Merge remote-tracking branch 'origin/33-frontend-looks-like-logged-in-even-after-token-expires' into 33-frontend-looks-like-logged-in-even-after-token-expires

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

.github/workflows/deploy-pr.yaml

@@ -118,8 +118,7 @@ jobs:
             --set frontend_domain_scheme="$FRONTEND_DOMAIN_SCHEME" \
             --set image.digest="$DIGEST" \
             --set-string rabbitmq.password="$RABBITMQ_PASSWORD" \
-            --set-string database.password="$DB_PASSWORD" \
+            --set-string database.password="$DB_PASSWORD"
-            --set-string database.encryptionSecret="$PR"
 
       - name: Post preview URLs as PR comment
         uses: actions/github-script@v7

.github/workflows/deploy-prod.yaml

@@ -130,4 +130,3 @@ jobs:
             --set-string oauth.csas.clientId="$CSAS_CLIENT_ID" \
             --set-string oauth.csas.clientSecret="$CSAS_CLIENT_SECRET" \
             --set-string sentry_dsn="$SENTRY_DSN" \
-            --set-string database.encryptionSecret="${{ secrets.PROD_DB_ENCRYPTION_KEY }}"

.github/workflows/run-tests.yml

@@ -43,15 +43,10 @@ jobs:
 
       # Step 3: Install project dependencies
       # Runs shell commands to install the libraries listed in your requirements.txt.
-      - name: Add test dependencies to requirements
-        run: |
-          echo "pytest==8.4.2" >> ./7project/backend/requirements.txt
-          echo "pytest-asyncio==1.2.0" >> ./7project/backend/requirements.txt
-
       - name: Install dependencies
         run: |
           python -m pip install --upgrade pip
-          pip install -r ./7project/backend/requirements.txt
+          pip install -r requirements.txt
       
       # Step 4: Run your tests!
       # Executes the pytest command to run your test suite.

7project/backend/alembic/versions/2025_10_29_1326-46b9e702e83f_add_encrypted_type.py

@@ -1,47 +0,0 @@
-"""Add encrypted type
-
-Revision ID: 46b9e702e83f
-Revises: 1f2a3c4d5e6f
-Create Date: 2025-10-29 13:26:24.568523
-
-"""
-from typing import Sequence, Union
-
-import sqlalchemy_utils
-from alembic import op
-import sqlalchemy as sa
-from sqlalchemy.dialects import mysql
-
-# revision identifiers, used by Alembic.
-revision: str = '46b9e702e83f'
-down_revision: Union[str, Sequence[str], None] = '1f2a3c4d5e6f'
-branch_labels: Union[str, Sequence[str], None] = None
-depends_on: Union[str, Sequence[str], None] = None
-
-
-def upgrade() -> None:
-    """Upgrade schema."""
-    # ### commands auto generated by Alembic - please adjust! ###
-    op.alter_column('transaction', 'amount',
-               existing_type=mysql.FLOAT(),
-               type_=sqlalchemy_utils.types.encrypted.encrypted_type.EncryptedType(),
-               existing_nullable=False)
-    op.alter_column('transaction', 'description',
-               existing_type=mysql.VARCHAR(length=255),
-               type_=sqlalchemy_utils.types.encrypted.encrypted_type.EncryptedType(),
-               existing_nullable=True)
-    # ### end Alembic commands ###
-
-
-def downgrade() -> None:
-    """Downgrade schema."""
-    # ### commands auto generated by Alembic - please adjust! ###
-    op.alter_column('transaction', 'description',
-               existing_type=sqlalchemy_utils.types.encrypted.encrypted_type.EncryptedType(),
-               type_=mysql.VARCHAR(length=255),
-               existing_nullable=True)
-    op.alter_column('transaction', 'amount',
-               existing_type=sqlalchemy_utils.types.encrypted.encrypted_type.EncryptedType(),
-               type_=mysql.FLOAT(),
-               existing_nullable=False)
-    # ### end Alembic commands ###

7project/backend/app/api/auth.py

@@ -24,6 +24,23 @@ async def delete_me(
     await user_manager.delete(user)
 
