Skip to content

fix: Python 3.9 compatibility and pip-audit for local packages #7

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
abdelsfane merged 6 commits into from
Feb 7, 2026
Merged

fix: Python 3.9 compatibility and pip-audit for local packages #7

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
fff8395
fix: Python 3.9 compatibility and pip-audit for local packages
abdelsfane Feb 7, 2026
92fdc8a
fix: exclude local packages from pip-audit to avoid PyPI lookup failures
abdelsfane Feb 7, 2026
e085d87
fix: SSRF validation was silently allowing link-local addresses
abdelsfane Feb 7, 2026
c5815af
fix: use --skip-editable for pip-audit instead of invalid --exclude flag
abdelsfane Feb 7, 2026
2a09949
fix: add future annotations to 5 missed files, clean up pip-audit flags
abdelsfane Feb 7, 2026
cad8850
fix: drop --strict from pip-audit to allow skipping editable packages
abdelsfane Feb 7, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/security.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -72,7 +72,7 @@ jobs:
- name: Run pip-audit
run: |
cd sdk/python
pip-audit --strict --desc
pip-audit --desc --skip-editable

- name: License compliance check
run: |
Expand Down
1 change: 1 addition & 0 deletions sdk/python/cryptoserve/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@
cryptoserve-client - API client only
cryptoserve-auto - Auto-protect for third-party libraries
"""
from __future__ import annotations

# Re-export from sub-packages for convenience
from cryptoserve_client import CryptoClient
Expand Down
7 changes: 5 additions & 2 deletions sdk/python/cryptoserve/__main__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,8 @@
cryptoserve token --key my-key --payload '{}' # Create JWT token
"""

from __future__ import annotations

import os
import sys
import json
Expand Down Expand Up @@ -150,10 +152,11 @@ def _validate_server_url(url: str) -> str:

try:
ip = ipaddress.ip_address(hostname)
except ValueError:
pass # Not an IP literal — hostname is fine
else:
if ip.is_link_local:
raise ValueError(f"Blocked URL — link-local address: {hostname}")
except ValueError:
pass # Not an IP, hostname is fine

return url.rstrip("/")

Expand Down
1 change: 1 addition & 0 deletions sdk/python/cryptoserve/_auto_register.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@
- Automatic cache invalidation on key rotation
- Local mode: full SDK API without server (no network required)
"""
from __future__ import annotations

import hashlib
import hmac as hmac_mod
Expand Down
2 changes: 2 additions & 0 deletions sdk/python/cryptoserve/_binary_manager.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,8 @@
Uses only stdlib (urllib.request) to avoid adding dependencies.
"""

from __future__ import annotations

import hashlib
import json
import os
Expand Down
2 changes: 2 additions & 0 deletions sdk/python/cryptoserve/_cli_style.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,8 @@
Provides consistent, enterprise-grade terminal output styling.
"""

from __future__ import annotations

import os
import sys

Expand Down
2 changes: 2 additions & 0 deletions sdk/python/cryptoserve/_credentials.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,8 @@
Credentials are stored per-app per-environment in ~/.cryptoserve/apps/
"""

from __future__ import annotations

import json
import os
from typing import Optional
Expand Down
1 change: 1 addition & 0 deletions sdk/python/cryptoserve/_gate.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@
Scans source files for cryptographic usage and applies policies.
Works offline without server connection.
"""
from __future__ import annotations

import os
import re
Expand Down
1 change: 1 addition & 0 deletions sdk/python/cryptoserve/_policies.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
Supports policy presets (strict, standard, permissive) and
custom configuration via .cryptoserve.yml.
"""
from __future__ import annotations

from dataclasses import dataclass, field
from enum import Enum
Expand Down
1 change: 1 addition & 0 deletions sdk/python/cryptoserve/fastapi.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@ class UserCreate(BaseModel):
email: str
ssn: str
"""
from __future__ import annotations

from typing import Any, Callable, Type, TypeVar, get_type_hints, TYPE_CHECKING
from functools import wraps
Expand Down
1 change: 1 addition & 0 deletions sdk/python/packages/cryptoserve-auto/cryptoserve_auto/config.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
"""
Configuration for Auto-Protect.
"""
from __future__ import annotations

from dataclasses import dataclass, field
from enum import Enum
Expand Down
1 change: 1 addition & 0 deletions sdk/python/packages/cryptoserve-auto/cryptoserve_auto/detectors/detector.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
"""
Sensitive field detection logic.
"""
from __future__ import annotations

import re
from dataclasses import dataclass
Expand Down
1 change: 1 addition & 0 deletions sdk/python/packages/cryptoserve-auto/cryptoserve_auto/interceptor.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
"""
Library interception and auto-protection.
"""
from __future__ import annotations

import threading
from contextlib import contextmanager
Expand Down
1 change: 1 addition & 0 deletions sdk/python/packages/cryptoserve-client/cryptoserve_client/async_client.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@

Requires httpx: pip install cryptoserve-client[async]
"""
from __future__ import annotations

import base64
from typing import Any
Expand Down
1 change: 1 addition & 0 deletions sdk/python/packages/cryptoserve-client/cryptoserve_client/client.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@
- Circuit breaker for fault tolerance
- Batch operations for bulk processing
"""
from __future__ import annotations

import base64
import json
Expand Down
1 change: 1 addition & 0 deletions sdk/python/packages/cryptoserve-client/cryptoserve_client/errors.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
"""
Exception classes for CryptoServe Client.
"""
from __future__ import annotations


class CryptoServeError(Exception):
Expand Down
1 change: 1 addition & 0 deletions sdk/python/packages/cryptoserve-client/cryptoserve_client/resilience.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
- Batch operations for bulk encryption/decryption
- Request timeout handling
"""
from __future__ import annotations

import random
import threading
Expand Down
1 change: 1 addition & 0 deletions sdk/python/packages/cryptoserve-core/cryptoserve_core/ciphers.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@

Provides AES-256-GCM and ChaCha20-Poly1305 encryption.
"""
from __future__ import annotations

import os
from typing import Tuple
Expand Down
1 change: 1 addition & 0 deletions sdk/python/packages/cryptoserve-core/cryptoserve_core/keys.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
"""
Key derivation and management utilities.
"""
from __future__ import annotations

import os
import hashlib
Expand Down
2 changes: 2 additions & 0 deletions sdk/python/packages/cryptoserve-core/cryptoserve_core/passwords.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,8 @@
$algorithm$params$salt_b64$hash_b64
"""

from __future__ import annotations

import base64
import hashlib
import hmac
Expand Down
Loading