From 2ee42694b6e8eb874a92a1aef9b55aa724537343 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Mon, 6 Oct 2025 12:58:26 +0000 Subject: [PATCH 1/3] Initial plan From 8457b676b98ff0ddfedf4c2437afcc38985267c0 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Mon, 6 Oct 2025 13:06:09 +0000 Subject: [PATCH 2/3] Add certifi dependency and use it as default for SSL CA certificates Co-authored-by: bradymholt <759811+bradymholt@users.noreply.github.com> --- pyproject.toml | 1 + requirements.txt | 1 + templates/configuration.mustache | 3 ++- ynab/configuration.py | 3 ++- 4 files changed, 6 insertions(+), 2 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index 144af26..88ab748 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -14,6 +14,7 @@ urllib3 = ">= 1.25.3 < 3.0.0" python-dateutil = ">= 2.8.2" pydantic = ">= 2" typing-extensions = ">= 4.7.1" +certifi = ">= 14.05.14" [tool.poetry.group.dev.dependencies] pytest = ">= 7.2.1" diff --git a/requirements.txt b/requirements.txt index 6cbb2b9..0e04235 100644 --- a/requirements.txt +++ b/requirements.txt @@ -2,3 +2,4 @@ urllib3 >= 2.1.0, < 3.0.0 python_dateutil >= 2.8.2 pydantic >= 2 typing-extensions >= 4.7.1 +certifi >= 14.05.14 diff --git a/templates/configuration.mustache b/templates/configuration.mustache index 7db08e9..8405585 100644 --- a/templates/configuration.mustache +++ b/templates/configuration.mustache @@ -14,6 +14,7 @@ from typing import Any, ClassVar, Dict, List, Literal, Optional, TypedDict, Unio from typing_extensions import NotRequired, Self import urllib3 +import certifi {{#hasHttpSignatureMethods}} from {{packageName}}.signing import HttpSigningConfiguration @@ -370,7 +371,7 @@ conf = {{{packageName}}}.Configuration( Set this to false to skip verifying SSL certificate when calling API from https server. """ - self.ssl_ca_cert = ssl_ca_cert + self.ssl_ca_cert = ssl_ca_cert if ssl_ca_cert is not None else certifi.where() """Set this to verify the peer using PEM (str) or DER (bytes) certificate data. diff --git a/ynab/configuration.py b/ynab/configuration.py index 5f651af..b3c559e 100644 --- a/ynab/configuration.py +++ b/ynab/configuration.py @@ -22,6 +22,7 @@ from typing_extensions import NotRequired, Self import urllib3 +import certifi JSON_SCHEMA_VALIDATION_KEYWORDS = { @@ -256,7 +257,7 @@ def __init__( Set this to false to skip verifying SSL certificate when calling API from https server. """ - self.ssl_ca_cert = ssl_ca_cert + self.ssl_ca_cert = ssl_ca_cert if ssl_ca_cert is not None else certifi.where() """Set this to verify the peer using PEM (str) or DER (bytes) certificate data. From 0209c4cbd68540024fa7d73b466506f8ff6f1d49 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Mon, 6 Oct 2025 13:18:01 +0000 Subject: [PATCH 3/3] Update poetry.lock to include certifi dependency Co-authored-by: bradymholt <759811+bradymholt@users.noreply.github.com> --- poetry.lock | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/poetry.lock b/poetry.lock index 9706a84..71a68b4 100644 --- a/poetry.lock +++ b/poetry.lock @@ -1,4 +1,4 @@ -# This file is automatically @generated by Poetry 2.1.1 and should not be changed by hand. +# This file is automatically @generated by Poetry 2.2.1 and should not be changed by hand. [[package]] name = "annotated-types" @@ -27,6 +27,18 @@ files = [ {file = "cachetools-5.5.2.tar.gz", hash = "sha256:1a661caa9175d26759571b2e19580f9d6393969e5dfca11fdb1f947a23e640d4"}, ] +[[package]] +name = "certifi" +version = "2025.10.5" +description = "Python package for providing Mozilla's CA Bundle." +optional = false +python-versions = ">=3.7" +groups = ["main"] +files = [ + {file = "certifi-2025.10.5-py3-none-any.whl", hash = "sha256:0f212c2744a9bb6de0c56639a6f68afe01ecd92d91f14ae897c4fe7bbeeef0de"}, + {file = "certifi-2025.10.5.tar.gz", hash = "sha256:47c09d31ccf2acf0be3f701ea53595ee7e0b8fa08801c6624be771df09ae7b43"}, +] + [[package]] name = "chardet" version = "5.2.0" @@ -726,4 +738,4 @@ test = ["covdefaults (>=2.3)", "coverage (>=7.2.7)", "coverage-enable-subprocess [metadata] lock-version = "2.1" python-versions = "^3.8" -content-hash = "3878aa4f654cc34dcf86e0b42a319c5b8f2a9635dae56a630b962ada706622ed" +content-hash = "498907059ed6a564cbe40a8c3ff4d0cf6d02c468e15953b686bb600d0d7dd6fd"