diff --git a/requirements/snyk/libraries/requirements.txt b/requirements/snyk/libraries/requirements.txt deleted file mode 120000 index d9746489f60..00000000000 --- a/requirements/snyk/libraries/requirements.txt +++ /dev/null @@ -1 +0,0 @@ -../../libraries.txt \ No newline at end of file diff --git a/requirements/snyk/libraries/requirements.txt b/requirements/snyk/libraries/requirements.txt new file mode 100644 index 00000000000..dd991c45c25 --- /dev/null +++ b/requirements/snyk/libraries/requirements.txt @@ -0,0 +1,56 @@ +# These packages are installed from PyPI. +backports.csv==1.0.7 +beautifulsoup4==4.8.2 +boto3==1.7.80 +# Temporarily pin cryptography here. +# edgegrid-python has an open-ended dependency on PyOpenSSL, which in turn +# has an open-ended dependency on cryptography. cryptography 3.0 currently +# doesn't build in our build environment. This pins the last release that +# does until we can solve that problem. +cryptography==2.9.2 +dj-database-url==0.5.0 +djangorestframework==3.11.1 +django-csp==3.4 +django-extensions==2.1.3 +django-flags==4.2.4 +django-haystack==2.8.1 +# django-localflavor is required by django-college-costs-comparison +django-localflavor==2.2 +django-mptt==0.9.0 +django-storages==1.7.1 +django-treebeard==4.2.0 +django-watchman==0.15.0 +edgegrid-python==1.0.10 +elasticsearch==2.4.1 +govdelivery==1.3 +Jinja2==2.11.2 +lxml==4.2.5 +Markdown==3.2.1 +ntplib==0.3.4 +openpyxl==3.0.3 +psycopg2==2.7.3.2 +pyelasticsearch==0.6.1 +python-dateutil==2.7.3 +regdown==1.0.2 +requests==2.22.0 +requests_toolbelt==0.8.0 +sha3==0.2.1 +unipath>=1.1,<=2.0 +urllib3==1.25.2 +# wagtail-autocomplete==0.6 TODO: Restore when wagtail-autocomplete #77 is merged +wagtail-flags==4.2.2 +wagtail-inventory==1.1.1 +wagtail-placeholder-images==0.1.1 +wagtail-sharing==2.2.1 +wagtail-treemodeladmin==1.2.1 +wagtailmedia==0.6.0 + +# These packages are installed from GitHub. +https://github.com/cfpb/wagtail-autocomplete/releases/download/0.7/wagtail_autocomplete-0.6-py3-none-any.whl +https://github.com/cfpb/owning-a-home-api/releases/download/0.16.0/owning_a_home_api-0.16.0-py3-none-any.whl +https://github.com/cfpb/retirement/releases/download/0.15.0/retirement-0.15.0-py3-none-any.whl +https://github.com/cfpb/ccdb5-api/releases/download/1.5.1/ccdb5_api-1.5.1-py3-none-any.whl +https://github.com/cfpb/ccdb5-ui/releases/download/2.3.1/ccdb5_ui-2.3.1-py3-none-any.whl +https://github.com/cfpb/django-college-costs-comparison/releases/download/1.15.1/comparisontool-1.15.1-py3-none-any.whl +https://github.com/cfpb/curriculum-review-tool/releases/download/2.0.3/crtool-2.0.3-py3-none-any.whl +idna>=3.7 # not directly required, pinned by Snyk to avoid a vulnerability