Bump cryptography from 46.0.5 to 46.0.6

[dependabot]

Bumps cryptography from 46.0.5 to 46.0.6.

Changelog

Sourced from cryptography's changelog.

46.0.6 - 2026-03-25

* **SECURITY ISSUE**: Fixed a bug where name constraints were not applied
  to peer names during verification when the leaf certificate contains a
  wildcard DNS SAN. Ordinary X.509 topologies are not affected by this bug,
  including those used by the Web PKI. Credit to **Oleh Konko (1seal)** for
  reporting the issue. **CVE-2026-34073**
.. _v46-0-5:

Commits

• 91d7288 Cherry-pick #14542 (#14543)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[senzingdevops]

Automated: approving this pull request because it includes a patch update

[github-actions]

🤖 Claude Code Review

PR Code Review

This PR bumps cryptography from 46.0.5 to 46.0.6 in pyproject.toml.

Code Quality

• ✅ Single-purpose change, follows existing style
• ✅ No commented-out code
• ✅ No DRY violations
• ✅ No logic changes, no defect risk

Testing

• ✅ No new functions or endpoints requiring tests
• ✅ Existing test coverage unaffected

Documentation

• ❌ CHANGELOG.md — no entry for this dependency update. Dependency bumps should typically be noted, even briefly.
• ✅ No README or API doc changes needed

Security

• ✅ No hardcoded credentials
• ✅ No sensitive data in logs
• ✅ No license files checked in
• ✅ Security note (positive): cryptography 46.0.6 is a patch release that addresses a security vulnerability (CVE in 46.0.5). This bump is appropriate and should be merged promptly.

---

Summary: The change is correct and straightforward. The only minor gap is the missing CHANGELOG entry. No blockers.

Automated code review analyzing defects and coding standards