 # Keep existing paths as-is under /auth/* and /users/*
+from fastapi import Request, Response
+from app.core.security import revoke_token, extract_bearer_token
+
+
+@router.post(
+    "/auth/jwt/logout",
+    status_code=status.HTTP_204_NO_CONTENT,
+    tags=["auth"],
+    summary="Log out and revoke current token",
+)
+async def custom_logout(request: Request) -> Response:
+    """Revoke the current bearer token so it cannot be used anymore."""
+    token = extract_bearer_token(request)
+    if token:
+        revoke_token(token)
+    return Response(status_code=status.HTTP_204_NO_CONTENT)
+
 router.include_router(
     fastapi_users.get_auth_router(auth_backend), prefix="/auth/jwt", tags=["auth"]
 )

7project/backend/app/app.py

@@ -16,6 +16,8 @@ from app.api.csas import router as csas_router
 from app.api.categories import router as categories_router
 from app.api.transactions import router as transactions_router
 from app.services.user_service import auth_backend, current_active_verified_user, fastapi_users, get_oauth_provider, UserManager, get_jwt_strategy
+from app.core.security import extract_bearer_token, is_token_revoked, decode_and_verify_jwt
+from app.services.user_service import SECRET
 
 
 from fastapi import FastAPI
@@ -49,6 +51,23 @@ fastApi.include_router(categories_router)
 fastApi.include_router(transactions_router)
 
 logging.basicConfig(filename='app.log', level=logging.INFO, format='%(asctime)s %(message)s')
+@fastApi.middleware("http")
+async def auth_guard(request: Request, call_next):
+    # Enforce revoked/expired JWTs are rejected globally
+    token = extract_bearer_token(request)
+    if token:
+        from fastapi import Response, status as _status
+        # Deny if token is revoked
+        if is_token_revoked(token):
+            return Response(status_code=_status.HTTP_401_UNAUTHORIZED)
+        # Deny if token is expired or invalid
+        try:
+            decode_and_verify_jwt(token, SECRET)
+        except Exception:
+            return Response(status_code=_status.HTTP_401_UNAUTHORIZED)
+    return await call_next(request)
+
+
 @fastApi.middleware("http")
 async def log_traffic(request: Request, call_next):
     start_time = datetime.now()
@@ -105,6 +124,10 @@ async def root():
 async def authenticated_route(user: User = Depends(current_active_verified_user)):
     return {"message": f"Hello {user.email}!"}
 
+@fastApi.get("/sentry-debug")
+async def trigger_error():
+    division_by_zero = 1 / 0
+
 
 @fastApi.get("/debug/scrape/csas/all", tags=["debug"])
 async def debug_scrape_csas_all():

7project/backend/app/core/security.py

@@ -0,0 +1,52 @@
+from typing import Optional
+import re
+import jwt
+from fastapi import Request
+
+# Simple in-memory revocation store for revoked JWT tokens.
+# 
+# Limitations:
+# - All revoked tokens will be lost if the process restarts (data loss on restart).
+# - Not suitable for multi-instance deployments: the revocation list is not shared between instances.
+#   A token revoked in one instance will not be recognized as revoked in others.
+# 
+# For production, use a persistent and shared store (e.g., Redis or a database).
+_REVOKED_TOKENS: set[str] = set()
+
+# Bearer token regex
+_BEARER_RE = re.compile(r"^[Bb]earer\s+(.+)$")
+
+
+def extract_bearer_token(request: Request) -> Optional[str]:
+    auth = request.headers.get("authorization")
+    if not auth:
+        return None
+    m = _BEARER_RE.match(auth)
+    if not m:
+        return None
+    return m.group(1).strip()
+
+
+def revoke_token(token: str) -> None:
+    if token:
+        _REVOKED_TOKENS.add(token)
+
+
+def is_token_revoked(token: str) -> bool:
+    return token in _REVOKED_TOKENS
+
+
+def decode_and_verify_jwt(token: str, secret: str) -> dict:
+    """
+    Decode the JWT using the shared secret, verifying expiration and signature.
+    Audience is not verified here to be compatible with fastapi-users default tokens.
+    Raises jwt.ExpiredSignatureError if expired.
+    Raises jwt.InvalidTokenError for other issues.
+    Returns the decoded payload dict on success.
+    """
+    return jwt.decode(
+        token,
+        secret,
+        algorithms=["HS256"],
+        options={"verify_aud": False},
+    )  # verify_exp is True by default

