From 735609d2a6150318bd02691e564e0e7b16c362ad Mon Sep 17 00:00:00 2001
From: Alex Gaynor <alex.gaynor@gmail.com>
Date: Tue, 19 Nov 2024 14:59:48 -0500
Subject: [PATCH] Bump version for 4.2.1 (#914)

Backports fixes to pypi-publish from cryptography.
---
 .github/workflows/pypi-publish.yml  | 19 ++++++++++---------
 .github/workflows/wheel-builder.yml | 13 -------------
 README.rst                          |  7 +++++++
 pyproject.toml                      |  2 +-
 src/_bcrypt/src/lib.rs              |  2 +-
 5 files changed, 19 insertions(+), 24 deletions(-)

diff --git a/.github/workflows/pypi-publish.yml b/.github/workflows/pypi-publish.yml
index cd3b73fa..4b5ad4f5 100644
--- a/.github/workflows/pypi-publish.yml
+++ b/.github/workflows/pypi-publish.yml
@@ -32,6 +32,14 @@ jobs:
       - run: echo "$EVENT_CONTEXT"
         env:
           EVENT_CONTEXT: ${{ toJson(github.event) }}
+
+      - run: |
+          echo "PYPI_URL=https://upload.pypi.org/legacy/" >> $GITHUB_ENV
+        if: github.event_name == 'workflow_run' || (github.event_name == 'workflow_dispatch' && github.event.inputs.environment == 'pypi')
+      - run: |
+          echo "PYPI_URL=https://test.pypi.org/legacy/" >> $GITHUB_ENV
+        if: github.event_name == 'workflow_dispatch' && github.event.inputs.environment == 'testpypi'
+
       - uses: dawidd6/action-download-artifact@bf251b5aa9c2f7eeb574a96ee720e24f801b7c11 # v6
         with:
           path: tmpdist/
@@ -40,15 +48,8 @@ jobs:
       - run: |
           find tmpdist/ -type f -name 'bcrypt*' -exec mv {} dist/ \;
 
-      - run: |
-          echo "PYPI_URL=https://pypi.org/legacy/" >> $GITHUB_ENV
-        if: github.event_name == 'workflow_run' || (github.event_name == 'workflow_dispatch' && github.event.inputs.environment == 'pypi')
-      - run: |
-          echo "PYPI_URL=https://test.pypi.org/legacy/" >> $GITHUB_ENV
-        if: github.event_name == 'workflow_dispatch' && github.event.inputs.environment == 'testpypi'
-
       - name: Publish package distributions to PyPI
-        uses: pypa/gh-action-pypi-publish@v1.12.2
+        uses: pypa/gh-action-pypi-publish@15c56dba361d8335944d31a2ecd17d700fc7bcbc  # v1.12.2
         with:
           repository-url: ${{ env.PYPI_URL }}
           skip-existing: true
@@ -56,4 +57,4 @@ jobs:
           # because there's nothing that would prevent a malicious PyPI from
           # serving a signed TestPyPI asset in place of a release intended for
           # PyPI.
-          attestations: ${{ env.PYPI_URL == 'https://pypi.org/legacy/' }}
+          attestations: ${{ env.PYPI_URL == 'https://upload.pypi.org/legacy/' }}
diff --git a/.github/workflows/wheel-builder.yml b/.github/workflows/wheel-builder.yml
index 9bb92089..ac7373f2 100644
--- a/.github/workflows/wheel-builder.yml
+++ b/.github/workflows/wheel-builder.yml
@@ -49,7 +49,6 @@ jobs:
         PYTHON:
           - { VERSION: "cp37-cp37m", ABI_VERSION: 'cp37' }
           - { VERSION: "cp39-cp39", ABI_VERSION: 'cp39' }
-          - { VERSION: "pp39-pypy39_pp73" }
           - { VERSION: "pp310-pypy310_pp73" }
         MANYLINUX:
           - { NAME: "manylinux2014_x86_64", CONTAINER: "cryptography-manylinux2014:x86_64", RUNNER: "ubuntu-latest" }
@@ -63,31 +62,19 @@ jobs:
           - { NAME: "musllinux_1_2_aarch64", CONTAINER: "cryptography-musllinux_1_2:aarch64", RUNNER: [self-hosted, Linux, ARM64]}
         exclude:
           # There are no readily available musllinux PyPy distributions
-          - PYTHON: { VERSION: "pp39-pypy39_pp73" }
-            MANYLINUX: { NAME: "musllinux_1_1_x86_64", CONTAINER: "cryptography-musllinux_1_1:x86_64", RUNNER: "ubuntu-latest"}
           - PYTHON: { VERSION: "pp310-pypy310_pp73" }
             MANYLINUX: { NAME: "musllinux_1_1_x86_64", CONTAINER: "cryptography-musllinux_1_1:x86_64", RUNNER: "ubuntu-latest"}
-          - PYTHON: { VERSION: "pp39-pypy39_pp73" }
-            MANYLINUX: { NAME: "musllinux_1_1_aarch64", CONTAINER: "cryptography-musllinux_1_1:aarch64", RUNNER: [self-hosted, Linux, ARM64]}
           - PYTHON: { VERSION: "pp310-pypy310_pp73" }
             MANYLINUX: { NAME: "musllinux_1_1_aarch64", CONTAINER: "cryptography-musllinux_1_1:aarch64", RUNNER: [self-hosted, Linux, ARM64]}
 
