diff --git a/composants/byPanda/__pycache__/alarme.cpython-311.pyc b/composants/byPanda/__pycache__/alarme.cpython-311.pyc new file mode 100644 index 0000000..1e57cc9 Binary files /dev/null and b/composants/byPanda/__pycache__/alarme.cpython-311.pyc differ diff --git a/flask/.env b/flask/.env new file mode 100644 index 0000000..7b11113 --- /dev/null +++ b/flask/.env @@ -0,0 +1,6 @@ +DB_HOST=127.0.0.1 +DB_PORT=3306 +DB_USER=python +DB_PASSWORD=wolaouais +DB_NAME=Utilisateurs +DB_CHARSET=utf8mb4 \ No newline at end of file diff --git a/venv/lib/python3.11/site-packages/RPi.GPIO-0.7.1.egg-info/PKG-INFO b/venv/lib/python3.11/site-packages/RPi.GPIO-0.7.1.egg-info/PKG-INFO new file mode 100644 index 0000000..738b65a --- /dev/null +++ b/venv/lib/python3.11/site-packages/RPi.GPIO-0.7.1.egg-info/PKG-INFO @@ -0,0 +1,260 @@ +Metadata-Version: 2.1 +Name: RPi.GPIO +Version: 0.7.1 +Summary: A module to control Raspberry Pi GPIO channels +Home-page: http://sourceforge.net/projects/raspberry-gpio-python/ +Author: Ben Croston +Author-email: ben@croston.org +License: MIT +Keywords: Raspberry Pi GPIO +Classifier: Development Status :: 5 - Production/Stable +Classifier: Operating System :: POSIX :: Linux +Classifier: License :: OSI Approved :: MIT License +Classifier: Intended Audience :: Developers +Classifier: Programming Language :: Python :: 2.7 +Classifier: Programming Language :: Python :: 3 +Classifier: Topic :: Software Development +Classifier: Topic :: Home Automation +Classifier: Topic :: System :: Hardware +License-File: LICENCE.txt + +This package provides a Python module to control the GPIO on a Raspberry Pi. + +Note that this module is unsuitable for real-time or timing critical applications. This is because you +can not predict when Python will be busy garbage collecting. It also runs under the Linux kernel which +is not suitable for real time applications - it is multitasking O/S and another process may be given +priority over the CPU, causing jitter in your program. If you are after true real-time performance and +predictability, buy yourself an Arduino http://www.arduino.cc ! + +Note that the current release does not support SPI, I2C, hardware PWM or serial functionality on the RPi yet. +This is planned for the near future - watch this space! One-wire functionality is also planned. + +Although hardware PWM is not available yet, software PWM is available to use on all channels. + +For examples and documentation, visit http://sourceforge.net/p/raspberry-gpio-python/wiki/Home/ + +Change Log +========== + +0.7.1 +------- +- Better RPi board + peri_addr detection (issue 190 / 191) +- Fix PyEval_InitThreads deprecation warning for Python 3.9 (issue 188) +- Fix build using GCC 10 (issue 187) +- Fix docstrings to not include licence +- Remove Debian/Raspbian stretch packaging support +- Use setuptools instead of distutils +- Added detection of Zero 2 W +- Tested and working with Python 2.7, 3.7, 3.8, 3.9, 3.10 + +0.7.0 +----- +- Updated RPI_INFO to include RPi 4B +- Fixed pull up/down for Pi4 (issue 168) +- Fix spelling mistake in docstrings +- Tested and working on Raspbian Buster + Python 3.8.0b2 +- Fix board detection for aarch64 (Issues 161 / 165) +- Fix checking mmap return value in c_gpio.c (issue 166) + +0.6.5 +----- +- Fix exception on re-export of /sys/class/gpio/gpioNN + +0.6.4 +----- +- Event cleanup bug (issue 145) +- Raise exception for duplicate PWM objects (issue 54 - Thijs Schreijer ) +- Fix build warnings (Issue 146 - Dominik George) +- test.py runs unchanged for both python 2+3 +- Soft PWM stops running fix (Issues 94, 111, 154) +- Soft PWM segfault fix (Luke Allen pull request) + +0.6.3 +----- +- Fix code so it builds under PyPy (Gasper Zejn) +- os.system breaks event detection - Matt Kimball (issue 127) + +0.6.2 +----- +- Rewrote Debian packaging mechanism +- RPI_INFO reports Pi 3 +- Changed module layout - moved C components to RPi._GPIO + +0.6.1 +----- +- Update RPI_INFO to detect