kitos
4e378540af
Snyk scan found 3 High severity vulns: two in ecdsa (pulled by python-jose) and one in diskcache (pulled by pySigma, never imported). Remove both vulnerable dependencies and migrate JWT handling to PyJWT. Fix test_logout_revokes_token which broke because test stubs sys.modules[jose] with a MagicMock at collection time; test now uses PyJWT directly.
30 lines
366 B
Plaintext
30 lines
366 B
Plaintext
fastapi
|
|
uvicorn[standard]
|
|
sqlalchemy
|
|
psycopg2-binary
|
|
alembic
|
|
PyJWT
|
|
passlib[bcrypt]
|
|
bcrypt==4.0.1
|
|
boto3
|
|
apscheduler
|
|
requests
|
|
pyyaml
|
|
toml
|
|
taxii2-client
|
|
python-multipart
|
|
pydantic-settings
|
|
slowapi
|
|
defusedxml
|
|
redis>=5.0.0
|
|
atlassian-python-api>=4.0.0
|
|
tempo-api-python-client>=0.8.0
|
|
weasyprint>=62.0
|
|
docxtpl>=0.18.0
|
|
|
|
# Testing
|
|
pytest
|
|
pytest-asyncio
|
|
httpx
|
|
fakeredis>=2.23.0
|