7project/backend/app/models/transaction.py

@@ -1,21 +1,15 @@
-import os
 from fastapi_users_db_sqlalchemy import GUID
 from sqlalchemy import Column, Integer, String, Float, ForeignKey, Date, func
 from sqlalchemy.orm import relationship
-from sqlalchemy_utils import EncryptedType
-from sqlalchemy_utils.types.encrypted.encrypted_type import FernetEngine
-
 from app.core.base import Base
 from app.models.categories import association_table
 
-SECRET_KEY = os.environ.get("DB_ENCRYPTION_KEY", "localdev")
-
 
 class Transaction(Base):
     __tablename__ = "transaction"
     id = Column(Integer, primary_key=True, autoincrement=True)
-    amount = Column(EncryptedType(Float, SECRET_KEY, engine=FernetEngine), nullable=False)
+    amount = Column(Float, nullable=False)
-    description = Column(EncryptedType(String(length=255), SECRET_KEY, engine=FernetEngine), nullable=True)
+    description = Column(String(length=255), nullable=True)
     date = Column(Date, nullable=False, server_default=func.current_date())
     user_id = Column(GUID, ForeignKey("user.id"), nullable=False)
 

7project/backend/app/services/bank_scraper.py

@@ -1,18 +1,17 @@
 import json
 import logging
 from os.path import dirname, join
-from time import strptime
 from uuid import UUID
 
 import httpx
 from sqlalchemy import select
 
 from app.core.db import async_session_maker
-from app.models.transaction import Transaction
 from app.models.user import User
 
 logger = logging.getLogger(__name__)
 
+# Reuse CSAS mTLS certs used by OAuth profile calls
 OAUTH_DIR = join(dirname(__file__), "..", "oauth")
 CERTS = (
     join(OAUTH_DIR, "public_key.pem"),
@@ -21,6 +20,10 @@ CERTS = (
 
 
 async def aload_ceska_sporitelna_transactions(user_id: str) -> None:
+    """
+    Async entry point to load Česká spořitelna transactions for a single user.
+    Validates the user_id and performs a minimal placeholder action.
+    """
     try:
         uid = UUID(str(user_id))
     except Exception:
@@ -31,6 +34,9 @@ async def aload_ceska_sporitelna_transactions(user_id: str) -> None:
 
 
 async def aload_all_ceska_sporitelna_transactions() -> None:
+    """
+    Async entry point to load Česká spořitelna transactions for all users.
+    """
     async with async_session_maker() as session:
         result = await session.execute(select(User))
         users = result.unique().scalars().all()
@@ -48,7 +54,7 @@ async def aload_all_ceska_sporitelna_transactions() -> None:
 
 
 async def _aload_ceska_sporitelna_transactions(user_id: UUID) -> None:
-    async with (async_session_maker() as session):
+    async with async_session_maker() as session:
         result = await session.execute(select(User).where(User.id == user_id))
         user: User = result.unique().scalar_one_or_none()
         if user is None:
@@ -100,22 +106,16 @@ async def _aload_ceska_sporitelna_transactions(user_id: UUID) -> None:
                 if response.status_code != httpx.codes.OK:
                     continue
 
+                # Placeholder: just print the account transactions
+
                 transactions = response.json()["transactions"]
+                pass
 
             for transaction in transactions:
-                description = transaction.get("entryDetails", {}).get("transactionDetails", {}).get(
+                #parse and store transaction to database
-                    "additionalRemittanceInformation")
+                #create Transaction object and save to DB
-                date_str = transaction.get("bookingDate", {}).get("date")
+                #obj =
-                date = strptime(date_str, "%Y-%m-%d") if date_str else None
 
-                obj = Transaction(
-                    amount=transaction['amount']['value'],
-                    description=description,
-                    date=date,
-                    user_id=user_id,
-                )
-                session.add(obj)
-                await session.commit()
 
                 pass
             pass

7project/backend/pyproject.toml

@@ -1,2 +1,5 @@
 [tool.pytest.ini_options]
 pythonpath = "."
+asyncio_mode = "auto"
+asyncio_default_fixture_loop_scope = "session"
+asyncio_default_test_loop_scope = "session"

7project/backend/requirements.txt

@@ -54,7 +54,6 @@ sentry-sdk==2.42.0
 six==1.17.0
 sniffio==1.3.1
 SQLAlchemy==2.0.43
-SQLAlchemy-Utils==0.42.0
 starlette==0.48.0
 tomli==2.2.1
 typing-inspection==0.4.1