more board types +- Issue 118 - add_event_detect sometimes gives runtime error with unpriv user +- Issue 120 - setmode() remembers invalid mode + +0.6.0a3 +------- +- Now uses /dev/gpiomem if available to avoid being run as root +- Fix warnings with pull up/down on pins 3/5 +- Correct base address on Pi 2 when devicetree is disabled +- caddr_t error on compile (Issue 109) +- Error on invalid parameters to setup() (issue 93) +- Add timeout parameter to wait_for_edge() (issue 91) + +0.5.11 +------ +- Fix - pins > 26 missing when using BOARD mode +- Add getmode() +- Raise exception when a mix of modes is used +- GPIO.cleanaup() unsets the current pin mode + +0.5.10 +------ +- Issue 95 - support RPi 2 boards +- Introduce RPI_INFO +- Deprecate RPI_REVISION +- Issue 97 - fixed docstring for setup() + +0.5.9 +----- +- Issue 87 - warn about pull up/down on i2c pins +- Issue 86/75 - wait_for_edge() bugfix +- Issue 84 - recognise RPi properly when using a custom kernel +- Issue 90 - cleanup() on a list/tuple of channels + +0.5.8 +----- +- Allow lists/tuples of channels in GPIO.setup() +- GPIO.output() now allows lists/tuples of values +- GPIO.wait_for_edge() bug fixes (issue 78) + +0.5.7 +----- +- Issue 67 - speed up repeated calls to GPIO.wait_for_event() +- Added bouncetime keyword to GPIO.wait_for_event() +- Added extra edge/interrupt unit tests +- GPIO.wait_for_event() can now be mixed with GPIO.add_event_detect() +- Improved cleanups of events +- Issue 69 resolved + +0.5.6 +----- +- Issue 68 - support for RPi Model B+ +- Fix gpio_function() + +0.5.5 +----- +- Issue 52 - 'unallocate' a channel +- Issue 35 - use switchbounce with GPIO.event_detected() +- Refactored events code +- Rewrote tests to use unittest mechanism and new test board with loopbacks +- Fixed adding events after a GPIO.cleanup() +- Issue 64 - misleading /dev/mem permissions error +- Issue 59 - name collision with PWM constant and class + +0.5.4 +----- +- Changed release status (from alpha to full release) +- Warn when GPIO.cleanup() used with nothing to clean up (issue 44) +- Avoid collisions in constants (e.g. HIGH / RISING / PUD_DOWN) +- Accept BOARD numbers in gpio_function (issue 34) +- More return values for gpio_function (INPUT, OUTPUT, SPI, I2C, PWM, SERIAL, UNKNOWN) +- Tidy up docstrings +- Fix /dev/mem access error with gpio_function + +0.5.3a +------ +- Allow pydoc for non-root users (issue 27) +- Fix add_event_detect error when run as daemon (issue 32) +- Simplified exception types +- Changed from distribute to pip + +0.5.2a +------ +- Added software PWM (experimental) +- Added switch bounce handling to event callbacks +- Added channel number parameter to event callbacks (issue 31) +- Internal refactoring and code tidy up + +0.5.1a +------ +- Fixed callbacks for multiple GPIOs (issue 28) + +0.5.0a +------ +- Added new edge detection events (interrupt handling) + - Added add_event_detect() + - Added remove_event_detect() + - Added add_event_callback() + - Added wait_for_edge() +- Removed old experimental event functions + - Removed set_rising_event() + - Removed set_falling_event() + - Removed set_high_event() + - Removed set_low_event() +- Changed event_detected() for new edge detection functionality +- input() now returns 0/LOW == False or 1/HIGH == True (integers) instead of False or True (booleans). +- Fix error on repeated import (issue 3) +- Change SetupException to a RuntimeError so it can be caught on import (issue 25, Chris Hager ) +- Improved docstrings of functions + +0.4.2a +------ +- Fix for installing on Arch Linux (Python 3.3) (issue 20) +- Initial value when setting a channel as an output (issue 19) + +0.4.1a +------ +- Added VERSION +- Permit input() of channels set as outputs (Eric Ptak ) + +0.4.0a +------ +- Added support for Revision 2 boards +- Added RPI_REVISION +- Added cleanup() function and removed automatic reset functionality on program exit +- Added get_function() to read existing GPIO channel