Relax cryptography constraint to allow 46.*

[eirikur-nc]

Hi there.

I'm trying to introduce clerk-backend-api to an existing project.
When adding the clerk-backend-api package (via Poetry), the cryptography package gets downgraded from 46.0.3 to 45.0.7 due to the following constraint: cryptography (>=45.0.0,<46.0.0) in this library. For reasons, that I've not gotten to the bottom of, I start getting errors in my project in code that issues JWTs after this downgrade. More precisely, I get an error de-serializing an EdDSA private key in PEM format.

I'd therefore like to ask if you'd be willing to relax this constraint to cryptography (>=45.0.0,<47.0.0)

[TylerPassyn]

I am encountering this exact conflict. In a modern FastAPI environment, this constraint is a significant blocker. Specifically:

fastapi-mail (v1.6.1) requires cryptography >= 46.0.3.

clerk-backend-api is hard-pinned to < 46.0.0.

Since there is no version of cryptography that satisfies both, it’s impossible to use Clerk alongside standard email utilities in the same project without previous versions of both fastapi-mail and cryptography. Relaxing this to < 47.0.0 would resolve these transitive dependency issues that are becoming common as the ecosystem moves to the 46.x series.