From d2d97764691e083ecafbf3debb9e8bb9116f27f0 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 2 Feb 2026 14:43:01 +0000
Subject: [PATCH] chore(deps-dev): Update bcrypt requirement

Updates the requirements on [bcrypt](https://github.com/pyca/bcrypt) to permit the latest version.
- [Changelog](https://github.com/pyca/bcrypt/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/bcrypt/compare/4.0.0...5.0.0)

---
updated-dependencies:
- dependency-name: bcrypt
  dependency-version: 5.0.0
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 pyproject.toml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/pyproject.toml b/pyproject.toml
index ca4476e0..783e9eb6 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -126,7 +126,7 @@ healthcare = [
     "fastapi>=0.109.1,<1.0.0",
     "uvicorn>=0.20.0,<1.0.0",
     "starlette>=0.40.0,<1.0.0",
-    "bcrypt>=4.0.0,<5.0.0",
+    "bcrypt>=4.0.0,<6.0.0",
     "PyJWT[crypto]>=2.8.0",
     # OpenTelemetry for enterprise telemetry
     "opentelemetry-api>=1.20.0,<2.0.0",
@@ -146,7 +146,7 @@ backend = [
     "fastapi>=0.109.1,<1.0.0",  # CVE fix: PYSEC-2024-38
     "uvicorn>=0.20.0,<1.0.0",
     "starlette>=0.40.0,<1.0.0",  # CVE fix: GHSA-f96h, GHSA-2c2j
-    "bcrypt>=4.0.0,<5.0.0",  # Password hashing (cost factor 12)
+    "bcrypt>=4.0.0,<6.0.0",  # Password hashing (cost factor 12)
     "PyJWT[crypto]>=2.8.0",  # JWT auth - uses cryptography (no ecdsa CVE)
 ]
 
@@ -237,7 +237,7 @@ enterprise = [
     "fastapi>=0.109.1,<1.0.0",
     "uvicorn>=0.20.0,<1.0.0",
     "starlette>=0.40.0,<1.0.0",
-    "bcrypt>=4.0.0,<5.0.0",  # Secure password hashing
+    "bcrypt>=4.0.0,<6.0.0",  # Secure password hashing
     "PyJWT[crypto]>=2.8.0",  # JWT authentication
     # OpenTelemetry for enterprise telemetry
     "opentelemetry-api>=1.20.0,<2.0.0",
@@ -287,7 +287,7 @@ all = [
     "fastapi>=0.109.1,<1.0.0",  # CVE fix
     "uvicorn>=0.20.0,<1.0.0",
     "starlette>=0.40.0,<1.0.0",  # CVE fix
-    "bcrypt>=4.0.0,<5.0.0",  # Secure password hashing
+    "bcrypt>=4.0.0,<6.0.0",  # Secure password hashing
     "PyJWT[crypto]>=2.8.0",  # JWT authentication
     # LSP
     "pygls>=1.0.0,<2.0.0",