7project/backend/tests/conftest.py

@@ -1,7 +1,9 @@
 import sys
+import uuid
 import types
 import pytest
 from fastapi.testclient import TestClient
+from httpx import AsyncClient, ASGITransport
 
 # Stub sentry_sdk to avoid optional dependency issues during import of app
 stub = types.ModuleType("sentry_sdk")
@@ -20,3 +22,23 @@ def fastapi_app():
 @pytest.fixture(scope="session")
 def client(fastapi_app):
     return TestClient(fastapi_app, raise_server_exceptions=True)
+
+
+@pytest.fixture(scope="function")
+async def test_user(fastapi_app):
+    """
+    Creates a new user asynchronously and returns their credentials.
+    Does NOT log them in.
+    Using AsyncClient with ASGITransport avoids event loop conflicts with DB connections.
+    """
+    unique_email = f"testuser_{uuid.uuid4()}@example.com"
+    password = "a_strong_password"
+    user_payload = {"email": unique_email, "password": password}
+
+    transport = ASGITransport(app=fastapi_app, raise_app_exceptions=True)
+    async with AsyncClient(transport=transport, base_url="http://testserver") as ac:
+        response = await ac.post("/auth/register", json=user_payload)
+        assert response.status_code == 201
+
+    return {"username": unique_email, "password": password}
+

7project/backend/tests/test_e2e_auth_flow.py

@@ -1,3 +1,6 @@
+import pytest
+import uuid
+from httpx import AsyncClient, ASGITransport
 from fastapi import status
 
 
@@ -13,3 +16,83 @@ def test_e2e_minimal_auth_flow(client):
     # 3) Protected endpoint should not be accessible without token
     me = client.get("/users/me")
     assert me.status_code in (status.HTTP_401_UNAUTHORIZED, status.HTTP_403_FORBIDDEN)
+
+
+@pytest.mark.asyncio
+async def test_e2e_full_user_lifecycle(fastapi_app, test_user):
+    # Use an AsyncClient with ASGITransport for async tests
+    transport = ASGITransport(app=fastapi_app, raise_app_exceptions=True)
+    async with AsyncClient(transport=transport, base_url="http://testserver") as ac:
+        login_payload = test_user
+
+        # 1. Log in with the new credentials
+        login_resp = await ac.post("/auth/jwt/login", data=login_payload)
+        assert login_resp.status_code == status.HTTP_200_OK
+        token = login_resp.json()["access_token"]
+        headers = {"Authorization": f"Bearer {token}"}
+
+        # 2. Access a protected endpoint
+        me_resp = await ac.get("/users/me", headers=headers)
+        assert me_resp.status_code == status.HTTP_200_OK
+        assert me_resp.json()["email"] == test_user["username"]
+
+        # 3. Update the user's profile
+        update_payload = {"first_name": "Test"}
+        patch_resp = await ac.patch("/users/me", json=update_payload, headers=headers)
+        assert patch_resp.status_code == status.HTTP_200_OK
+        assert patch_resp.json()["first_name"] == "Test"
+
+        # 4. Log out
+        logout_resp = await ac.post("/auth/jwt/logout", headers=headers)
+        assert logout_resp.status_code in (status.HTTP_200_OK, status.HTTP_204_NO_CONTENT)
+
+        # 5. Verify token is invalid
+        me_again_resp = await ac.get("/users/me", headers=headers)
+        assert me_again_resp.status_code == status.HTTP_401_UNAUTHORIZED
+
+
+@pytest.mark.asyncio
+async def test_e2e_transaction_workflow(fastapi_app, test_user):
+    transport = ASGITransport(app=fastapi_app, raise_app_exceptions=True)
+    async with AsyncClient(transport=transport, base_url="http://testserver") as ac:
+        # 1. Log in to get the token
+        login_resp = await ac.post("/auth/jwt/login", data=test_user)
+        token = login_resp.json()["access_token"]
+        headers = {"Authorization": f"Bearer {token}"}
+
+        # NEW STEP: Create a category first to get a valid ID
+        category_payload = {"name": "Test Category for E2E"}
+        create_category_resp = await ac.post("/categories/create", json=category_payload, headers=headers)
+        assert create_category_resp.status_code == status.HTTP_201_CREATED
+        category_id = create_category_resp.json()["id"]
+
+        # 2. Create a new transaction
+        tx_payload = {"amount": -55.40, "description": "Milk and eggs"}
+        tx_resp = await ac.post("/transactions/create", json=tx_payload, headers=headers)
+        assert tx_resp.status_code == status.HTTP_201_CREATED
+        tx_id = tx_resp.json()["id"]
+
+        # 3. Assign the category
+        assign_resp = await ac.post(f"/transactions/{tx_id}/categories/{category_id}", headers=headers)
+        assert assign_resp.status_code == status.HTTP_200_OK
+
+        # 4. Verify assignment
+        get_tx_resp = await ac.get(f"/transactions/{tx_id}", headers=headers)
+        assert category_id in get_tx_resp.json()["category_ids"]
+
+        # 5. Unassign the category
+        unassign_resp = await ac.delete(f"/transactions/{tx_id}/categories/{category_id}", headers=headers)
+        assert unassign_resp.status_code == status.HTTP_200_OK
+
+        # 6. Get the transaction again and verify the category is gone
+        get_tx_again_resp = await ac.get(f"/transactions/{tx_id}", headers=headers)
+        final_tx_data = get_tx_again_resp.json()
+        assert category_id not in final_tx_data["category_ids"]
+
+        # 7. Delete the transaction for cleanup
+        delete_resp = await ac.delete(f"/transactions/{tx_id}/delete", headers=headers)
+        assert delete_resp.status_code in (status.HTTP_200_OK, status.HTTP_204_NO_CONTENT)
+
+        # NEW STEP: Clean up the created category
+        delete_category_resp = await ac.delete(f"/categories/{category_id}", headers=headers)
+        assert delete_category_resp.status_code in (status.HTTP_200_OK, status.HTTP_204_NO_CONTENT)

