GT AI OS Community Edition v2.0.33

Security hardening release addressing CodeQL and Dependabot alerts: - Fix stack trace exposure in error responses - Add SSRF protection with DNS resolution checking - Implement proper URL hostname validation (replaces substring matching) - Add centralized path sanitization to prevent path traversal - Fix ReDoS vulnerability in email validation regex - Improve HTML sanitization in validation utilities - Fix capability wildcard matching in auth utilities - Update glob dependency to address CVE - Add CodeQL suppression comments for verified false positives 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-12 17:04:45 -05:00
commit b9dfb86260
746 changed files with 232071 additions and 0 deletions
--- a/apps/control-panel-backend/requirements.txt
+++ b/apps/control-panel-backend/requirements.txt
@@ -0,0 +1,38 @@
+# GT 2.0 Control Panel Backend Dependencies (Production)
+
+# FastAPI Core
+fastapi==0.121.2
+uvicorn[standard]==0.38.0
+pydantic[email]==2.12.4
+pydantic-settings==2.1.0
+
+# Database - PostgreSQL
+sqlalchemy==2.0.44
+alembic==1.16.2
+asyncpg==0.30.0
+psycopg2-binary==2.9.9
+
+# Authentication & Security
+python-multipart==0.0.20
+python-jose[cryptography]==3.4.0
+PyJWT==2.10.1
+passlib[bcrypt]==1.7.4
+bcrypt==4.1.3
+
+# Two-Factor Authentication
+pyotp==2.9.0
+qrcode==7.4.2
+pillow==11.1.0
+
+# Logging
+structlog==23.2.0
+
+# HTTP Client
+httpx==0.28.1
+
+# Message Queue
+aio-pika==9.3.1
+
+# Note: kubernetes removed - only used by resource-cluster
+# Note: apscheduler removed - not currently imported/used
+# Note: celery removed - not currently imported/used