Bump cryptography from 46.0.3 to 46.0.4

[dependabot]

Bumps cryptography from 46.0.3 to 46.0.4.

Changelog

Sourced from cryptography's changelog.

46.0.4 - 2026-01-27

* `Dropped support for win_arm64 wheels`_.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.5.
.. _v46-0-3:

Commits

• e6f44fc bump for 46.0.4 and drop win arm64 due to CI issues (#14217)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[senzingdevops]

Automated: approving this pull request because it includes a patch update

[github-actions]

🤖 Claude Code Review

PR Code Review

This is a minimal dependency version bump PR. Here's the analysis:

---

Code Quality

• ✅ Style guide: Single-line change, no style concerns.
• ✅ No commented-out code
• ✅ Meaningful variable names: N/A
• ✅ DRY principle: N/A
• ✅ Defects: No logic changes. cryptography==46.0.3 → 46.0.4 is a patch version bump, likely a security or bug fix release. No concerns.
• ✅ CLAUDE.md: No changes to project configuration.

Testing

• ✅ Unit/integration tests: Not required for a dependency version bump.
• ✅ Coverage: Not applicable.

Documentation

• ✅ README: No update needed.
• ✅ API docs: No update needed.
• ✅ Inline comments: N/A
• ❌ CHANGELOG.md: Not updated. Dependency bumps should typically be noted in the changelog, even if minor. This appears to be an automated Dependabot bump — verify if your project convention requires changelog entries for dependency updates.
• ✅ Markdown formatting: No markdown changes.

Security

• ✅ No hardcoded credentials
• ✅ Input validation: N/A
• ✅ Error handling: N/A
• ✅ No sensitive data
• ✅ No license files (.lic) checked in

---

Summary

Approved with minor note. This is a routine patch bump of cryptography (46.0.3 → 46.0.4), likely addressing a security fix or bug. The change is correct and low-risk.

The only flag is the missing CHANGELOG entry — if your project convention tracks dependency updates there, add a note. Otherwise, no blockers.

Automated code review analyzing defects and coding standards