build(deps): bump cryptography from 44.0.1 to 45.0.7 in /tools/publish

[dependabot]

Bumps cryptography from 44.0.1 to 45.0.7.

Changelog

Sourced from cryptography's changelog.

45.0.7 - 2025-09-01

 * Added a function to support an upcoming ``pyOpenSSL`` release. 
.. _v45-0-6:
 
45.0.6 - 2025-08-05
 

• Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.2.

.. _v45-0-5:

45.0.5 - 2025-07-02

 * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.1. 
.. _v45-0-4:
 
45.0.4 - 2025-06-09
 

• Fixed decrypting PKCS#8 files encrypted with SHA1-RC4. (This is not considered secure, and is supported only for backwards compatibility.)

.. _v45-0-3:

45.0.3 - 2025-05-25

 * Fixed decrypting PKCS#8 files encrypted with long salts (this impacts keys encrypted by Bouncy Castle). * Fixed decrypting PKCS#8 files encrypted with DES-CBC-MD5. While wildly insecure, this remains prevalent. 
.. _v45-0-2:
 
45.0.2 - 2025-05-17
 

• Fixed using mypy with cryptography on older versions of Python.

.. _v45-0-1:

45.0.1 - 2025-05-17

 * Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.0. </tr></table> 

... (truncated)

Commits

• f52a3e1 prep for a 45.0.7 release (#13378)
• 66198c2 Bump for release (#13249)
• 3e53a23 Bump for 45.0.5 release (#13135)
• 678c0c5 prepare for 45.0.4 release (#13058)
• 5038495 backports for 45.0.3 release (#12979)
• f81c075 Backport mypy fixes for release (#12930)
• 8ea28e0 bump for 45.0.1 (#12922)
• 6784097 bump for 45 release (#12886)
• 2d9c1c9 bump MSRV to 1.74 (#12919)
• 6c18874 Bump BoringSSL, OpenSSL, AWS-LC in CI (#12918)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)