Maciej Pienczyn
e718d96a7d
Some checks are pending
NordaBiz Tests / Unit & Integration Tests (push) Waiting to run
NordaBiz Tests / E2E Tests (Playwright) (push) Blocked by required conditions
NordaBiz Tests / Smoke Tests (Production) (push) Blocked by required conditions
NordaBiz Tests / Send Failure Notification (push) Blocked by required conditions
- HIGH: Fix SQL injection in ZOPK knowledge service (3 functions) — replace f-strings with parameterized queries - MEDIUM: Sanitize tsquery/LIKE input in SearchService to prevent injection - MEDIUM: Add @login_required + @role_required(ADMIN) to /health/full endpoint - MEDIUM: Add @role_required(ADMIN) to ZOPK knowledge search API - MEDIUM: Add bleach HTML sanitization on write for announcements, events, board proceedings (stored XSS via |safe) - MEDIUM: Remove partial API key from Gemini service logs - MEDIUM: Remove @csrf.exempt from chat endpoints, add X-CSRFToken headers in JS - MEDIUM: Add missing CSRF tokens to 3 POST forms (data_request, benefits_form, benefits_list) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
75 lines
1.2 KiB
Plaintext
75 lines
1.2 KiB
Plaintext
# Norda Biznes Partner - Python Dependencies
|
|
# ======================================
|
|
# Pinned versions for DEV/STAGING/PROD consistency (Python 3.12)
|
|
|
|
# Web Framework
|
|
Flask==3.1.2
|
|
Flask-Login==0.6.3
|
|
Werkzeug==3.1.5
|
|
|
|
# Security
|
|
Flask-WTF==1.2.2
|
|
Flask-Limiter==4.1.1
|
|
cryptography==46.0.4
|
|
bleach==6.3.0
|
|
|
|
# Database
|
|
SQLAlchemy==2.0.46
|
|
psycopg2-binary==2.9.11
|
|
|
|
# Google Gemini AI
|
|
google-genai==1.61.0
|
|
google-generativeai==0.8.6
|
|
|
|
# Google Maps/Places API
|
|
googlemaps==4.10.0
|
|
|
|
# Environment Configuration
|
|
python-dotenv==1.2.1
|
|
|
|
# Email (for verification)
|
|
Flask-Mail==0.9.1
|
|
|
|
# Utilities
|
|
requests==2.32.5
|
|
feedparser==6.0.12
|
|
user-agents>=2.2.0
|
|
pdfplumber>=0.10.0
|
|
|
|
# SEO Analysis
|
|
beautifulsoup4==4.14.3
|
|
selectolax==0.4.6
|
|
python-whois==0.9.6
|
|
|
|
# Google News URL Decoding
|
|
googlenewsdecoder==0.1.7
|
|
|
|
# GeoIP
|
|
geoip2==5.2.0
|
|
|
|
# Redis
|
|
redis==7.1.0
|
|
|
|
# 2FA
|
|
pyotp==2.9.0
|
|
|
|
# PDF generation
|
|
pillow==12.1.0
|
|
weasyprint==68.0
|
|
|
|
# ===========================================
|
|
# Testing Dependencies
|
|
# ===========================================
|
|
|
|
# Test framework
|
|
pytest==9.0.2
|
|
pytest-flask==1.3.0
|
|
pytest-cov==7.0.0
|
|
pytest-xdist==3.8.0
|
|
pytest-timeout==2.4.0
|
|
pytest-mock==3.15.1
|
|
|
|
# E2E testing with Playwright
|
|
playwright==1.58.0
|
|
pytest-playwright==0.7.2
|