Posts Tagged: dependencies
-
Auditing Flask 3.0 Dependencies for OWASP Top 10 Vulnerabilities
Audit Flask 3.0 dependencies for OWASP Top 10 A06 vulnerabilities using pip-audit, poetry audit, and safety CLI. Covers detection, fixes, and CI/CD integration for Werkzeug, Jinja2, and other deps.
-
Dependency Management (pip, uv, poetry, requirements.txt)
Master Python dependency management: Compare pip with requirements.txt, Poetry for locked reproducible environments, and ultrafast uv resolver/installer. Best practices, comparisons, and migration guides for 2026 Python projects.
-
How to Pin Transitive Dependencies in requirements.txt to Pass Security Audits
Pin direct + transitive (indirect) dependencies in requirements.txt using pip-tools or uv pip-compile. Pass pip-audit, Safety CLI, Snyk scans with exact versions/hashes. Reproducible, secure Python builds without version drift.
-
Migrate from requirements.txt to pyproject.toml: 5-Step Process for Flask Applications
Step-by-step guide to migrate Flask apps from requirements.txt to pyproject.toml using Poetry for reproducible builds, efficient installs, and modern packaging standards.
-
poetry add vs pip install: When Lock Files Prevent Production Dependency Conflicts
poetry add vs pip install comparison: Learn how Poetry lock files prevent production dependency conflicts, ensure reproducible builds, and solve Python dependency hell for reliable deployments.