| @@ -24,6 +24,9 @@ Review-driven hardening from `P:/Oversight/oversight-protocol-review.md`. | ||
| - `docs/ROADMAP.md`: corrected launch sequencing, dropped near-term FedRAMP, | ||
| scoped ecosystem plugins to Outlook-first, and prioritized SIEM integration | ||
| before SOC 2 / ISO 27001 work. | ||
| + | - Raised vulnerable dependency floors flagged by Dependabot/PyPI advisory | |
| + | checks: cryptography, PyNaCl, pydantic, python-multipart, Pillow, and | |
| + | pypdf now require patched minimums. | |
| - Added focused regression coverage in `tests/test_l3_policy_unit.py`. | ||
| ## v0.4.4 - 2026-04-20 security hardening |
| @@ -28,8 +28,8 @@ classifiers = [ | ||
| ] | ||
| dependencies = [ | ||
| - | "cryptography>=42.0.0", | |
| - | "pynacl>=1.5.0", | |
| + | "cryptography>=46.0.7", | |
| + | "pynacl>=1.6.2", | |
| "httpx>=0.27.0", | ||
| "rich>=13.0.0", | ||
| ] | ||
| @@ -38,14 +38,14 @@ dependencies = [ | ||
| registry = [ | ||
| "fastapi>=0.110.0", | ||
| "uvicorn>=0.29.0", | ||
| - | "pydantic>=2.0.0", | |
| - | "python-multipart>=0.0.9", | |
| + | "pydantic>=2.4.0", | |
| + | "python-multipart>=0.0.26", | |
| ] | ||
| formats = [ | ||
| - | "Pillow>=10.0.0", | |
| + | "Pillow>=12.2.0", | |
| "numpy>=1.26.0", | ||
| "scipy>=1.11.0", | ||
| - | "pypdf>=4.0.0", | |
| + | "pypdf>=6.10.2", | |
| "python-docx>=1.1.0", | ||
| "imagehash>=4.3.1", | ||
| ] |
| @@ -1,16 +1,16 @@ | ||
| - | cryptography>=42.0.0 | |
| - | pynacl>=1.5.0 | |
| + | cryptography>=46.0.7 | |
| + | pynacl>=1.6.2 | |
| fastapi>=0.110.0 | ||
| uvicorn>=0.29.0 | ||
| - | pydantic>=2.0.0 | |
| + | pydantic>=2.4.0 | |
| httpx>=0.27.0 | ||
| - | python-multipart>=0.0.9 | |
| + | python-multipart>=0.0.26 | |
| # Format adapters | ||
| - | Pillow>=10.0.0 | |
| + | Pillow>=12.2.0 | |
| numpy>=1.26.0 | ||
| scipy>=1.11.0 | ||
| - | pypdf>=4.0.0 | |
| + | pypdf>=6.10.2 | |
| python-docx>=1.1.0 | ||
| imagehash>=4.3.1 |