-
Notifications
You must be signed in to change notification settings - Fork 5
Expand file tree
/
Copy pathrequirements.txt
More file actions
27 lines (27 loc) · 1.3 KB
/
requirements.txt
File metadata and controls
27 lines (27 loc) · 1.3 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
# Version 10 is required because the pip-audit pre-commit hook
# identifies a vulnerability in ansible-core 2.16.13, but all versions
# of ansible 9 have a dependency on ~=2.16.X.
#
# We have tested against version 10. We want to avoid automatically
# jumping to another major version without testing, since there are
# often breaking changes across major versions. This is the reason
# for the upper bound.
ansible>=10,<11
# ansible-core<2.17.7 suffers from GHSA-99w6-3xph-cx78.
#
# Note that any changes made to this dependency must also be made in
# requirements-test.txt in cisagov/skeleton-ansible-role and
# .pre-commit-config.yaml in cisagov/skeleton-generic.
ansible-core>=2.17.7
# Required because we are using the amazon.aws.ssm_parameter Ansible
# lookup plugin to pull parameters value from AWS Parameter Store:
# https://docs.ansible.com/projects/ansible/latest/collections/amazon/aws/ssm_parameter_lookup.html#ansible-collections-amazon-aws-ssm-parameter-lookup
boto3
# Required because we are using the community.general.json_query
# filter in our Ansible code in the
# cisagov/ansible-role-amazon-efs-utils role:
# https://docs.ansible.com/projects/ansible/latest/collections/community/general/json_query_filter.html
jmespath
# The bump-version script requires at least version 3 of semver.
semver>=3
setuptools>=70.1