2017-08-30 00:45:33 +02:00
|
|
|
# After editing this file, you MUST afterward run
|
2017-11-17 02:41:06 +01:00
|
|
|
# /tools/update-locked-requirements to update requirements/dev.txt
|
|
|
|
# and requirements/prod.txt.
|
2017-08-30 00:45:33 +02:00
|
|
|
# See requirements/README.md for more detail.
|
2017-10-19 06:48:23 +02:00
|
|
|
# Django itself
|
2021-05-01 15:34:59 +02:00
|
|
|
Django[argon2]==3.2.*
|
2017-08-22 00:16:18 +02:00
|
|
|
|
2020-06-11 21:18:16 +02:00
|
|
|
# needed for Literal, TypedDict
|
2019-09-23 01:34:04 +02:00
|
|
|
typing-extensions
|
2017-08-09 04:01:00 +02:00
|
|
|
|
2020-06-11 21:44:23 +02:00
|
|
|
# Backport of @dataclass
|
|
|
|
dataclasses;python_version<"3.7"
|
|
|
|
|
2017-08-22 00:16:18 +02:00
|
|
|
# Needed for rendering backend templates
|
2019-09-23 01:34:04 +02:00
|
|
|
Jinja2
|
2017-08-22 00:16:18 +02:00
|
|
|
|
2020-08-11 01:47:49 +02:00
|
|
|
# Needed for Markdown processing
|
2019-09-23 01:34:04 +02:00
|
|
|
Markdown
|
2020-06-25 02:29:22 +02:00
|
|
|
importlib-metadata;python_version<"3.8" # for Markdown
|
2019-09-23 01:34:04 +02:00
|
|
|
Pygments
|
2020-04-24 08:52:33 +02:00
|
|
|
jsx-lexer
|
2017-08-22 00:16:18 +02:00
|
|
|
|
|
|
|
# Needed for manage.py
|
2020-04-24 08:57:51 +02:00
|
|
|
ipython
|
2017-08-22 00:16:18 +02:00
|
|
|
|
2021-03-03 22:05:19 +01:00
|
|
|
# Needed for compatibility with ipython < 7.20, which we cannot
|
|
|
|
# install on Python <3.7; see
|
|
|
|
# https://github.com/ipython/ipython/issues/12740
|
|
|
|
jedi<0.18.0
|
|
|
|
|
2020-10-23 02:43:28 +02:00
|
|
|
# Needed for image processing
|
2021-07-06 08:06:18 +02:00
|
|
|
Pillow
|
2017-08-22 00:16:18 +02:00
|
|
|
|
|
|
|
# Needed for building complex DB queries
|
2021-08-21 01:07:28 +02:00
|
|
|
SQLAlchemy==1.4.*
|
2017-08-22 00:16:18 +02:00
|
|
|
|
|
|
|
# Needed for S3 file uploads
|
2018-12-07 17:52:01 +01:00
|
|
|
boto3
|
2021-08-10 02:11:16 +02:00
|
|
|
mypy-boto3-s3
|
2017-08-22 00:16:18 +02:00
|
|
|
|
|
|
|
# Needed for integrations
|
2019-09-23 01:34:04 +02:00
|
|
|
defusedxml
|
2017-08-22 00:16:18 +02:00
|
|
|
|
|
|
|
# Needed for LDAP support
|
2021-08-25 23:15:27 +02:00
|
|
|
django-auth-ldap
|
2017-08-22 00:16:18 +02:00
|
|
|
|
|
|
|
# Django extension providing bitfield support
|
2019-09-23 01:34:04 +02:00
|
|
|
django-bitfield
|
2017-08-22 00:16:18 +02:00
|
|
|
|
|
|
|
# Django extension for sending data to statsd
|
2019-09-23 01:34:04 +02:00
|
|
|
django-statsd-mozilla
|
2017-08-22 00:16:18 +02:00
|
|
|
|
|
|
|
# Needed for Android push notifications
|
2019-09-23 01:34:04 +02:00
|
|
|
python-gcm
|
2017-08-22 00:16:18 +02:00
|
|
|
|
|
|
|
# Needed for the email mirror
|
2019-09-23 01:34:04 +02:00
|
|
|
html2text
|
2021-03-12 07:06:16 +01:00
|
|
|
# Forked to avoid pulling in scipy: https://github.com/mailgun/talon/pull/200
|
|
|
|
https://github.com/zulip/talon/archive/1711705c952806d4a704c7dbf58f21db8e11756a.zip#egg=talon-core==1.4.8.zulip1&subdirectory=talon-core
|
2017-08-22 00:16:18 +02:00
|
|
|
|
2017-09-16 14:29:51 +02:00
|
|
|
# Needed for inlining the CSS in emails
|
2019-09-23 01:34:04 +02:00
|
|
|
premailer
|
2017-09-16 14:29:51 +02:00
|
|
|
|
