Skip to content

build(deps): bump paramiko from 4.0.0 to 5.0.0#40

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/paramiko-5.0.0
Open

build(deps): bump paramiko from 4.0.0 to 5.0.0#40
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/paramiko-5.0.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 12, 2026

Copy link
Copy Markdown
Contributor

Bumps paramiko from 4.0.0 to 5.0.0.

Commits
  • 710cc5c What's a few weeks between friends?
  • ea93c59 Fix up Ed25519Key so it has non-erroring repr() during fatal errors
  • 5b90ef9 ruff/isort
  • f3864b6 Changelog fixes
  • acd4bc1 Replace hardcoded PEM format in PKey.write* with new parameter
  • 6fa1556 Bump group-exchange kex min_bits to 2048
  • eb87ad3 Fix some tests that were incorrectly passing
  • 1ecc933 Remove GSSAPI support :(
  • 9bf5fca Remove SHA1-based (non-GSS) kex methods
  • b8f75c7 Lintin' ain't easy
  • Additional commits viewable in compare view

@dependabot @github

dependabot Bot commented on behalf of github Jul 12, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: python. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

Bumps [paramiko](https://github.com/paramiko/paramiko) from 4.0.0 to 5.0.0.
- [Commits](paramiko/paramiko@4.0.0...5.0.0)

---
updated-dependencies:
- dependency-name: paramiko
  dependency-version: 5.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/pip/paramiko-5.0.0 branch from 4ebad7c to f1f814d Compare July 12, 2026 14:35

Lay007 commented Jul 12, 2026

Copy link
Copy Markdown
Owner

All current CI checks are green, but this is a production major update (paramiko 4.x → 5.x), and the course CI does not establish a real SSH/SFTP session with the Zynq board.

Before merging, the remaining compatibility gate should exercise the APIs used by validate_clean_boot_overlay.py: SSHClient, host-key policy setup, connect, exec_command, open_sftp, upload/download, and close. A short board smoke run should also verify one command, one upload, and one download against the target ADI Linux image.

Keeping this PR open is intentional: passing import/unit checks is not sufficient evidence for the hardware deployment path.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant