(tooling-trusted-releases) branch main updated: Remove the dependency on PyNaCl due to CVE-2025-69277

Fri, 16 Jan 2026 09:32:06 -0800 

This is an automated email from the ASF dual-hosted git repository.

sbp pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tooling-trusted-releases.git


The following commit(s) were added to refs/heads/main by this push:
     new 26ee9d1  Remove the dependency on PyNaCl due to CVE-2025-69277
26ee9d1 is described below

commit 26ee9d1657017a491877ced882fdbff970b8452f
Author: Sean B. Palmer <[email protected]>
AuthorDate: Fri Jan 16 17:31:16 2026 +0000

    Remove the dependency on PyNaCl due to CVE-2025-69277
---
 atr/log.py     | 40 ++++++++++++++++++++--------------------
 pyproject.toml |  2 +-
 2 files changed, 21 insertions(+), 21 deletions(-)

diff --git a/atr/log.py b/atr/log.py
index e121c20..8dca4ac 100644
--- a/atr/log.py
+++ b/atr/log.py
@@ -133,26 +133,26 @@ def python_repr(object_name: str) -> str:
     return f"<{object_name}>"
 
 
-def secret(msg: str, data: bytes) -> None:
-    import base64
-
-    import nacl.encoding as encoding
-    import nacl.public as public
-
-    import atr.config as config
-
-    conf = config.get()
-    public_key_b64 = conf.LOG_PUBLIC_KEY
-    if public_key_b64 is None:
-        raise ValueError("LOG_PUBLIC_KEY is not set")
-
-    recipient_pk = public.PublicKey(
-        public_key_b64.encode("ascii"),
-        encoder=encoding.Base64Encoder,
-    )
-    ciphertext = public.SealedBox(recipient_pk).encrypt(data)
-    encoded_ciphertext = base64.b64encode(ciphertext).decode("ascii")
-    _event(logging.INFO, f"{msg} {encoded_ciphertext}")
+# def secret(msg: str, data: bytes) -> None:
+#     import base64
+
+#     import nacl.encoding as encoding
+#     import nacl.public as public
+
+#     import atr.config as config
+
+#     conf = config.get()
+#     public_key_b64 = conf.LOG_PUBLIC_KEY
+#     if public_key_b64 is None:
+#         raise ValueError("LOG_PUBLIC_KEY is not set")
+
+#     recipient_pk = public.PublicKey(
+#         public_key_b64.encode("ascii"),
+#         encoder=encoding.Base64Encoder,
+#     )
+#     ciphertext = public.SealedBox(recipient_pk).encrypt(data)
+#     encoded_ciphertext = base64.b64encode(ciphertext).decode("ascii")
+#     _event(logging.INFO, f"{msg} {encoded_ciphertext}")
 
 
 def warning(msg: str) -> None:
diff --git a/pyproject.toml b/pyproject.toml
index e7efc51..7d42d65 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -39,7 +39,7 @@ dependencies = [
   "puremagic>=1.30",
   "pydantic-xml (>=2.17.2,<3.0.0)",
   "pyjwt (>=2.10.1,<3.0.0)",
-  "pynacl>=1.5.0",
+  # "pynacl>=1.5.0",
   "python-decouple~=3.8",
   "python-gnupg~=0.5",
   "quart-schema[pydantic]~=0.21",


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to