Skip to content

Commit e91e04f

Browse files
committed
Fix pip-audit constraints for Py3.8/3.14 & cleanup
- Split pip-audit dependency logic: - Unpin pip-audit for Python < 3.9 to allow downgrading. This resolves the packaging version conflict on Ubuntu 20.04. - Enforce pip-audit >= 2.6.0 for Python >= 3.14, as safety dependencies are currently broken on 3.14. - Remove obsolete arm64-support.json. - Cleanup dependency comments.
1 parent 35859b5 commit e91e04f

2 files changed

Lines changed: 9 additions & 14 deletions

File tree

arm64-support.json

Lines changed: 0 additions & 6 deletions
This file was deleted.

pyproject.toml

Lines changed: 9 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -44,8 +44,6 @@ dependencies = [
4444

4545
# Filelock: vendored for <3.10, external for >=3.10 (CVE-2025-68146)
4646
"filelock>=3.20.1; python_version >= '3.10'",
47-
# Python 3.7-3.9 use vendored patched version 3.12.2
48-
# Planned better version support for >3.7 "filelock>=3.13,<3.20.1; python_version >= '3.8' and python_version < '3.10'",
4947

5048
# Packaging version splits
5149
"packaging>=20.0,<21.0; python_version < '3.8'",
@@ -67,16 +65,20 @@ dependencies = [
6765
# authlib
6866
"authlib>=1.2.0; python_version >= '3.7'",
6967

70-
# aiohttp - FIXED VERSION REQUIREMENTS
68+
# aiohttp
7169
"aiohttp>=3.7.0,<3.9.0; python_version == '3.7'",
72-
"aiohttp>=3.8.0,<3.11.0; python_version == '3.8'", # <- FIXED: 3.8 can't use 3.13+
73-
"aiohttp>=3.13.1; python_version >= '3.9'", # <- FIXED: 3.13+ needs 3.9+
70+
"aiohttp>=3.8.0,<3.11.0; python_version == '3.8'",
71+
"aiohttp>=3.13.1; python_version >= '3.9'",
7472

7573
# Security scanning - safety for supported Python versions
7674
"safety>=3.7.0; python_version >= '3.9' and python_version < '3.14'",
7775

7876
# pip-audit fallback for Python versions safety doesn't support
79-
"pip-audit>=2.6.0; python_version < '3.9' or python_version >= '3.14'",
77+
# FIXED: Split into two lines.
78+
# 1. No version constraint for <3.9 (allows downgrade to match old packaging)
79+
"pip-audit; python_version < '3.9'",
80+
# 2. Strict constraint for >=3.14
81+
"pip-audit>=2.6.0; python_version >= '3.14'",
8082

8183
# uv
8284
"uv>=0.9.6; python_version >= '3.8'",
@@ -86,7 +88,6 @@ dependencies = [
8688
full = [
8789
"tqdm>=4.50.0",
8890
"python-magic>=0.4.18",
89-
# Redis 5.0 requires Python 3.8+
9091
"redis>=4.0.0,<5.0; python_version == '3.7'",
9192
"redis>=5.0; python_version >= '3.8'",
9293
]
@@ -130,4 +131,4 @@ omnipkg = [
130131
[tool.setuptools]
131132
# Old setuptools format (compatible with setuptools 50.x)
132133
license-files = ["LICENSE", "COMMERCIAL_LICENSE.md"]
133-
include-package-data = true
134+
include-package-data = true

0 commit comments

Comments
 (0)