[build-system]
# These requirements must be kept sync with the requirements in
# ./.github/requirements/build-requirements.{in,txt}
requires = [
    "maturin>=1,<2",

    # Must be kept in sync with `project.dependencies`
    "cffi>=1.12; platform_python_implementation != 'PyPy'",
    # Used by cffi (which import distutils, and in Python 3.12, distutils has
    # been removed from the stdlib, but installing setuptools puts it back) as
    # well as our build.rs for the rust/cffi bridge.
    "setuptools!=74.0.0,!=74.1.0,!=74.1.1,!=74.1.2",
]
build-backend = "maturin"

[project]
name = "cryptography"
version = "45.0.0.dev1"
authors = [
    { name = "The Python Cryptographic Authority and individual contributors", email = "cryptography-dev@python.org" },
]
description = "cryptography is a package which provides cryptographic recipes and primitives to Python developers."
readme = "README.rst"
license = { text = "Apache-2.0 OR BSD-3-Clause" }
classifiers = [
    "Development Status :: 5 - Production/Stable",
    "Intended Audience :: Developers",
    "License :: OSI Approved :: Apache Software License",
    "License :: OSI Approved :: BSD License",
    "Natural Language :: English",
    "Operating System :: MacOS :: MacOS X",
    "Operating System :: POSIX",
    "Operating System :: POSIX :: BSD",
    "Operating System :: POSIX :: Linux",
    'Operating System :: Microsoft :: Windows',
    "Programming Language :: Python",
    "Programming Language :: Python :: 3",
    "Programming Language :: Python :: 3 :: Only",
    "Programming Language :: Python :: 3.7",
    "Programming Language :: Python :: 3.8",
    "Programming Language :: Python :: 3.9",
    "Programming Language :: Python :: 3.10",
    "Programming Language :: Python :: 3.11",
    "Programming Language :: Python :: 3.12",
    "Programming Language :: Python :: 3.13",
    "Programming Language :: Python :: Implementation :: CPython",
    "Programming Language :: Python :: Implementation :: PyPy",
    "Topic :: Security :: Cryptography",
]
requires-python = ">=3.7,!=3.9.0,!=3.9.1"
dependencies = [
    # Must be kept in sync with `build-system.requires`
    "cffi>=1.12; platform_python_implementation != 'PyPy'",
]

[project.urls]
homepage = "https://github.com/pyca/cryptography"
documentation = "https://cryptography.io/"
source = "https://github.com/pyca/cryptography/"
issues = "https://github.com/pyca/cryptography/issues"
changelog = "https://cryptography.io/en/latest/changelog/"

[project.optional-dependencies]
ssh = ["bcrypt >=3.1.5"]

# All the following are used for our own testing.
nox = ["nox >=2024.04.15", "nox[uv] >=2024.03.02; python_version >= '3.8'"]
test = [
    "cryptography_vectors",
    "pytest >=7.4.0",
    "pytest-benchmark >=4.0",
    "pytest-cov >=2.10.1",
    "pytest-xdist >=3.5.0",
    "pretend >=0.7",
    "certifi >=2024",
]
test-randomorder = ["pytest-randomly"]
docs = [
    "sphinx >=5.3.0",
    "sphinx-rtd-theme >=3.0.0; python_version >= '3.8'",
    "sphinx-inline-tabs; python_version >= '3.8'",
]
docstest = [
    "pyenchant >=3",
    "readme-renderer >=30.0",
    "sphinxcontrib-spelling >=7.3.1",
]
sdist = ["build >=1.0.0"]
# `click` included because its needed to type check `release.py`
pep8test = [
    "ruff >=0.3.6",
    "mypy >=1.4",
    "check-sdist; python_version >= '3.8'",
    "click >=8.0.1",
]

[tool.maturin]
python-source = "src"
python-packages = ["cryptography"]
manifest-path = "src/rust/Cargo.toml"
module-name = "cryptography.hazmat.bindings._rust"
locked = true
sdist-generator = "git"
features = ["pyo3/abi3-py37"]
include = [
    "CHANGELOG.rst",
    "CONTRIBUTING.rst",
    "LICENSE",
    "LICENSE.APACHE",
    "LICENSE.BSD",

    "docs/**/*",

    "src/_cffi_src/**/*.py",
    "src/_cffi_src/**/*.c",
    "src/_cffi_src/**/*.h",

    "Cargo.toml",
    "Cargo.lock",
    "src/rust/**/Cargo.toml",
    "src/rust/**/Cargo.lock",
    "src/rust/**/*.rs",

    "tests/**/*.py",
]
exclude = [
    "vectors/**/*",
    "target/**/*",
    "docs/_build/**/*",
    ".github/**/*",
    ".readthedocs.yml",
    "ci-constraints-requirements.txt",
    "mypy.ini",
]

[tool.pytest.ini_options]
addopts = "-r s --capture=no --strict-markers --benchmark-disable"
console_output_style = "progress-even-when-capture-no"
markers = [
    "skip_fips: this test is not executed in FIPS mode",
    "supported: parametrized test requiring only_if and skip_message",
]

[tool.mypy]
show_error_codes = true
check_untyped_defs = true
no_implicit_reexport = true
warn_redundant_casts = true
warn_unused_ignores = true
warn_unused_configs = true
strict_equality = true

[[tool.mypy.overrides]]
module = ["pretend"]
ignore_missing_imports = true

[tool.coverage.run]
branch = true
relative_files = true
source = ["cryptography", "tests/"]

[tool.coverage.paths]
source = [
    "src/cryptography",
    "*.nox/*/lib*/python*/site-packages/cryptography",
    "*.nox\\*\\Lib\\site-packages\\cryptography",
    "*.nox/pypy/site-packages/cryptography",
]
tests = ["tests/", "*tests\\"]

[tool.coverage.report]
exclude_lines = [
    "@abc.abstractmethod",
    "@typing.overload",
    "if typing.TYPE_CHECKING",
]

[tool.ruff]
line-length = 79

lint.ignore = ['N818']
lint.select = ['E', 'F', 'I', 'N', 'W', 'UP', 'RUF']

[tool.ruff.lint.isort]
known-first-party = ["cryptography", "cryptography_vectors", "tests"]

[tool.check-sdist]
git-only = [
    "vectors/*",
    "release.py",
    "ci-constraints-requirements.txt",
    ".gitattributes",
    ".gitignore",
]