-          - PYTHON: { VERSION: "pp39-pypy39_pp73" }
-            MANYLINUX: { NAME: "musllinux_1_2_x86_64", CONTAINER: "cryptography-musllinux_1_2:x86_64", RUNNER: "ubuntu-latest"}
           - PYTHON: { VERSION: "pp310-pypy310_pp73" }
             MANYLINUX: { NAME: "musllinux_1_2_x86_64", CONTAINER: "cryptography-musllinux_1_2:x86_64", RUNNER: "ubuntu-latest"}
-          - PYTHON: { VERSION: "pp39-pypy39_pp73" }
-            MANYLINUX: { NAME: "musllinux_1_2_aarch64", CONTAINER: "cryptography-musllinux_1_2:aarch64", RUNNER: [self-hosted, Linux, ARM64]}
           - PYTHON: { VERSION: "pp310-pypy310_pp73" }
             MANYLINUX: { NAME: "musllinux_1_2_aarch64", CONTAINER: "cryptography-musllinux_1_2:aarch64", RUNNER: [self-hosted, Linux, ARM64]}
 
             # We also don't build pypy wheels for anything except the latest manylinux
-          - PYTHON: { VERSION: "pp39-pypy39_pp73" }
-            MANYLINUX: { NAME: "manylinux2014_x86_64", CONTAINER: "cryptography-manylinux2014:x86_64", RUNNER: "ubuntu-latest"}
           - PYTHON: { VERSION: "pp310-pypy310_pp73" }
             MANYLINUX: { NAME: "manylinux2014_x86_64", CONTAINER: "cryptography-manylinux2014:x86_64", RUNNER: "ubuntu-latest"}
-          - PYTHON: { VERSION: "pp39-pypy39_pp73" }
-            MANYLINUX: { NAME: "manylinux2014_aarch64", CONTAINER: "cryptography-manylinux2014_aarch64", RUNNER: [self-hosted, Linux, ARM64]}
           - PYTHON: { VERSION: "pp310-pypy310_pp73" }
             MANYLINUX: { NAME: "manylinux2014_aarch64", CONTAINER: "cryptography-manylinux2014_aarch64", RUNNER: [self-hosted, Linux, ARM64]}
     name: "${{ matrix.PYTHON.VERSION }} for ${{ matrix.MANYLINUX.NAME }}"
diff --git a/README.rst b/README.rst
index f8f20047..3ba4e83f 100644
--- a/README.rst
+++ b/README.rst
@@ -51,6 +51,13 @@ While bcrypt remains an acceptable choice for password storage, depending on you
 Changelog
 =========
 
+4.2.1
+-----
+
+* Bump Rust dependency versions - this should resolve crashes on Python 3.13
+  free-threaded builds.
+* We no longer build ``manylinux`` wheels for PyPy 3.9.
+
 4.2.0
 -----
 
diff --git a/pyproject.toml b/pyproject.toml
index 3c476708..4728e804 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -11,7 +11,7 @@ build-backend = "setuptools.build_meta"
 [project]
 name = "bcrypt"
 # When updating this, also update lib.rs
-version = "4.2.0"
+version = "4.2.1"
 authors = [
     {name = "The Python Cryptographic Authority developers", email = "cryptography-dev@python.org"}
 ]
diff --git a/src/_bcrypt/src/lib.rs b/src/_bcrypt/src/lib.rs
index 6db0cc64..2da2b021 100644
--- a/src/_bcrypt/src/lib.rs
+++ b/src/_bcrypt/src/lib.rs
@@ -197,7 +197,7 @@ mod _bcrypt {
         // When updating this, also update pyproject.toml
         // This isn't named __version__ because passlib treats the existence of
         // that attribute as proof that we're a different module
-        m.add("__version_ex__", "4.2.0")?;
+        m.add("__version_ex__", "4.2.1")?;
 
         let author = "The Python Cryptographic Authority developers";
         m.add("__author__", author)?;