7project/backend/tests/test_integration_app.py

@@ -1,5 +1,6 @@
 from fastapi import status
 import pytest
+from httpx import AsyncClient, ASGITransport
 
 
 def test_root_ok(client):
@@ -16,3 +17,55 @@ def test_authenticated_route_requires_auth(client):
 def test_sentry_debug_raises_exception(client):
     with pytest.raises(ZeroDivisionError):
         client.get("/sentry-debug")
+
+
+@pytest.mark.asyncio
+async def test_create_and_get_category(fastapi_app, test_user):
+    # Use AsyncClient for async tests
+    transport = ASGITransport(app=fastapi_app)
+    async with AsyncClient(transport=transport, base_url="http://testserver") as ac:
+        # 1. Log in to get an auth token
+        login_resp = await ac.post("/auth/jwt/login", data=test_user)
+        token = login_resp.json()["access_token"]
+        headers = {"Authorization": f"Bearer {token}"}
+
+        # 2. Define and create the new category
+        category_name = "Async Integration Test"
+        category_payload = {"name": category_name}
+        create_resp = await ac.post("/categories/create", json=category_payload, headers=headers)
+
+        # 3. Assert creation was successful
+        assert create_resp.status_code == status.HTTP_201_CREATED
+        created_data = create_resp.json()
+        category_id = created_data["id"]
+        assert created_data["name"] == category_name
+
+        # 4. GET the list of categories to verify
+        list_resp = await ac.get("/categories/", headers=headers)
+        assert list_resp.status_code == status.HTTP_200_OK
+
+        # 5. Check that our new category is in the list
+        categories_list = list_resp.json()
+        assert any(cat["name"] == category_name for cat in categories_list)
+
+        delete_resp = await ac.delete(f"/categories/{category_id}", headers=headers)
+        assert delete_resp.status_code in (status.HTTP_200_OK, status.HTTP_204_NO_CONTENT)
+
+
+@pytest.mark.asyncio
+async def test_create_transaction_missing_amount_fails(fastapi_app, test_user):
+    transport = ASGITransport(app=fastapi_app)
+    async with AsyncClient(transport=transport, base_url="http://testserver") as ac:
+        # 1. Log in to get an auth token
+        login_resp = await ac.post("/auth/jwt/login", data=test_user)
+        token = login_resp.json()["access_token"]
+        headers = {"Authorization": f"Bearer {token}"}
+
+        # 2. Define an invalid payload
+        invalid_payload = {"description": "This should fail"}
+
+        # 3. Attempt to create the transaction
+        resp = await ac.post("/transactions/create", json=invalid_payload, headers=headers)
+
+        # 4. Assert the expected validation error
+        assert resp.status_code == status.HTTP_422_UNPROCESSABLE_ENTITY

