zulip/requirements/common.in

189 lines
4.9 KiB
Plaintext
Raw Normal View History

# After editing this file, you MUST afterward run
# /tools/update-locked-requirements to update requirements/dev.txt
# and requirements/prod.txt.
# See requirements/README.md for more detail.
# Django itself
django: Upgrade Zulip to Django 3.2 LTS. This is a straightforward upgrade in terms of changes needed. Necessary changes were: - Set `DEFAULT_AUTO_FIELD` https://docs.djangoproject.com/en/3.2/releases/3.2/#customizing-type-of-auto-created-primary-keys - `The default_app_config application configuration variable is deprecated, due to the now automatic AppConfig discovery.` https://docs.djangoproject.com/en/3.2/releases/3.2/#automatic-appconfig-discovery To handle this one, we can remove default_app_config from zerver/__init__.py because it satisfies what release notes describe in https://docs.djangoproject.com/en/3.2/releases/3.2/#automatic-appconfig-discovery: "Most pluggable applications define an AppConfig subclass in an apps.py submodule. Many define a default_app_config variable pointing to this class in their __init__.py. When the apps.py submodule exists and defines a single AppConfig subclass, Django now uses that configuration automatically, so you can remove default_app_config." An important note is that rebuild-test-database needs to be run after this upgrade in dev environment - if tests are run with test db that was built on the previous version, they will fail due to a mysterious bug (?), where changing attributes of a user and .save()ing after logging in in the test via self.login_user, causes getting logged out - the next requests via self.client_get etc. are unauthed for some reason, unless self.login_user is called again. This behavior is no longer exhibited upon rebuilding the test db - and I can't reproduce it in production or dev db. So this can likely be reasonably dismissed as some quirk of the test client system that won't be relevant in the future and doesn't impact production.
2021-05-01 15:34:59 +02:00
Django[argon2]==3.2.*
# needed for Literal, TypedDict
typing-extensions
# Backport of @dataclass
dataclasses;python_version<"3.7"
# Needed for rendering backend templates
Jinja2
# Needed for Markdown processing
Markdown
importlib-metadata;python_version<"3.8" # for Markdown
Pygments
jsx-lexer
# Needed for manage.py
ipython
# Needed for compatibility with ipython < 7.20, which we cannot
# install on Python <3.7; see
# https://github.com/ipython/ipython/issues/12740
jedi<0.18.0
# Needed for image processing
Pillow
# Needed for building complex DB queries
SQLAlchemy==1.3.* # 1.4 has badly busted type annotations
# Needed for S3 file uploads
boto3
# Needed for integrations
defusedxml
# Needed for LDAP support
# Using our fork for the feature of searching users by email.
# https://github.com/django-auth-ldap/django-auth-ldap/pull/150 for monitoring
# progress on merging this upstream.
https://github.com/zulip/django-auth-ldap/archive/e26d0ef2a7ff77ab3fdd7b6578a76081f780778c.zip#egg=django-auth-ldap==2.0.0zulip1
# Django extension providing bitfield support
django-bitfield
# Django extension for sending data to statsd
django-statsd-mozilla
# Needed for Android push notifications
python-gcm
# Needed for the email mirror
html2text
# Forked to avoid pulling in scipy: https://github.com/mailgun/talon/pull/200
https://github.com/zulip/talon/archive/1711705c952806d4a704c7dbf58f21db8e11756a.zip#egg=talon-core==1.4.8.zulip1&subdirectory=talon-core
# Needed for inlining the CSS in emails
premailer
# Needed for JWT-based auth
PyJWT
# Needed for including other Markdown files for user docs
markdown-include
# Needed to access RabbitMQ
pika
# Needed to access our database
psycopg2
# Needed for memcached usage
python-binary-memcached
# Needed for compression support in memcached via python-binary-memcached
django-bmemcached
# Needed for zerver/tests/test_timestamp.py
python-dateutil
# Needed for timezone work
pytz
# Needed for Redis
redis
# Needed to parse source maps for error reporting
sourcemap
# Tornado used for server->client push system
tornado==4.* # https://github.com/zulip/zulip/issues/8913
# Fast JSON parser
orjson
# Needed for iOS push notifications
aioapns
python-twitter
# To parse po files
polib
# Needed for cloning virtual environments
virtualenv-clone
# Needed for link preview
beautifulsoup4
pyoembed
python-magic
# The Zulip API bindings, from its own repository. We integrate with
# these tightly, including fetching content not included in the official
# PyPI release tarballs, such as logos, assets and documentation files
# that we render on our /integrations page. Therefore, we need to pin
# the version from Git rather than a PyPI release. Keeping everything in
# one repository simplifies the process of implementing and documenting
# new bots for new contributors.
https://github.com/zulip/python-zulip-api/archive/0.8.0.zip#egg=zulip==0.8.0+git&subdirectory=zulip
https://github.com/zulip/python-zulip-api/archive/0.8.0.zip#egg=zulip_bots==0.8.0+git&subdirectory=zulip_bots
# Used for Hesiod lookups, etc.
py3dns
2016-07-20 12:16:02 +02:00
# Install Python Social Auth
social-auth-app-django
social-auth-core[azuread,openidconnect,saml]
https://github.com/onelogin/python3-saml/archive/4b6c4b1f2ed3f6eab70ff4391e595b808ace168c.zip#egg=python3-saml==1.10.1+git # remove defusedxml: https://github.com/onelogin/python3-saml/pull/236
# For encrypting a login token to the desktop app
cryptography
# Needed for messages' rendered content parsing in push notifications.
lxml
# Needed for 2-factor authentication
django-two-factor-auth[call,phonenumberslite,sms]
https://github.com/karls/twilio-python/archive/355de2bc698596c20226990be48d8625d17e38fb.zip#egg=twilio==6.61.0+git # support PyJWT ≥ 2.0.0: https://github.com/twilio/twilio-python/pull/560
# Needed for processing payments (in corporate)
stripe
# Needed for serving uploaded files from nginx but perform auth checks in django.
django-sendfile2
# For checking whether email of the user is from a disposable email provider.
disposable-email-domains
# Needed for parsing YAML with JSON references from the REST API spec files
jsonref
# Needed for string matching in AlertWordProcessor
pyahocorasick
# Needed for function decorators that don't break introspection.
# Used for rate limiting authentication.
decorator
# For server-side enforcement of password strength
zxcvbn
# Needed for sending HTTP requests
requests[security]
requests-oauthlib
# For OpenAPI schema validation.
openapi-core
2020-07-02 02:19:40 +02:00
# For reporting errors to sentry.io
sentry-sdk
# For detecting URLs to link
tlds
# Unicode Collation Algorithm for sorting multilingual strings
pyuca
# Handle connection retries with exponential backoff
backoff
# Needed for reading bson files in rocketchat import tool
pymongo