mirror of
https://github.com/GSA/notifications-api.git
synced 2026-01-04 09:43:33 -05:00
b7c1fcb66d
two vulnerabilities in <4.6.5 (GHSL-2021-1037 and GHSL-2021-1038) https://github.com/lxml/lxml/blob/master/CHANGES.txt also removes docopt as we don't use it except for a dev script (which we might not need anyway)
43 lines
1.2 KiB
Plaintext
43 lines
1.2 KiB
Plaintext
# Run `make freeze-requirements` to update requirements.txt
|
||
# with package version changes made in requirements-app.txt
|
||
|
||
cffi==1.14.5
|
||
celery[sqs]==5.2.0
|
||
Flask-Bcrypt==0.7.1
|
||
flask-marshmallow==0.14.0
|
||
Flask-Migrate==2.7.0
|
||
git+https://github.com/mitsuhiko/flask-sqlalchemy.git@500e732dd1b975a56ab06a46bd1a20a21e682262#egg=Flask-SQLAlchemy==2.3.2.dev20190108
|
||
Flask==1.1.2
|
||
click-datetime==0.2
|
||
eventlet==0.30.2 # pyup: ignore # 0.31 breaks Gunicorn
|
||
gunicorn==20.1.0
|
||
iso8601==0.1.14
|
||
itsdangerous==1.1.0
|
||
jsonschema==3.2.0
|
||
marshmallow-sqlalchemy==0.23.1 # pyup: <0.24.0 # marshmallow v3 throws errors
|
||
marshmallow==2.21.0 # pyup: <3 # v3 throws errors
|
||
psycopg2-binary==2.8.6
|
||
PyJWT==2.0.1
|
||
SQLAlchemy==1.4.10
|
||
strict-rfc3339==0.7
|
||
rfc3987==1.3.8
|
||
cachetools==4.2.1
|
||
beautifulsoup4==4.9.3
|
||
lxml==4.7.1
|
||
Werkzeug==2.0.2
|
||
|
||
# higher version causes build to fail on PaaS due to lack of Rust
|
||
# see https://github.com/pyca/cryptography/issues/5810
|
||
cryptography<3.4 # pyup: <3.4
|
||
|
||
notifications-python-client==6.0.2
|
||
|
||
# PaaS
|
||
awscli-cwlogs==1.4.6
|
||
|
||
notifications-utils @ git+https://github.com/alphagov/notifications-utils.git@51.2.1
|
||
|
||
# gds-metrics requires prometheseus 0.2.0, override that requirement as 0.7.1 brings significant performance gains
|
||
prometheus-client==0.10.1
|
||
gds-metrics==0.2.4
|