-path = "src/rust/Cargo.toml"`
			`module-name = "cryptography.hazmat.bindings._rust"`
			`locked = true`
			`sdist-generator = "git"`
			`features = ["pyo3/abi3-py37"]`
			`include = [`
			`"CHANGELOG.rst",`
			`"CONTRIBUTING.rst",`
			`"LICENSE",`
			`"LICENSE.APACHE",`
			`"LICENSE.BSD",`

			`"docs/*/",`
Migrate a bit more logic to pyproject.toml (#9489) 2023-08-23 14:32:16 +00:00
Switch to maturin. (#8815) It seems to be much faster at doing things locally. 2024-07-05 18:57:08 +00:00			`"src/_cffi_src/*/.py",`
			`"src/_cffi_src/*/.c",`
			`"src/_cffi_src/*/.h",`

build: remove cargo.toml files from wheels (#12091) 2024-12-03 00:03:33 +00:00			`"Cargo.toml",`
			`"Cargo.lock",`
			`"src/rust/**/Cargo.toml",`
			`"src/rust/**/Cargo.lock",`
Switch to maturin. (#8815) It seems to be much faster at doing things locally. 2024-07-05 18:57:08 +00:00			`"src/rust/*/.rs",`

			`"tests/*/.py",`
			`]`
			`exclude = [`
			`"vectors/*/",`
build: remove cargo.toml files from wheels (#12091) 2024-12-03 00:03:33 +00:00			`"target/*/",`
Switch to maturin. (#8815) It seems to be much faster at doing things locally. 2024-07-05 18:57:08 +00:00			`"docs/_build/*/",`
			`".github/*/",`
			`".readthedocs.yml",`
			`"ci-constraints-requirements.txt",`
			`"mypy.ini",`
			`]`
Migrate a bit more logic to pyproject.toml (#9489) 2023-08-23 14:32:16 +00:00
put pytest configuration somewhere that goes in the sdist (#5648) fixes #5646 2020-12-15 14:42:34 +00:00			`[tool.pytest.ini_options]`
Switch from pytest-subtests to a mini-version that's faster (#8613) 2023-03-29 02:28:17 +00:00			`addopts = "-r s --capture=no --strict-markers --benchmark-disable"`
add pytest flag to show percentage at all times (#8474) progress-even-when-capture-no isn't in a released pytest yet, but when https://github.com/pytest-dev/pytest/pull/10755 is released this will work. Until then this flag will simply have no effect. Also add a COLUMNS variable and pass it through to tox so we can limit column width to 80 in CI 2023-03-09 11:02:46 +00:00			`console_output_style = "progress-even-when-capture-no"`
put pytest configuration somewhere that goes in the sdist (#5648) fixes #5646 2020-12-15 14:42:34 +00:00			`markers = [`
			`"skip_fips: this test is not executed in FIPS mode",`
			`"supported: parametrized test requiring only_if and skip_message",`
			`]`
Adding mypy configuration to pyproject (#6116) * Adding mypy configuration to pytproject * Correcting specifications for pyproject.toml 2021-06-19 17:39:00 +00:00
			`[tool.mypy]`
			`show_error_codes = true`
			`check_untyped_defs = true`
turn on mypy disallow implicit reexport and fix issues (#6240) * turn on mypy disallow implicit reexport and fix issues * import ordering 2021-08-29 19:18:18 +00:00			`no_implicit_reexport = true`
add some more mypy flags (#6751) remove some unneeded type ignores. This work found a missing type and added it as well. 2021-12-23 12:55:23 +00:00			`warn_redundant_casts = true`
			`warn_unused_ignores = true`
a few more mypy flags and fixes (#7877) 2022-12-04 23:38:51 +00:00			`warn_unused_configs = true`
			`strict_equality = true`
Adding mypy configuration to pyproject (#6116) * Adding mypy configuration to pytproject * Correcting specifications for pyproject.toml 2021-06-19 17:39:00 +00:00
			`[[tool.mypy.overrides]]`
Update explanation for setuptools dep (#12254) 2025-01-08 12:09:29 +00:00			`module = ["pretend"]`
Adding mypy configuration to pyproject (#6116) * Adding mypy configuration to pytproject * Correcting specifications for pyproject.toml 2021-06-19 17:39:00 +00:00			`ignore_missing_imports = true`
Move coverage configuration into pyproject.toml (#7274) 2022-05-26 22:35:05 +00:00
			`[tool.coverage.run]`
			`branch = true`
			`relative_files = true`
Update explanation for setuptools dep (#12254) 2025-01-08 12:09:29 +00:00			`source = ["cryptography", "tests/"]`
Move coverage configuration into pyproject.toml (#7274) 2022-05-26 22:35:05 +00:00
			`[tool.coverage.paths]`
			`source = [`
fix weird 3-space indents (#11387) * fix weird 3-space indents * Update pyproject.toml 2024-08-04 18:50:38 +00:00			`"src/cryptography",`
			`".nox//lib/python/site-packages/cryptography",`
			`".nox\\\\Lib\\site-packages\\cryptography",`
			`"*.nox/pypy/site-packages/cryptography",`
Move coverage configuration into pyproject.toml (#7274) 2022-05-26 22:35:05 +00:00			`]`
Update explanation for setuptools dep (#12254) 2025-01-08 12:09:29 +00:00			`tests = ["tests/", "*tests\\"]`
Move coverage configuration into pyproject.toml (#7274) 2022-05-26 22:35:05 +00:00
			`[tool.coverage.report]`
			`exclude_lines = [`
			`"@abc.abstractmethod",`
			`"@typing.overload",`
			`"if typing.TYPE_CHECKING",`
			`]`
Switch from flake8 to ruff (#7920) It's more than 60x faster. 2022-12-21 02:44:47 +00:00
			`[tool.ruff]`
			`line-length = 79`

Update ruff configuration for ruff 0.2.0 (#10332) 2024-02-02 13:51:50 +00:00			`lint.ignore = ['N818']`
			`lint.select = ['E', 'F', 'I', 'N', 'W', 'UP', 'RUF']`

			`[tool.ruff.lint.isort]`
Switch from flake8 to ruff (#7920) It's more than 60x faster. 2022-12-21 02:44:47 +00:00			`known-first-party = ["cryptography", "cryptography_vectors", "tests"]`
Switch from check-manifest to check-sdist (#8846) The latter will work with non-setuptools build backends. 2023-04-30 16:14:28 +00:00
			`[tool.check-sdist]`
			`git-only = [`
			`"vectors/*",`
			`"release.py",`
			`"ci-constraints-requirements.txt",`
			`".gitattributes",`
			`".gitignore",`
Added certifi to test dependencies (#10043) Needed for https://github.com/pyca/cryptography/pull/10042 2023-12-23 15:42:56 +00:00			`]`