Upgrade pyasn1 and pyasn1-modules dependencies

[moshemorad]

Summary

This PR upgrades the pyasn1 and pyasn1-modules dependencies to newer versions across the project.

Key Changes

• Updated pyasn1 from 0.5.1 to 0.6.2 in main requirements.txt
• Updated pyasn1-modules from 0.3.0 to 0.4.2 in main requirements.txt
• Added explicit pyasn1>=0.6.2 constraint in enforcer/requirements.txt to ensure compatibility

Details

These upgrades bring in bug fixes and improvements from the pyasn1 library. The enforcer module now explicitly declares its minimum pyasn1 version requirement to ensure it receives the necessary updates.

https://claude.ai/code/session_01AMHRZh1eLroZdepVJYBDEw

[coderabbitai]

Walkthrough

Dependencies were updated across two requirement files: pyasn1 upgraded from 0.5.1 to 0.6.2, pyasn1-modules upgraded from 0.3.0 to 0.4.2, and pyasn1>=0.6.2 was added to enforcer/requirements.txt with constraints for Python 3.10–3.12.

Changes

Cohort / File(s)	Summary
Dependency Updates enforcer/requirements.txt, requirements.txt	Updated pyasn1 from 0.5.1 to 0.6.2 and pyasn1-modules from 0.3.0 to 0.4.2; added pyasn1>=0.6.2 to enforcer/requirements.txt with Python version constraints (≥3.10, <3.13).

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Suggested reviewers

• Sheeproid

🚥 Pre-merge checks | ✅ 4

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'Upgrade pyasn1 and pyasn1-modules dependencies' accurately describes the main changes in the PR, which include updating both dependencies in requirements.txt and adding pyasn1 to enforcer/requirements.txt.
Description check	✅ Passed	The description is directly related to the changeset, providing context about the dependency upgrades and their purpose, including version numbers and the rationale for adding the constraint to enforcer/requirements.txt.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Merge Conflict Detection	✅ Passed	✅ No merge conflicts detected when merging into main

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch claude/fix-pyasn1-vulnerability-SMFUe

---

No actionable comments were generated in the recent review. 🎉

🧹 Recent nitpick comments

enforcer/requirements.txt (1)

9-9: Consider using exact version pinning for consistency.

In requirements.txt (line 31), pyasn1 is pinned to exactly ==0.6.2, but here it uses >=0.6.2. This inconsistency could lead to different pyasn1 versions being installed across environments:

• Main requirements will always install 0.6.2
• Enforcer requirements could install 0.6.2 or any newer version

For reproducible builds and consistent security posture, consider matching the pinning strategy. If flexibility is desired for the enforcer module, document the rationale.

📌 Proposed change for exact version pinning

-pyasn1>=0.6.2
+pyasn1==0.6.2

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}