build(deps): bump the dependencies group with 2 updates

[dependabot]

Bumps the dependencies group with 2 updates: cryptography and coverage[toml].

Updates cryptography from 45.0.3 to 45.0.4

Changelog

Sourced from cryptography's changelog.

45.0.4 - 2025-06-09

* Fixed decrypting PKCS#8 files encrypted with SHA1-RC4. (This is not
  considered secure, and is supported only for backwards compatibility.)
.. _v45-0-3:

Commits

• 678c0c5 prepare for 45.0.4 release (#13058)
• See full diff in compare view

Updates coverage[toml] from 7.8.2 to 7.9.1

Release notes

Sourced from coverage[toml]'s releases.

7.9.1

Version 7.9.1 — 2025-06-13

• The “no-ctracer” warning is not issued for Python pre-release versions. Coverage doesn’t ship compiled wheels for those versions, so this was far too noisy.
• On Python 3.14+, the “sysmon” core is now the default if it’s supported for your configuration. Plugins and dynamic contexts are still not supported with it.

➡️  PyPI page: coverage 7.9.1. :arrow_right:  To install: python3 -m pip install coverage==7.9.1

7.9.0

Version 7.9.0 — 2025-06-11

• Added a [run] core configuration setting to specify the measurement core, which was previously only available through the COVERAGE_CORE environment variable. Finishes issue 1746.
• Fixed incorrect rendering of f-strings with doubled braces, closing issue 1980.
• If the C tracer core can’t be imported, a warning (“no-ctracer”) is issued with the reason.
• The C tracer core extension module now conforms to PEP 489, closing issue 1977. Thanks, Adam Turner.
• Fixed a “ValueError: min() arg is an empty sequence” error caused by strange empty modules, found by oss-fuzz.

➡️  PyPI page: coverage 7.9.0. :arrow_right:  To install: python3 -m pip install coverage==7.9.0

Changelog

Sourced from coverage[toml]'s changelog.

Version 7.9.1 — 2025-06-13

• The "no-ctracer" warning is not issued for Python pre-release versions. Coverage doesn't ship compiled wheels for those versions, so this was far too noisy.

• On Python 3.14+, the "sysmon" core is now the default if it's supported for your configuration. Plugins and dynamic contexts are still not supported with it.

.. _changes_7-9-0:

Version 7.9.0 — 2025-06-11

• Added a [run] core configuration setting to specify the measurement core, which was previously only available through the COVERAGE_CORE environment variable. Finishes issue 1746_.

• Fixed incorrect rendering of f-strings with doubled braces, closing issue 1980_.

• If the C tracer core can't be imported, a warning ("no-ctracer") is issued with the reason.

• The C tracer core extension module now conforms to PEP 489, closing issue 1977. Thanks, Adam Turner <pull 1978_>_.

• Fixed a "ValueError: min() arg is an empty sequence" error caused by strange empty modules, found by oss-fuzz_.

.. _issue 1746: nedbat/coveragepy#1746 .. _issue 1977: nedbat/coveragepy#1977 .. _pull 1978: nedbat/coveragepy#1978 .. _issue 1980: nedbat/coveragepy#1980 .. _PEP 489: https://peps.python.org/pep-0489 .. _oss-fuzz: https://google.github.io/oss-fuzz/

.. _changes_7-8-2:

Commits

• 4fa1b71 docs: sample HTML for 7.9.1
• 5cf757b docs: prep for 7.9.1
• bea6204 fix: better defaulting of core
• 7795441 fix: fewer warnings, default to sys.monitoring on 3.14+
• 18aa074 fix: some custom builds don't have file
• 8c5bf65 chore: make upgrade
• 128c4f4 build: bump version to 7.9.1
• 452d86f docs: sample HTML for 7.9.0
• a670927 docs: prep for 7.9.0
• 3b0cb87 build: windows 3.14 is fixed
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[coveralls]

coverage: 97.064%. remained the same
when pulling c408066 on dependabot/pip/dependencies-d576f69241
into 1ff624d on develop.