build(deps): bump cryptography from 44.0.2 to 46.0.6 in /scripts/test-lambda-locally

[dependabot]

Bumps cryptography from 44.0.2 to 46.0.6.

Changelog

Sourced from cryptography's changelog.

46.0.6 - 2026-03-25

* **SECURITY ISSUE**: Fixed a bug where name constraints were not applied
  to peer names during verification when the leaf certificate contains a
  wildcard DNS SAN. Ordinary X.509 topologies are not affected by this bug,
  including those used by the Web PKI. Credit to **Oleh Konko (1seal)** for
  reporting the issue. **CVE-2026-34073**
.. _v46-0-5:
46.0.5 - 2026-02-10

• An attacker could create a malicious public key that reveals portions of your private key when using certain uncommon elliptic curves (binary curves). This version now includes additional security checks to prevent this attack. This issue only affects binary elliptic curves, which are rarely used in real-world applications. Credit to XlabAI Team of Tencent Xuanwu Lab and Atuin Automated Vulnerability Discovery Engine for reporting the issue. CVE-2026-26007
• Support for SECT* binary elliptic curves is deprecated and will be removed in the next release.

.. v46-0-4:

46.0.4 - 2026-01-27

* `Dropped support for win_arm64 wheels`_.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.5.
.. _v46-0-3:
46.0.3 - 2025-10-15

• Fixed compilation when using LibreSSL 4.2.0.

.. _v46-0-2:

46.0.2 - 2025-09-30

* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.4.
.. _v46-0-1:
46.0.1 - 2025-09-16

... (truncated)

Commits

• 91d7288 Cherry-pick #14542 (#14543)
• 06e120e bump version for 46.0.5 release (#14289)
• 0eebb9d EC check key on cofactor > 1 (#14287)
• bedf6e1 fix openssl version on 46 branch (#14220)
• e6f44fc bump for 46.0.4 and drop win arm64 due to CI issues (#14217)
• c0af4dd release 46.0.3 (#13681)
• 99efe5a bump version for 46.0.2 (#13531)
• e735cfc release 46.0.1 (#13450)
• 4e457ff Explicitly specify python in mac uv build invocation (#13447)
• 2726efd Depend on CFFI 2.0.0 or newer on Python > 3.8 (#13448)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[github-actions]

Semver Impact of This PR

🟢 Patch (bug fixes)

📋 Changelog Preview

This is how your changes will appear in the changelog.
Entries from this PR are highlighted with a left border (blockquote style).

---

New Features ✨

Langchain

• Set gen_ai.operation.name and gen_ai.pipeline.name on LLM spans by ericapisani in #5849
• Broaden AI provider detection beyond OpenAI and Anthropic by ericapisani in #5707
• Update LLM span operation to gen_ai.generate_text by ericapisani in #5796

Other

• Add experimental async transport (port of PR Add experimental async transport #4572) by BYK in #5646

Bug Fixes 🐛

Ci

• Update validate-pr action to remove draft enforcement by stephanie-anderson in #5918
• Use gh CLI to convert PR to draft by stephanie-anderson in #5874
• Use GitHub App token for draft PR enforcement by stephanie-anderson in #5871

Openai

• Always set gen_ai.response.streaming for Responses by alexander-alderman-webb in #5697
• Simplify Responses input handling by alexander-alderman-webb in #5695
• Use max_output_tokens for Responses API by alexander-alderman-webb in #5693
• Always set gen_ai.response.streaming for Completions by alexander-alderman-webb in #5692
• Simplify Completions input handling by alexander-alderman-webb in #5690
• Simplify embeddings input handling by alexander-alderman-webb in #5688

Other

• (google-genai) Guard response extraction by alexander-alderman-webb in #5869
• (workflow) Fix permission issue with github app and PR draft graphql endpoint by Jeffreyhung in #5887
• Add cycle detection to exceptions_from_error by ericapisani in #5880

Documentation 📚

• Update CONTRIBUTING.md with contribution requirements and TOC by stephanie-anderson in #5896

Internal Changes 🔧

Ai

• Remove unused GEN_AI_PIPELINE operation constant by ericapisani in #5886
• Rename generate_text to text_completion by ericapisani in #5885

Langchain

• Add text completion test by alexander-alderman-webb in #5740
• Add tool execution test by alexander-alderman-webb in #5739
• Add basic agent test with Responses call by alexander-alderman-webb in #5726
• Replace mocks with httpx types by alexander-alderman-webb in #5724
• Consolidate span origin assertion by alexander-alderman-webb in #5723
• Consolidate available tools assertion by alexander-alderman-webb in #5721

Openai

• Replace mocks with httpx types for streaming Responses by alexander-alderman-webb in #5882
• Replace mocks with httpx types for streaming Completions by alexander-alderman-webb in #5879
• Move input handling code into API-specific functions by alexander-alderman-webb in #5687

Other

• (asyncpg) Normalize query whitespace in integration by ericapisani in #5855

• (deps) Bump cryptography from 44.0.2 to 46.0.6 in /scripts/test-lambda-locally by dependabot[bot] in #5906

• 🤖 Update test matrix with new releases (03/30) by github-actions in #5912
• Merge PR validation workflows and add reason-specific labels by stephanie-anderson in #5898
• Add workflow to close unvetted non-maintainer PRs by stephanie-anderson in #5895
• Exclude compromised litellm versions by alexander-alderman-webb in #5876
• Reactivate litellm tests by alexander-alderman-webb in #5853
• Add note to coordinate with assignee before PR submission by sentrivana in #5868
• Temporarily stop running litellm tests by alexander-alderman-webb in #5851

Other

• ci+docs: Add draft PR enforcement by stephanie-anderson in #5867

---

_{🤖 This preview updates automatically when you update the PR.}

[github-actions]

Codecov Results 📊

✅ 13 passed | Total: 13 | Pass Rate: 100% | Execution Time: 8.47s

All tests are passing successfully.

✅ Patch coverage is 100.00%. Project has 14688 uncovered lines.

---

Generated by Codecov Action

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.