requirements.in

# piptools: python3.10
# Flask
# License: BSD
# Upstream url: http://github.com/mitsuhiko/flask/
# Use: For API.
Flask==1.1.4

# Flask Scripting support for Flask
# License: BSD
# Upstream url: http://github.com/techniq/flask-script
# Use: For CLI scripts.
Flask-Script==2.0.5

# Dispatching system for parties to subscribe to events
# Supports per-endpoint timing in flask
# License: MIT
# Upstream url: https://pypi.python.org/pypi/blinker
blinker

# A low-level interface to a growing number of Amazon Web Services. The
# botocore package is the foundation for the AWS CLI as well as boto3.
# License: Apache2
# Upstream url: https://github.com/boto/botocore
# Use: For boto3
botocore>=1.34.147,<1.35.0

# Boto3 is the Amazon Web Services (AWS) Software Development Kit (SDK)
# for Python.
# License: Apache2
# Upstream url: https://github.com/boto/boto3
# Use: For KMS
boto3==1.34.147

# A Pythonic interface for Amazon's DynamoDB that supports Python 2 and 3.
# License: MIT
# Upstream url: http://jlafon.io/pynamodb.html
# Use: For DynamoDB storage
pynamodb==5.5.1

# cryptography is a package which provides cryptographic recipes and
# primitives to Python developers.
# License: BSD
# Upstream url: https://github.com/pyca/cryptography
# Use: For encryption
cryptography>2.3.0

# C Foreign Function Interface for Python.
# License: MIT
# Upstream url: https://bitbucket.org/cffi/cffi
# Use: Required by cryptography package to be installed. This should be removed
# once crytography updates their depenencies to require cffi>=1.10.0.
cffi>1.15.0

# License: BSD
# Upstream url: https://github.com/fengsp/flask-session
# Use: For shared sessions
Flask-Session==0.2.3

# Redis
# License: MIT
# Upstream url: https://github.com/andymccurdy/redis-py
# Use: For shared sessions
redis
types-redis

# Flask extension that configures the Flask application to redirect all
# incoming requests to https
# License: BSD
# Upstream url: https://github.com/kennethreitz/flask-sslify
# Use: For SSL redirection and HSTS
Flask-SSLify==0.1.5

# Authomatic is a framework agnostic library for Python web applications
# with a minimalistic but powerful interface which simplifies
# authentication of users by third party providers like Facebook or
# Twitter through standards like OAuth and OpenID.
# License: MIT
# Upstream url: http://peterhudec.github.io/authomatic
# Use: For google auth
Authomatic

# License: MIT
# Upstream url: https://github.com/onelogin/python3-saml
# Use: For user authentication via SAML
python3-saml>=1.15.0
lxml>=4.6.5,!=4.7.0,<=5.2.1
xmlsec==1.3.13

# Python HTTP for Humans.
# License: Apache2
# Upstream url: http://python-requests.org
# Use: REST calls to external services
requests>=2.22.0,<3.0.0

# Provides enhanced HTTPS support for httplib and urllib2 using PyOpenSSL
# License: BSD
# Upstream url: https://github.com/cedadev/ndg_httpsclient/
# Use: Securing requests for python < 2.7.9.
ndg-httpsclient>0.4.2

# ASN.1 types and codecs
# License: BSD
# Upstream url: http://sourceforge.net/projects/pyasn1/
# Use: Securing requests for python < 2.7.9.
pyasn1>0.4.4

# Python wrapper module around the OpenSSL library
# License: APL2
# Upstream url: https://github.com/pyca/pyopenssl
# Use: Securing requests for python < 2.7.9.
pyOpenSSL>16.2.0

# WSGI middleware to add CSP headers
# License: Apache2
# Upstream url: https://github.com/dstufft/guard
guard

# License: MIT
# Upstream url: http://pyyaml.org/wiki/PyYAML
# Use: For parsing users.yaml
PyYAML
types-PyYAML

# License: MIT
# Upstream url: http://gunicorn.org/
# Use: For wsgi running
gunicorn

# License: MIT
# Upstream url: http://www.gevent.org/
# Use: For concurrency
gevent

# License: MIT
# Upstream url: https://github.com/python-greenlet/greenlet
# Use: For concurrency
greenlet

# License: MIT
# Upstream url: https://github.com/jsocol/pystatsd
# Use: For metrics collection
statsd

# License: Apache2
# Upstream url: https://github.com/lyft/python-kmsauth
# Use: kmsauth support library
kmsauth==0.6.3

# License: MIT
# Upstream url: https://pypi.org/project/marshmallow/
# Use: input/output validation and json serialization
marshmallow==2.20.0

# License MIT
# Upstream url: https://pypi.org/project/attrs/
# Use: declarative classes for marshmallow
attrs

# A fixed size dict like container which evicts Least Recently Used (LRU)
# items once size limit is exceeded.
# License: MIT
# Use: more-efficient LRU dictionary implementation
lru-dict

# A python library adding a json log formatter
# License: BSD
# Upstream url: http://github.com/madzak/python-json-logger
python-json-logger

# Testing library
# License: MIT
# Upstream url: https://github.com/pytest-dev/pytest
pytest

# Thin-wrapper around the mock package for easier use with py.test
# License: MIT
# Upstream url: https://github.com/pytest-dev/pytest-mock/
pytest-mock

# Code coverage plugin for py.test
# License: MIT
# Upstream url: https://github.com/pytest-dev/pytest-cov
pytest-cov

# Pytest plugin for using fixtures in pytest.mark.parametrize
# License: MIT
# Upstream url: https://github.com/tvorog/pytest-lazy-fixture
pytest-lazy-fixture

# Environment Variable plugin for py.test
# License: MIT
# Upstream url: https://github.com/MobileDynasty/pytest-env/
pytest-env

# Ensure that gevent is properly patched when invoking pytest
# License: MIT
# Upstream url: https://github.com/asottile/pytest-gevent
pytest-gevent

# Timezones
pytz
types-pytz

# for jwt
pyjwt>=2.6.0
jwcrypto
cerberus

# caching jwt
cachetools==5.2.0

# for typing
mypy

# License: BSD
# Upstream url: https://pypi.org/project/fakeredis/
# Use: To mock redis in unit tests
fakeredis