aiofiles==25.1.0
aiohappyeyeballs==2.6.2
aiohttp==3.14.0
aiosignal==1.4.0
aiosqlite==0.22.1
alembic==1.18.4
annotated-doc==0.0.4
annotated-types==0.7.0
anyio==4.13.0
APScheduler==3.11.2
asyncmy==0.2.11  # CVE-2025-65896: no upstream fix; keys never user-controlled (Pydantic+allowlist). Track long2ice/asyncmy#134
attrs==26.1.0
bcrypt==5.0.0
bleach==6.4.0
boto3==1.43.24
botocore==1.43.24
certifi==2026.5.20
cffi==2.0.0
charset-normalizer==3.4.7
click==8.4.1
contourpy==1.3.3
croniter==6.2.2
cryptography==48.0.0
cycler==0.12.1
defusedxml==0.7.1
dnspython==2.8.0
email-validator==2.3.0
fastapi==0.136.3
fonttools==4.63.0
frozenlist==1.8.0
greenlet==3.5.1
h11==0.16.0
httpcore==1.0.9
httpx==0.28.1
httpx-oauth==0.17.0
idna==3.18
influxdb-client==1.50.0
invoke==3.0.3
itsdangerous==2.2.0
Jinja2==3.1.6
jmespath==1.1.0
kiwisolver==1.5.0
lark==1.3.1
ldap3==2.9.1
Mako==1.3.12
Markdown==3.10.2
MarkupSafe==3.0.3
matplotlib==3.10.9
multidict==6.7.1
netaddr==1.3.0
numpy==2.4.6
packaging==26.2
paramiko==5.0.0
pillow==12.2.0
prometheus_client==0.25.0
propcache==0.5.2
psutil==7.2.2
pyasn1==0.6.3
pycparser==3.0
pycryptodome==3.23.0
pydantic==2.13.4
pydantic-settings==2.14.1
pydantic_core==2.46.4
PyJWT[crypto]==2.13.0
PyMySQL==1.2.0
PyNaCl==1.6.2
pyOpenSSL==26.2.0
pyparsing==3.3.2
pysmi==2.0.0
pysnmp==7.1.27
python-dateutil==2.9.0.post0
python-dotenv==1.2.2
python-multipart==0.0.32
pytz==2026.2
PyYAML==6.0.3
reactivex==4.1.0
redis==8.0.0
reportlab==4.5.1
requests==2.34.2
rsa==4.9.1
s3transfer==0.18.0
six==1.17.0
SQLAlchemy==2.0.50
SQLAlchemy-Utils==0.42.1
starlette==1.2.1
tenacity==9.1.4
typing-inspection==0.4.2
typing_extensions==4.15.0
tzlocal==5.3.1
urllib3==2.7.0
uvicorn==0.49.0
webencodings==0.5.1
websockets==16.0
wheel==0.47.0
yarl==1.24.2

# 2fa + web push
pyotp>=2.9
py-vapid>=1.9
pywebpush>=1.14
pymssql>=2.3.0
