GTEdgeAI/gt-ai-os-community
3
0
Fork 0
Code Issues Packages Releases Wiki Activity
Files
3b55a5977c0e61c6e4bfb9da399bdff2c2c4ca67
gt-ai-os-community/apps/tenant-backend/pyproject.toml
HackWeasel b9dfb86260 GT AI OS Community Edition v2.0.33 
Security hardening release addressing CodeQL and Dependabot alerts:

- Fix stack trace exposure in error responses
- Add SSRF protection with DNS resolution checking
- Implement proper URL hostname validation (replaces substring matching)
- Add centralized path sanitization to prevent path traversal
- Fix ReDoS vulnerability in email validation regex
- Improve HTML sanitization in validation utilities
- Fix capability wildcard matching in auth utilities
- Update glob dependency to address CVE
- Add CodeQL suppression comments for verified false positives

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-12 17:04:45 -05:00

145 lines
3.2 KiB
TOML
Raw Blame History

[build-system]
requires = ["hatchling"]
build-backend = "hatchling.build"
[project]
name = "tenant-backend"
version = "1.0.0"
description = "GT 2.0 Tenant Backend - Customer-facing API for AI chat and document management"
authors = [
{name = "GT Edge AI", email = "dev@gtedgeai.com"}
]
license = {text = "MIT"}
readme = "README.md"
requires-python = ">=3.11"
classifiers = [
"Development Status :: 4 - Beta",
"Intended Audience :: Developers",
"License :: OSI Approved :: MIT License",
"Operating System :: OS Independent",
"Programming Language :: Python :: 3",
"Programming Language :: Python :: 3.11",
"Programming Language :: Python :: 3.12",
"Framework :: FastAPI",
"Topic :: Software Development :: Libraries :: Application Frameworks",
"Topic :: Internet :: WWW/HTTP :: HTTP Servers",
]
dependencies = [
"fastapi>=0.104.1",
"uvicorn[standard]>=0.24.0",
"pydantic>=2.5.0",
"sqlalchemy>=2.0.23",
"python-jose[cryptography]>=3.3.0",
"passlib[bcrypt]>=1.7.4",
"httpx>=0.25.2",
"python-socketio>=5.10.0",
"aiofiles>=23.2.1",
# Redis removed - PostgreSQL handles all caching needs
"python-dotenv>=1.0.0",
]
[project.optional-dependencies]
dev = [
"pytest>=7.4.3",
"pytest-asyncio>=0.21.1",
"pytest-mock>=3.12.0",
"black>=23.11.0",
"isort>=5.12.0",
"flake8>=6.1.0",
"mypy>=1.7.0",
]
[tool.black]
line-length = 100
target-version = ["py311"]
include = '\.pyi?$'
extend-exclude = '''
/(
# directories
\.eggs
| \.git
| \.hg
| \.mypy_cache
| \.tox
| \.venv
| build
| dist
)/
'''
[tool.isort]
profile = "black"
multi_line_output = 3
line_length = 100
known_first_party = ["app"]
[tool.mypy]
python_version = "3.11"
check_untyped_defs = true
disallow_untyped_defs = true
disallow_incomplete_defs = true
disallow_untyped_decorators = true
no_implicit_optional = true
warn_return_any = true
warn_unused_ignores = true
show_error_codes = true
[[tool.mypy.overrides]]
module = [
"sqlalchemy.*",
"alembic.*",
"jose.*",
"passlib.*",
# "redis.*", # Removed - no longer using Redis
"socketio.*",
]
ignore_missing_imports = true
[tool.pydocstyle]
convention = "google"
add-ignore = ["D100", "D104"] # Allow missing docstrings in __init__.py
match = "(?!test_).*\\.py" # Exclude test files
[tool.pytest.ini_options]
testpaths = ["tests"]
python_files = ["test_*.py", "*_test.py"]
python_classes = ["Test*"]
python_functions = ["test_*"]
addopts = [
"--cov=app",
"--cov-report=html",
"--cov-report=term-missing",
"--cov-fail-under=80",
"--strict-markers",
"-v",
]
markers = [
"unit: Fast isolated tests (<100ms)",
"integration: Cross-service tests",
"slow: Long-running tests (>1s)",
"security: Security-focused tests",
]
asyncio_mode = "auto"
[tool.coverage.run]
source = ["app"]
omit = [
"*/tests/*",
"*/migrations/*",
"*/venv/*",
"*/env/*",
]
[tool.coverage.report]
exclude_lines = [
"pragma: no cover",
"def __repr__",
"raise AssertionError",
"raise NotImplementedError",
"if __name__ == .__main__.:",
"if TYPE_CHECKING:",
]
[tool.bandit]
exclude_dirs = ["tests", "migrations", "venv", ".venv"]
skips = ["B101", "B601"] # B101=assert_used, B601=shell_injection (for subprocess)
View Git Blame Copy Permalink