Allow pycryptodome ~> 3.6.6

[pedropregueiro]

Github is warning users about a security issue with pycroptodome < 3.6.6.:

Apparently, there's some sort of vulnerability with older versions:
https://nvd.nist.gov/vuln/detail/CVE-2018-15560

Is this something that should be changed on this package to allow installations with pycroptodome ~> 3.6.6.?

Btw, related to #2

[dwright213]

Im only doing basic stuff with it (warrant-lite in a flask/uwsgi app) but it seems to run with pycryptodome 3.6.6. I still haven't run any tests tho.

[mryalamanchi]

@dwright213 @pedropregueiro I just tried installing this module with pycryptodome==3.8.2 and it gave me an incompatibility warning.

python-jose-cryptodome 1.3.2 has requirement pycryptodome<3.4.0,>=3.3.1, but you'll have pycryptodome 3.8.2 which is incompatible.

Did you happen to come across any such warning/error?

[BKPepe]

ping @bjinwright would be good if you can solve this and release a new version, which will be also included in warrant. See capless/warrant#144

[mgrazebrook]

Using the out of date version also prevents it installing on Windows - though there is a workaround:
#4 (comment)

[Integralist]

Sigh. I see this is still an open issue 😞

ERROR: python-jose-cryptodome 1.3.2 has requirement pycryptodome<3.4.0,>=3.3.1, but you'll have pycryptodome 3.6.6 which is incompatible.

Thankfully it sounds like it has built and that no one has seen issues yet.