back-end/pyproject.toml at main · OperationCode/back-end · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
[tool.poetry]
name = "back-end"
version = "0.1.0"
description = ""
authors = ["Allen Anthes <allen@operationcode.org>"]
license = "MIT"
package-mode = false

[tool.poetry.dependencies]
python = "^3.14"
argon2-cffi = "^25"
bcrypt = "^4.3"
boto3 = "^1.42"                             # Was ^1.13 - ensures urllib3 >= 2.6.3
cryptography = "^46.0"                      # Was ^43.0 - fixes CVE-2024-12797
django = "^5.2"                             # Upgraded from 4.2
djangorestframework = "^3.16"               # Was ^3.14 - fixes CVE-2024-21520
djangorestframework-camel-case = "^1.4"     # Was ^1.0
djangorestframework-simplejwt = "^5.3"      # Keep (works with Django 4.2)
django-allauth = "^65.0"                    # Keep (already compatible)
django-anymail = "^14.0"                    # Was ^12.0
django-q2 = "^1.7"                          # Keep
blessed = "^1.20"                           # Keep (django-q2 monitoring)
django-cors-headers = "^4.6"                # Was ^4.3
dj-rest-auth = "^7.0"                       # Keep
django-split-settings = "^1.3"              # Was ^1.0
django-storages = "^1.14"                   # Keep
django-unfold = "^0"                     # Modern admin theme with Django 5.x support
drf-yasg = "^1.21"                          # Keep (1.21.14 is latest)
gunicorn = "^25"                            # Keep
psycopg2 = "^2.9"                           # Keep
python-decouple = "^3.8"                    # Was ^3.1
mailchimp3 = "^3.0"                         # Keep
requests = "^2.32"                          # Was ^2
urllib3 = "^2.6.3"                          # CVE-2025-66471, CVE-2025-66418, CVE-2026-21441
sentry-sdk = "^2.49"                        # Was ^2
django-allow-cidr = "^0.8"                  # Was ^0.7
django-health-check = "^3.20"               # Was ^3.18

[tool.poetry.group.dev.dependencies]
bandit = "^1.9"                             # Was ^1.8
coverage = "^7.0"                           # Keep
django-debug-toolbar = "^5.0"               # Was ^4.4 (6.x has API changes)
factory_boy = "^3.3"                        # Keep
pyhumps = "^3.8"                            # Keep
pytest = ">=9.0"
pytest-django = "^4.8"                      # Keep
pytest-env = "^1.1"                         # Keep
pytest-mock = "^3.14"                       # Keep
responses = "^0.25"                         # Keep
ruff = "^0.14.14"
pytest-cov = "^7.0.0"

[tool.ruff]
line-length = 88
exclude = [
    "*/migrations/*",
    ".venv",
    "__pycache__",
]

[tool.ruff.lint]
select = ["E", "F", "W", "I"]
ignore = ["E501"]  # Line too long (handled by formatter)

[tool.ruff.format]
quote-style = "double"
indent-style = "space"

[build-system]
requires = ["poetry>=2.3.0"]
build-backend = "poetry.masonry.api"