mirror of
https://github.com/ansible/awx.git
synced 2026-01-09 15:02:07 -03:30
10a2946f9f
* Fix pip version constraint for Python 3.12 compatibility Remove outdated pip<22.0 constraint that was a workaround for pip-tools#1558. This issue was fixed in pip-tools 6.5.0+ and the old constraint breaks Python 3.12 where pkgutil.ImpImporter was removed. * Update requirements.txt * Fix license file inconsistencies with requirements - Rename awx-plugins.interfaces.txt to awx-plugins-interfaces.txt to match the package name in requirements - Remove backports-tarfile.txt and importlib-resources.txt as these packages are no longer in requirements * Fix updater.sh for pip 25.3 normalized output format Changes to requirements_git.txt: - Update to PEP 440 format (name @ git+url) to match pip-compile output - Normalize package names (hyphens instead of dots/underscores) - Sort extras alphabetically with hyphens (e.g., jwt-consumer not jwt_consumer) - Add documentation explaining format requirements Changes to updater.sh: - Escape BRE regex metacharacters in sed pattern to handle brackets in extras - Change sed delimiter from ! to | to avoid conflict with comment text - Add explicit return statements to functions - Assign positional parameters to local variables - Redirect error messages to stderr - Replace backticks with $() for command substitution - Pin pip to version 25.3 requirements.txt regenerated via updater.sh * Normalize package names in requirements.in to match pip output - prometheus_client -> prometheus-client - setuptools_scm -> setuptools-scm - dispatcherd[pg_notify] -> dispatcherd[pg-notify] PEP 503 specifies that package names should use hyphens. * Fix license files to match normalized package names - Remove awx_plugins.interfaces.txt (duplicate of awx-plugins-interfaces.txt) - Rename system-certifi.txt to certifi.txt to match package name
79 lines
2.3 KiB
Plaintext
79 lines
2.3 KiB
Plaintext
aiohttp>=3.12.14 # CVE-2024-30251
|
|
ansi2html # Used to format the stdout from jobs into html for display
|
|
jq # used for indirect host counting feature
|
|
asn1
|
|
azure-identity
|
|
azure-keyvault
|
|
boto3
|
|
botocore
|
|
channels
|
|
channels-redis
|
|
cryptography
|
|
Cython
|
|
daphne
|
|
distro
|
|
django>=5.2,<5.3 # Django 5.2 LTS, allow patch updates
|
|
django-cors-headers
|
|
django-crum
|
|
django-extensions
|
|
django-guid
|
|
django-polymorphic
|
|
django-solo
|
|
djangorestframework==3.15.2 # upgrading to 3.16+ throws NOT_REQUIRED_DEFAULT error on required fields in serializer that have no default
|
|
djangorestframework-yaml
|
|
drf-spectacular>=0.27.0
|
|
dynaconf
|
|
filelock
|
|
GitPython>=3.1.37 # CVE-2023-41040
|
|
grpcio
|
|
irc
|
|
jinja2>=3.1.6 # CVE-2025-27516
|
|
JSON-log-formatter
|
|
jsonschema
|
|
Markdown # used for formatting API help
|
|
maturin # pydantic-core build dep
|
|
msgpack
|
|
msrestazure
|
|
OPA-python-client==2.0.2 # upgrading requires urllib3 2.5.0+ which is blocked by other deps
|
|
openshift
|
|
opentelemetry-api~=1.37 # new y streams can be drastically different, in a good way
|
|
opentelemetry-sdk~=1.37
|
|
opentelemetry-instrumentation-logging
|
|
opentelemetry-exporter-otlp
|
|
pexpect
|
|
prometheus-client
|
|
psycopg
|
|
psutil
|
|
pygerduty
|
|
PyGithub
|
|
pyopenssl
|
|
pyparsing==2.4.7 # Upgrading to v3 of pyparsing introduce errors on smart host filtering: Expected 'or' term, found 'or' (at char 15), (line:1, col:16)
|
|
python-daemon
|
|
python-dsv-sdk>=1.0.4
|
|
python-tss-sdk>=1.2.1
|
|
pyyaml>=6.0.2 # require packing fix for cython 3 or higher
|
|
pyzstd # otel collector log file compression library
|
|
receptorctl
|
|
sqlparse>=0.4.4 # Required by django https://github.com/ansible/awx/security/dependabot/96
|
|
redis[hiredis]>=7.0 # requires 7.0+ for retry functionality on connection errors
|
|
requests
|
|
slack-sdk
|
|
twilio
|
|
twisted[tls]>=24.7.0 # CVE-2024-41810
|
|
urllib3<2.4.0, >=1.26.19 # CVE-2024-37891. capped by kubernetes 34.1.0 reqs
|
|
uWSGI>=2.0.28
|
|
uwsgitop
|
|
wheel>=0.38.1 # CVE-2022-40898
|
|
pip==25.3 # see UPGRADE BLOCKERs
|
|
setuptools==80.9.0 # see UPGRADE BLOCKERs
|
|
setuptools-scm[toml]
|
|
setuptools-rust>=0.11.4 # cryptography build dep
|
|
pkgconfig>=1.5.1 # xmlsec build dep - needed for offline build
|
|
django-flags>=5.0.13
|
|
dispatcherd[pg-notify] # tasking system, previously part of AWX code base
|
|
protobuf>=4.25.8 # CVE-2025-4565
|
|
idna>=3.10 # CVE-2024-3651
|
|
# Temporarily added to use ansible-runner from git branch, to be removed
|
|
# when ansible-runner moves from requirements_git.txt to here
|
|
pbr
|