requirements-to-freeze.txt

# --------------------------------------------------------------------------- #
#   requirements-to-freeze.txt                                                #
#                                                                             #
#   Copyright © 2015-2024, Rajiv Bakulesh Shah, original author.              #
#                                                                             #
#   Licensed under the Apache License, Version 2.0 (the "License");           #
#   you may not use this file except in compliance with the License.          #
#   You may obtain a copy of the License at:                                  #
#       http://www.apache.org/licenses/LICENSE-2.0                            #
#                                                                             #
#   Unless required by applicable law or agreed to in writing, software       #
#   distributed under the License is distributed on an "AS IS" BASIS,         #
#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  #
#   See the License for the specific language governing permissions and       #
#   limitations under the License.                                            #
# --------------------------------------------------------------------------- #


# There's a bug in redis-py 3.4.0 that prevents connecting to Redis with
# authentication (a username and password).  For more info:
#   https://github.com/andymccurdy/redis-py/issues/1278
#
# We need redis-py 4.2.0rc1 or later for aioredis.  For more info:
#   https://github.com/aio-libs/aioredis-py/tree/19be499015a8cf32580e937cbfd711fd48489eca#-aioredis-is-now-in-redis-py-420rc1-
redis>=4.2.0rc1
hiredis
mmh3
typing_extensions

pytest
pytest-asyncio
pytest-cov
uvloop
mypy
types-redis

flake8
isort
bandit
safety

twine


# We don't need Requests at the top-level.  However, it's pulled in from
# something else, and there's a security vulnerability in the version that it
# pulls in.  For more info:
#   https://nvd.nist.gov/vuln/detail/CVE-2018-18074
requests>=2.20.0

# We don't need urllib3 at the top-level.  However, it's pulled in from
# something else, and there's a security vulnerability in the version that it
# pulls in.  For more info:
#   https://nvd.nist.gov/vuln/detail/CVE-2018-20060
#   https://nvd.nist.gov/vuln/detail/CVE-2019-11324
urllib3>=1.24.2

# We don't need docutils at the top-level.  However, it's pulled in from
# something else, and recent docutils doesn't support Python 3.8.
docutils==0.20.1