mirror of
https://github.com/apidoorman/doorman.git
synced 2026-05-05 07:39:12 -05:00
seniorswe
61 lines
1.5 KiB
Plaintext
61 lines
1.5 KiB
Plaintext
# Core dependencies
|
|
redis>=5.0.1
|
|
gevent>=23.9.1
|
|
greenlet>=3.0.3
|
|
pymongo>=4.6.1
|
|
motor>=3.3.2 # Async MongoDB driver
|
|
bcrypt>=4.1.2
|
|
psutil>=5.9.8
|
|
python-dotenv>=1.0.1
|
|
email-validator>=2.1.0.post1
|
|
|
|
# FastAPI and server
|
|
fastapi>=0.100.0 # Updated for compatibility with newer Starlette
|
|
starlette>=0.40.0 # Updated to fix DoS vulnerability
|
|
pydantic>=1.10.13,<2.0.0 # Keep v1 for compatibility
|
|
uvicorn[standard]>=0.27.1
|
|
slowapi>=0.1.8
|
|
|
|
# Caching
|
|
aiocache>=0.12.2
|
|
|
|
# Observability
|
|
prometheus_client>=0.20.0
|
|
|
|
# HTTP client
|
|
requests>=2.31.0
|
|
httpx>=0.24.1,<0.25.0 # Pinned to avoid breaking changes
|
|
|
|
# Cryptography
|
|
cryptography>=42.0.2
|
|
|
|
# Testing
|
|
pytest-asyncio>=0.23.6
|
|
pytest>=8.3.3
|
|
pytest-cov>=4.1.0
|
|
|
|
# GraphQL (server-side for live-tests)
|
|
# Use Ariadne ASGI app as required by live-tests; keep gql client if needed elsewhere.
|
|
ariadne>=0.23.0
|
|
graphql-core>=3.2.3
|
|
defusedxml>=0.7.1 # Safer XML parsing for SOAP validation
|
|
|
|
# Additional dependencies
|
|
python-multipart>=0.0.9 # For file uploads
|
|
typing-extensions>=4.9.0 # For type hints
|
|
zeep>=4.2.1 # Latest stable version
|
|
xmltodict>=0.13.0 # For XML handling
|
|
python-jose[cryptography]>=3.3.0 # For JWT handling
|
|
passlib>=1.7.4 # For password hashing
|
|
python-dateutil>=2.8.2 # For date handling
|
|
pytz>=2024.1 # For timezone handling
|
|
|
|
# gRPC dependencies
|
|
grpcio==1.75.0
|
|
grpcio-tools==1.75.0
|
|
grpcio-reflection==1.75.0
|
|
# CVE-2026-0994: No patch available yet (affects all versions up to 6.33.4)
|
|
# Upgrading to 6.33.4 to fix CVE-2025-4565 and using defensive coding practices
|
|
protobuf>=6.33.4
|
|
googleapis-common-protos>=1.63.0
|