[Dependencies] Unpinned Dependency Versions

## Current State
- Some dependencies use version ranges (e.g., `Flask>=2.3,<3.0`)
- Missing lock files (requirements.lock, poetry.lock)
- No dependency vulnerability scanning

## Issues
- Non-deterministic builds
- Potential security vulnerabilities
- Version conflicts
- Cannot reproduce builds exactly

## Required
- Pin all dependency versions (use exact versions)
- Use lock files:
  - `requirements.lock` for pip
  - `poetry.lock` if using Poetry
  - `Cargo.lock` for Rust (already exists)
- Add dependency vulnerability scanning:
  - Dependabot
  - Snyk
  - GitHub Security Advisories
- Document dependency update process
- Regularly update dependencies
- Test after dependency updates

## Location
- `mobile-sensor-microservice/requirements.txt` (has ranges)
- `python-app-demo/requirements.txt` (has ranges)
- Rust dependencies (Cargo.toml files - verify Cargo.lock exists)

## Related
From PRODUCTION_READINESS_ANALYSIS.md - Section 9.1

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[Dependencies] Unpinned Dependency Versions #163

Current State

Issues

Required

Location

Related

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

[Dependencies] Unpinned Dependency Versions #163

Description

Current State

Issues

Required

Location

Related

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions