aiohttp>=3.8.6  # CVE-2023-47627
ansiconv==1.0.0  # UPGRADE BLOCKER: from 2013, consider replacing instead of upgrading
asciichartpy
asn1
asyncpg
azure-identity
azure-keyvault
boto3
botocore
channels
channels-redis==3.4.1  # see UPGRADE BLOCKERs
cryptography>=41.0.7  # CVE-2023-49083
Cython<3 # this is needed as a build dependency, one day we may have separated build deps
daphne
distro
django==4.2.6  # CVE-2023-43665
django-auth-ldap
django-cors-headers
django-crum
django-extensions
django-guid==3.2.1
django-oauth-toolkit<2.0.0      # Version 2.0.0 has breaking changes that will need to be worked out before upgrading
django-polymorphic
django-pglocks
django-radius
django-solo
django-split-settings==1.0.0    # We hit a strange issue where the release process errored when upgrading past 1.0.0 see UPGRADE BLOCKERS
djangorestframework>=3.15.0
djangorestframework-yaml
filelock
GitPython>=3.1.37  # CVE-2023-41040
hiredis==2.0.0  # see UPGRADE BLOCKERs
irc
jinja2>=3.1.3  # CVE-2024-22195
JSON-log-formatter
jsonschema
Markdown  # used for formatting API help
maturin  # pydantic-core build dep
msgpack<1.0.6  # 1.0.6+ requires cython>=3
msrestazure
openshift
opentelemetry-api~=1.24     # new y streams can be drastically different, in a good way
opentelemetry-sdk~=1.24
opentelemetry-instrumentation-logging
opentelemetry-exporter-otlp
pexpect==4.7.0  # see library notes
prometheus_client
psycopg
psutil
pygerduty
pyopenssl>=23.2.0  # resolve dep conflict from cryptography pin above
pyparsing==2.4.6  # Upgrading to v3 of pyparsing introduce errors on smart host filtering: Expected 'or' term, found 'or'  (at char 15), (line:1, col:16)
python-daemon>3.0.0
python-dsv-sdk>=1.0.4
python-tss-sdk>=1.2.1
python-ldap
pyyaml>=6.0.1
receptorctl
social-auth-core[openidconnect]==4.4.2  # see UPGRADE BLOCKERs
social-auth-app-django==5.4.0  # see UPGRADE BLOCKERs
sqlparse>=0.4.4   # Required by django https://github.com/ansible/awx/security/dependabot/96
redis
requests
slack-sdk
tacacs_plus==1.0  # UPGRADE BLOCKER: auth does not work with later versions
twilio
twisted[tls]>=23.10.0  # CVE-2023-46137
uWSGI
uwsgitop
wheel>=0.38.1  # CVE-2022-40898
pip==21.2.4  # see UPGRADE BLOCKERs
setuptools  # see UPGRADE BLOCKERs
setuptools_scm[toml]  # see UPGRADE BLOCKERs, xmlsec build dep
setuptools-rust>=0.11.4  # cryptography build dep
pkgconfig>=1.5.1  # xmlsec build dep - needed for offline build

# Temporarily added to use ansible-runner from git branch, to be removed
# when ansible-runner moves from requirements_git.txt to here
pbr