# Pip requirements file for packages needed for installation.

# Note: The dependencies in this file will become the dependencies stated
# in the Pypi package metadata.


# Direct dependencies for install (must be consistent with minimum-constraints-install.txt)

# requests 2.25.0 tolerates urllib3 1.26.5 which is needed on Python 3.10 to
#   remove ImportWarning in six
requests>=2.32.4; python_version == '3.9'
requests>=2.33.0; python_version >= '3.10'

# stomp-py 8.3.0 looks broken
stomp-py>=8.1.1,<8.3.0

immutabledict>=4.2.0
nocasedict>=1.0.2

# PyYAML is used by zhmcclient.mock, zhmcclient.testutils and bandit
# PyYAML 6.0.2 has wheel archives for Python 3.8 - 3.13
PyYAML>=6.0.2

# jsonschema pulled in by zhmcclient.mock and zhmcclient.testutils
# jsonschema 4.0.0 was yanked (and does not install), but older pip versions don't recognize that
# jsonschema is also used by jupyter and requires >=3.0.1
# jsonschema 3.0.1 and 3.0.2 may cause pkg_resources.DistributionNotFound; fixed in 3.1.0.
# jsonschema >=3.2.0 is required for Python 3.13 to get rid of the use of js-regex
# jupyterlab-server 2.25.3 depends on jsonschema>=4.18.0
jsonschema>=4.18.0

# websocket-client is also used by stomp-py 8.0 and notebook(?) 6.4
websocket-client>=1.8.0

certifi>=2024.07.04

# Functional dependencies on urllib3 versions:
# - IncompleteRead fix: Distinguishing too much from not enough response data
#   requires >=2.2.1
urllib3>=2.6.3; python_version == '3.9'
urllib3>=2.7.0; python_version >= '3.10'


# Indirect dependencies for install that are needed for some reason (must be consistent with minimum-constraints-install.txt)

# idna is used by requests. idna 3.7 resolves security issues
idna>=3.7
