b9dfb86260
Security hardening release addressing CodeQL and Dependabot alerts: - Fix stack trace exposure in error responses - Add SSRF protection with DNS resolution checking - Implement proper URL hostname validation (replaces substring matching) - Add centralized path sanitization to prevent path traversal - Fix ReDoS vulnerability in email validation regex - Improve HTML sanitization in validation utilities - Fix capability wildcard matching in auth utilities - Update glob dependency to address CVE - Add CodeQL suppression comments for verified false positives 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
39 lines
735 B
Plaintext
39 lines
735 B
Plaintext
# GT 2.0 Control Panel Backend Dependencies (Production)
|
|
|
|
# FastAPI Core
|
|
fastapi==0.121.2
|
|
uvicorn[standard]==0.38.0
|
|
pydantic[email]==2.12.4
|
|
pydantic-settings==2.1.0
|
|
|
|
# Database - PostgreSQL
|
|
sqlalchemy==2.0.44
|
|
alembic==1.16.2
|
|
asyncpg==0.30.0
|
|
psycopg2-binary==2.9.9
|
|
|
|
# Authentication & Security
|
|
python-multipart==0.0.20
|
|
python-jose[cryptography]==3.4.0
|
|
PyJWT==2.10.1
|
|
passlib[bcrypt]==1.7.4
|
|
bcrypt==4.1.3
|
|
|
|
# Two-Factor Authentication
|
|
pyotp==2.9.0
|
|
qrcode==7.4.2
|
|
pillow==11.1.0
|
|
|
|
# Logging
|
|
structlog==23.2.0
|
|
|
|
# HTTP Client
|
|
httpx==0.28.1
|
|
|
|
# Message Queue
|
|
aio-pika==9.3.1
|
|
|
|
# Note: kubernetes removed - only used by resource-cluster
|
|
# Note: apscheduler removed - not currently imported/used
|
|
# Note: celery removed - not currently imported/used
|