7project/charts/myapp-chart/templates/app-deployment.yaml

@@ -101,11 +101,6 @@ spec:
                 secretKeyRef:
                   name: prod
                   key: SENTRY_DSN
-            - name: DB_ENCRYPTION_KEY
-              valueFrom:
-                secretKeyRef:
-                  name: prod
-                  key: DB_ENCRYPTION_KEY
           livenessProbe:
             httpGet:
               path: /

7project/charts/myapp-chart/templates/prod.yaml

@@ -18,4 +18,3 @@ stringData:
   RABBITMQ_PASSWORD: {{ .Values.rabbitmq.password | default "" | quote }}
   RABBITMQ_USERNAME: {{ .Values.rabbitmq.username | quote }}
   SENTRY_DSN: {{ .Values.sentry_dsn | quote }}
-  DB_ENCRYPTION_KEY: {{ required "Set .Values.database.encryptionSecret" .Values.database.encryptionSecret | quote }}

7project/charts/myapp-chart/templates/worker-deployment.yaml

@@ -20,7 +20,7 @@ spec:
           securityContext:
             allowPrivilegeEscalation: false
             capabilities:
-              drop: [ "ALL" ]
+              drop: ["ALL"]
           command:
             - celery
             - -A
@@ -80,8 +80,3 @@ spec:
                 secretKeyRef:
                   name: prod
                   key: CSAS_CLIENT_SECRET
-            - name: DB_ENCRYPTION_KEY
-              valueFrom:
-                secretKeyRef:
-                  name: prod
-                  key: DB_ENCRYPTION_KEY

7project/charts/myapp-chart/values.yaml

@@ -75,4 +75,3 @@ database:
   userName: app-demo-user
   secretName: app-demo-database-secret
   password: ""
-  encryptionSecret: ""

requirements.txt

@@ -0,0 +1,72 @@
+aio-pika==9.5.6
+aiormq==6.8.1
+aiosqlite==0.21.0
+alembic==1.16.5
+amqp==5.3.1
+annotated-types==0.7.0
+anyio==4.11.0
+argon2-cffi==23.1.0
+argon2-cffi-bindings==25.1.0
+asyncmy==0.2.9
+bcrypt==4.3.0
+billiard==4.2.2
+celery==5.5.3
+certifi==2025.10.5
+cffi==2.0.0
+click==8.1.8
+click-didyoumean==0.3.1
+click-plugins==1.1.1.2
+click-repl==0.3.0
+cryptography==46.0.1
+dnspython==2.7.0
+email_validator==2.2.0
+exceptiongroup==1.3.0
+fastapi==0.117.1
+fastapi-users==14.0.1
+fastapi-users-db-sqlalchemy==7.0.0
+greenlet==3.2.4
+h11==0.16.0
+httpcore==1.0.9
+httptools==0.6.4
+httpx==0.28.1
+httpx-oauth==0.16.1
+idna==3.10
+iniconfig==2.3.0
+kombu==5.5.4
+makefun==1.16.0
+Mako==1.3.10
+MarkupSafe==3.0.2
+multidict==6.6.4
+packaging==25.0
+pamqp==3.3.0
+pluggy==1.6.0
+prompt_toolkit==3.0.52
+propcache==0.3.2
+pwdlib==0.2.1
+pycparser==2.23
+pydantic==2.11.9
+pydantic_core==2.33.2
+Pygments==2.19.2
+PyJWT==2.10.1
+PyMySQL==1.1.2
+pytest==8.4.2
+pytest-asyncio==1.2.0
+python-dateutil==2.9.0.post0
+python-dotenv==1.1.1
+python-multipart==0.0.20
+PyYAML==6.0.2
+six==1.17.0
+sniffio==1.3.1
+SQLAlchemy==2.0.43
+starlette==0.48.0
+tomli==2.2.1
+typing-inspection==0.4.1
+typing_extensions==4.15.0
+tzdata==2025.2
+uvicorn==0.37.0
+uvloop==0.21.0
+vine==5.1.0
+watchfiles==1.1.0
+wcwidth==0.2.14
+websockets==15.0.1
+yarl==1.20.1