Metadata-Version: 2.4
Name: aegisx.ext.cve
Version: 0.0.1
Summary: Pinned dependencies for high-security environments
Home-page: https://github.com/tensorshield/python-aegisx
Author: Immortal Izzy
Author-email: immortal.izzy@tensorshield.ai
Classifier: Development Status :: 4 - Beta
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: MIT License
Classifier: Operating System :: MacOS
Classifier: Operating System :: POSIX
Classifier: Operating System :: POSIX :: Linux
Classifier: Programming Language :: Python :: 3.13
Classifier: Programming Language :: Python :: 3.14
Classifier: Programming Language :: Python :: 3 :: Only
Classifier: Topic :: Office/Business :: Financial
Classifier: Topic :: Security
Classifier: Topic :: Software Development :: Libraries
Description-Content-Type: text/markdown
Requires-Dist: cryptography>=0.44.0
Provides-Extra: develop
Provides-Extra: fastapi
Requires-Dist: starlette>=0.40.0; extra == "fastapi"
Dynamic: author
Dynamic: author-email
Dynamic: classifier
Dynamic: description
Dynamic: description-content-type
Dynamic: home-page
Dynamic: provides-extra
Dynamic: requires-dist
Dynamic: summary

# Pinned dependencies for high-security environments

**The aegisx.ext.cve package is designed to enhance the security of
your AegisX environment by providing curated dependency pinning
that excludes known vulnerabilities (CVEs) from the dependency tree.**

**By default, AegisX avoids pinning dependencies across its packages to
maintain backward compatibility and allow implementers to apply their
own security policies. The aegisx.ext.cve package overrides this 
behavior, ensuring that all dependencies are locked to versions free
from known security flaws. This package is particularly recommended
for high-security environments where stricter control over vulnerabilities
is essential.**

## Changelog

### 0.0.1

- **CVE-2024-12797** Pin `cryptography>=0.44.0`
- **CVE-2024-47874** Pin `starlette>=0.40.0` in the `fastapi` extra.