2017-08-22 00:16:18 +02:00
|
|
|
# Needed for JWT-based auth
|
2019-09-23 01:34:04 +02:00
|
|
|
PyJWT
|
2017-08-22 00:16:18 +02:00
|
|
|
|
2020-08-11 01:47:49 +02:00
|
|
|
# Needed for including other Markdown files for user docs
|
2019-09-23 01:34:04 +02:00
|
|
|
markdown-include
|
2017-08-22 00:16:18 +02:00
|
|
|
|
2020-10-23 02:43:28 +02:00
|
|
|
# Needed to access RabbitMQ
|
2019-10-09 04:38:43 +02:00
|
|
|
pika
|
2017-08-22 00:16:18 +02:00
|
|
|
|
|
|
|
# Needed to access our database
|
2021-03-26 01:13:54 +01:00
|
|
|
psycopg2
|
2017-08-22 00:16:18 +02:00
|
|
|
|
|
|
|
# Needed for memcached usage
|
2020-09-12 22:31:17 +02:00
|
|
|
python-binary-memcached
|
2017-08-22 00:16:18 +02:00
|
|
|
|
2020-05-09 22:23:33 +02:00
|
|
|
# Needed for compression support in memcached via python-binary-memcached
|
|
|
|
django-bmemcached
|
2018-06-11 04:19:16 +02:00
|
|
|
|
2017-08-22 19:32:38 +02:00
|
|
|
# Needed for zerver/tests/test_timestamp.py
|
2019-09-23 01:34:04 +02:00
|
|
|
python-dateutil
|
2017-08-22 19:32:38 +02:00
|
|
|
|
2017-08-22 00:16:18 +02:00
|
|
|
# Needed for timezone work
|
2019-09-23 01:34:04 +02:00
|
|
|
pytz
|
2017-08-22 00:16:18 +02:00
|
|
|
|
2020-10-23 02:43:28 +02:00
|
|
|
# Needed for Redis
|
2019-09-23 01:34:04 +02:00
|
|
|
redis
|
2017-08-22 00:16:18 +02:00
|
|
|
|
|
|
|
# Needed to parse source maps for error reporting
|
2019-09-23 01:34:04 +02:00
|
|
|
sourcemap
|
2017-08-22 00:16:18 +02:00
|
|
|
|
|
|
|
# Tornado used for server->client push system
|
2019-09-23 01:34:04 +02:00
|
|
|
tornado==4.* # https://github.com/zulip/zulip/issues/8913
|
2017-08-22 00:16:18 +02:00
|
|
|
|
|
|
|
# Fast JSON parser
|
2020-08-07 01:09:47 +02:00
|
|
|
orjson
|
2017-08-22 00:16:18 +02:00
|
|
|
|
|
|
|
# Needed for iOS push notifications
|
2021-07-06 08:06:18 +02:00
|
|
|
aioapns
|
2017-08-22 00:16:18 +02:00
|
|
|
|
2019-09-23 01:34:04 +02:00
|
|
|
python-twitter
|
2017-08-22 00:16:18 +02:00
|
|
|
|
|
|
|
# To parse po files
|
2019-09-23 01:34:04 +02:00
|
|
|
polib
|
2017-08-22 00:16:18 +02:00
|
|
|
|
|
|
|
# Needed for cloning virtual environments
|
2019-09-23 01:34:04 +02:00
|
|
|
virtualenv-clone
|
2017-08-22 00:16:18 +02:00
|
|
|
|
|
|
|
# Needed for link preview
|
2019-09-23 01:34:04 +02:00
|
|
|
beautifulsoup4
|
|
|
|
pyoembed
|
|
|
|
python-magic
|
2017-08-22 00:16:18 +02:00
|
|
|
|
2018-04-17 01:36:00 +02:00
|
|
|
# The Zulip API bindings, from its own repository. We integrate with
|
2020-03-27 00:37:21 +01:00
|
|
|
# these tightly, including fetching content not included in the official
|
|
|
|
# PyPI release tarballs, such as logos, assets and documentation files
|
|
|
|
# that we render on our /integrations page. Therefore, we need to pin
|
|
|
|
# the version from Git rather than a PyPI release. Keeping everything in
|
|
|
|
# one repository simplifies the process of implementing and documenting
|
|
|
|
# new bots for new contributors.
|
2021-05-20 03:47:49 +02:00
|
|
|
https://github.com/zulip/python-zulip-api/archive/0.8.0.zip#egg=zulip==0.8.0+git&subdirectory=zulip
|
|
|
|
https://github.com/zulip/python-zulip-api/archive/0.8.0.zip#egg=zulip_bots==0.8.0+git&subdirectory=zulip_bots
