fix: pin cryptography to v42.0.4 to resolve vulnerabilities

[snykerjames]

Resolves the following vulnerabilities:
https://app.snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6126975
https://app.snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6092044
https://app.snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6261585
https://app.snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6157248
https://app.snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6149518
https://app.snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6210214
https://app.snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6050294
https://app.snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6036192

[scott-es]

I will merge this with the following caveat: the advice to pin cryptography library to 42.0.4 means its a major version upgrade from 41.x. There is not a direct dependency upgrade path through pygithub 1.x (which pulls in cryptography) because 1.x looks to have stopped at 1.59.1 and now pygithub is on 2.x. Probably the right thing to do is to upgrade pygithub to 2.x so it pulls in updated cryptography version. That is also a major version change, so either way there is some risk here but likely this change will be fine. When upgrading to pygithub 2.x rigorous testing should be done