|
2017-05-14 07:09:42 +02:00
|
|
|
|
2016-07-02 07:26:18 +02:00
|
|
|
# Used for Hesiod lookups, etc.
|
2019-09-23 01:34:04 +02:00
|
|
|
py3dns
|
2016-07-03 09:21:33 +02:00
|
|
|
|
2016-07-20 12:16:02 +02:00
|
|
|
# Install Python Social Auth
|
2019-09-23 01:34:04 +02:00
|
|
|
social-auth-app-django
|
2021-07-06 08:06:18 +02:00
|
|
|
social-auth-core[azuread,openidconnect,saml]
|
2017-10-05 23:03:30 +02:00
|
|
|
|
2020-04-25 06:49:19 +02:00
|
|
|
# For encrypting a login token to the desktop app
|
|
|
|
cryptography
|
|
|
|
|
2017-10-05 23:03:30 +02:00
|
|
|
# Needed for messages' rendered content parsing in push notifications.
|
2019-09-23 01:34:04 +02:00
|
|
|
lxml
|
2017-11-29 00:13:09 +01:00
|
|
|
|
|
|
|
# Needed for 2-factor authentication
|
2021-01-26 22:50:42 +01:00
|
|
|
django-two-factor-auth[call,phonenumberslite,sms]
|
2021-08-24 01:25:50 +02:00
|
|
|
https://github.com/karls/twilio-python/archive/fb847755d2ec943a4fd84f0c33ae9f7f4999095a.zip#egg=twilio==6.61.0+git # support PyJWT ≥ 2.0.0: https://github.com/twilio/twilio-python/pull/560
|
2018-01-13 19:36:21 +01:00
|
|
|
|
2018-12-17 20:32:11 +01:00
|
|
|
# Needed for processing payments (in corporate)
|
2019-09-23 01:34:04 +02:00
|
|
|
stripe
|
2018-02-12 18:18:03 +01:00
|
|
|
|
|
|
|
# Needed for serving uploaded files from nginx but perform auth checks in django.
|
2019-09-23 01:34:04 +02:00
|
|
|
django-sendfile2
|
2018-03-05 12:28:41 +01:00
|
|
|
|
|
|
|
# For checking whether email of the user is from a disposable email provider.
|
2019-09-23 01:34:04 +02:00
|
|
|
disposable-email-domains
|
2018-05-26 00:59:35 +02:00
|
|
|
|
|
|
|
# Needed for parsing YAML with JSON references from the REST API spec files
|
2020-08-12 01:35:02 +02:00
|
|
|
jsonref
|
2018-07-12 17:25:05 +02:00
|
|
|
|
2019-02-11 15:19:38 +01:00
|
|
|
# Needed for string matching in AlertWordProcessor
|
2019-09-23 01:34:04 +02:00
|
|
|
pyahocorasick
|
2019-08-01 15:04:02 +02:00
|
|
|
|
|
|
|
# Needed for function decorators that don't break introspection.
|
|
|
|
# Used for rate limiting authentication.
|
2019-09-23 01:34:04 +02:00
|
|
|
decorator
|
2019-09-19 22:31:52 +02:00
|
|
|
|
auth: Use zxcvbn to ensure password strength on server side.
For a long time, we've been only doing the zxcvbn password strength
checks on the browser, which is helpful, but means users could through
hackery (or a bug in the frontend validation code) manage to set a
too-weak password. We fix this by running our password strength
validation on the backend as well, using python-zxcvbn.
In theory, a bug in python-zxcvbn could result in it producing a
different opinion than the frontend version; if so, it'd be a pretty
bad bug in the library, and hopefully we'd hear about it from users,
report upstream, and get it fixed that way. Alternatively, we can
switch to shelling out to node like we do for KaTeX.
Fixes #6880.
2019-11-18 08:11:03 +01:00
|
|
|
# For server-side enforcement of password strength
|
|
|
|
zxcvbn
|
2019-11-16 09:26:28 +01:00
|
|
|
|
|
|
|
# Needed for sending HTTP requests
|
|
|
|
requests[security]
|
|
|
|
requests-oauthlib
|
2020-07-01 19:07:31 +02:00
|
|
|
|
|
|
|
# For OpenAPI schema validation.
|
2021-06-04 20:11:00 +02:00
|
|
|
openapi-core
|
2020-07-02 02:19:40 +02:00
|
|
|
|
|
|
|
# For reporting errors to sentry.io
|
|
|
|
sentry-sdk
|
2020-09-22 03:10:16 +02:00
|
|
|
|
|
|
|
# For detecting URLs to link
|
|
|
|
tlds
|
2020-10-21 23:38:45 +02:00
|
|
|
|
|
|
|
# Unicode Collation Algorithm for sorting multilingual strings
|
|
|
|
pyuca
|
2021-03-20 14:07:02 +01:00
|
|
|
|
|
|
|
# Handle connection retries with exponential backoff
|
|
|
|
backoff
|
2021-06-22 16:46:32 +02:00
|
|
|
|
|
|
|
# Needed for reading bson files in rocketchat import tool
|
|
|
|
pymongo
|
2021-09-15 02:01:23 +02:00
|
|
|
|
|
|
|
# Non-backtracking regular expressions
|
|
|
|
google-re2
|