functionality (suggestion from Eric Ptak ) +- Added set_rising_event() +- Added set_falling_event() +- Added set_high_event() +- Added set_low_event() +- Added event_detected() +- Added test/test.py +- Converted debian to armhf +- Fixed C function short_wait() (thanks to Thibault Porteboeuf ) + +0.3.1a +------ +- Fixed critical bug with swapped high/low state on outputs +- Added pull-up / pull-down setup functionality for inputs + +0.3.0a +------ +- Rewritten as a C extension +- Now uses /dev/mem and SoC registers instead of /sys/class/gpio +- Faster! +- Make call to GPIO.setmode() mandatory +- Added GPIO.HIGH and GPIO.LOW constants + +0.2.0 +----- +- Changed status from alpha to beta +- Added setmode() to be able to use BCM GPIO 00.nn channel numbers +- Renamed InvalidPinException to InvalidChannelException + +0.1.0 +------ +- Fixed direction bug +- Added MANIFEST.in (to include missing file) +- Changed GPIO channel number to pin number +- Tested and working! + +0.0.3a +------ +- Added GPIO table +- Refactored +- Fixed a few critical bugs +- Still completely untested! + +0.0.2a +------ +- Internal refactoring. Still completely untested! + +0.0.1a +------ +- First version. Completely untested until I can get hold of a Raspberry Pi! + diff --git a/venv/lib/python3.11/site-packages/RPi.GPIO-0.7.1.egg-info/SOURCES.txt b/venv/lib/python3.11/site-packages/RPi.GPIO-0.7.1.egg-info/SOURCES.txt new file mode 100644 index 0000000..c45dbbc --- /dev/null +++ b/venv/lib/python3.11/site-packages/RPi.GPIO-0.7.1.egg-info/SOURCES.txt @@ -0,0 +1,31 @@ +CHANGELOG.txt +INSTALL.txt +LICENCE.txt +MANIFEST.in +README.txt +create_gpio_user_permissions.py +setup.cfg +setup.py +RPi/__init__.py +RPi.GPIO.egg-info/PKG-INFO +RPi.GPIO.egg-info/SOURCES.txt +RPi.GPIO.egg-info/dependency_links.txt +RPi.GPIO.egg-info/top_level.txt +RPi/GPIO/__init__.py +source/c_gpio.c +source/c_gpio.h +source/common.c +source/common.h +source/constants.c +source/constants.h +source/cpuinfo.c +source/cpuinfo.h +source/event_gpio.c +source/event_gpio.h +source/py_gpio.c +source/py_pwm.c +source/py_pwm.h +source/soft_pwm.c +source/soft_pwm.h +test/issue_94_111_154.py +test/test.py \ No newline at end of file diff --git a/venv/lib/python3.11/site-packages/RPi.GPIO-0.7.1.egg-info/dependency_links.txt b/venv/lib/python3.11/site-packages/RPi.GPIO-0.7.1.egg-info/dependency_links.txt new file mode 100644 index 0000000..8b13789 --- /dev/null +++ b/venv/lib/python3.11/site-packages/RPi.GPIO-0.7.1.egg-info/dependency_links.txt @@ -0,0 +1 @@ + diff --git a/venv/lib/python3.11/site-packages/RPi.GPIO-0.7.1.egg-info/installed-files.txt b/venv/lib/python3.11/site-packages/RPi.GPIO-0.7.1.egg-info/installed-files.txt new file mode 100644 index 0000000..92676a8 --- /dev/null +++ b/venv/lib/python3.11/site-packages/RPi.GPIO-0.7.1.egg-info/installed-files.txt @@ -0,0 +1,9 @@ +../RPi/GPIO/__init__.py +../RPi/GPIO/__pycache__/__init__.cpython-311.pyc +../RPi/_GPIO.cpython-311-x86_64-linux-gnu.so +../RPi/__init__.py +../RPi/__pycache__/__init__.cpython-311.pyc +PKG-INFO +SOURCES.txt +dependency_links.txt +top_level.txt diff --git a/venv/lib/python3.11/site-packages/RPi.GPIO-0.7.1.egg-info/top_level.txt b/venv/lib/python3.11/site-packages/RPi.GPIO-0.7.1.egg-info/top_level.txt new file mode 100644 index 0000000..196e1e3 --- /dev/null +++ b/venv/lib/python3.11/site-packages/RPi.GPIO-0.7.1.egg-info/top_level.txt @@ -0,0 +1 @@ +RPi diff --git a/venv/lib/python3.11/site-packages/RPi/GPIO/__init__.py b/venv/lib/python3.11/site-packages/RPi/GPIO/__init__.py new file mode 100644 index 0000000..b309025 --- /dev/null +++ b/venv/lib/python3.11/site-packages/RPi/GPIO/__init__.py @@ -0,0 +1,25 @@ +# Copyright (c) 2012-2021 Ben Croston +# +# Permission is hereby granted, free of charge, to any person obtaining a copy of +# this software and associated documentation files (the "Software"), to deal in +# the Software without restriction, including without limitation the rights to +# use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies +# of the Software, and to permit persons to whom the Software is furnished to do +# so, subject to the following conditions: +# +# The above copyright notice and this permission notice shall be included in all +# copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +# SOFTWARE. + +"""This package provides a Python module to control the GPIO on a Raspberry Pi""" + +from RPi._GPIO import * + +VERSION = '0.7.1' diff --git a/venv/lib/python3.11/site-packages/RPi/GPIO/__pycache__/__init__.cpython-311.pyc b/venv/lib/python3.11/site-packages/RPi/GPIO/__pycache__/__init__.cpython-311.pyc new file mode 100644 index 0000000..9c21b84 Binary files /dev/null and b/venv/lib/python3.11/site-packages/RPi/GPIO/__pycache__/__init__.cpython-311.pyc differ diff --git a/venv/lib/python3.11/site-packages/RPi/_GPIO.cpython-311-x86_64-linux-gnu.so b/venv/lib/python3.11/site-packages/RPi/_GPIO.cpython-311-x86_64-linux-gnu.so new file mode 100755 index 0000000..4fd9a26 Binary files /dev/null and b/venv/lib/python3.11/site-packages/RPi/_GPIO.cpython-311-x86_64-linux-gnu.so differ diff --git a/venv/lib/python3.11/site-packages/RPi/__init__.py b/venv/lib/python3.11/site-packages/RPi/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/venv/lib/python3.11/site-packages/RPi/__pycache__/__init__.cpython-311.pyc b/venv/lib/python3.11/site-packages/RPi/__pycache__/__init__.cpython-311.pyc new file mode 100644 index 0000000..a5c05fa Binary files /dev/null and b/venv/lib/python3.11/site-packages/RPi/__pycache__/__init__.cpython-311.pyc differ diff --git a/venv/lib/python3.11/site-packages/flask_talisman-1.1.0.dist-info/INSTALLER b/venv/lib/python3.11/site-packages/flask_talisman-1.1.0.dist-info/INSTALLER new file mode 100644 index 0000000..a1b589e --- /dev/null +++ b/venv/lib/python3.11/site-packages/flask_talisman-1.1.0.dist-info/INSTALLER @@ -0,0 +1 @@ +pip diff --git a/venv/lib/python3.11/site-packages/flask_talisman-1.1.0.dist-info/LICENSE b/venv/lib/python3.11/site-packages/flask_talisman-1.1.0.dist-info/LICENSE new file mode 100644 index 0000000..261eeb9 --- /dev/null +++ b/venv/lib/python3.11/site-packages/flask_talisman-1.1.0.dist-info/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/venv/lib/python3.11/site-packages/flask_talisman-1.1.0.dist-info/METADATA b/venv/lib/python3.11/site-packages/flask_talisman-1.1.0.dist-info/METADATA new file mode 100644 index 0000000..f9d00bc --- /dev/null +++ b/venv/lib/python3.11/site-packages/flask_talisman-1.1.0.dist-info/METADATA @@ -0,0 +1,490 @@ +Metadata-Version: 2.1 +Name: flask-talisman +Version: 1.1.0 +Summary: HTTP security headers for Flask. +Home-page: https://github.com/wntrblm/flask-talisman +Author: Alethea Katherine Flowers +Author-email: me@thea.codes +License: Apache Software License +Keywords: flask security https xss +Platform: UNKNOWN +Classifier: Development Status :: 5 - Production/Stable +Classifier: Intended Audience :: Developers +Classifier: Topic :: Software Development :: Libraries :: Python Modules +Classifier: License :: OSI Approved :: Apache Software License +Classifier: Programming Language :: Python +Classifier: Programming Language :: Python :: 3 +Classifier: Programming Language :: Python :: 3.5 +Classifier: Programming Language :: Python :: 3.6 +Classifier: Programming Language :: Python :: 3.7 +Classifier: Programming Language :: Python :: 3.8 +Classifier: Programming Language :: Python :: 3.9 +Classifier: Operating System :: POSIX +Classifier: Operating System :: MacOS +Classifier: Operating System :: Unix +License-File: LICENSE + +Talisman: HTTP security headers for Flask +========================================= + +|PyPI Version| + +Talisman is a small Flask extension that handles setting HTTP headers +that can help protect against a few common web application security +issues. + +The default configuration: + +- Forces all connects to ``https``, unless running with debug enabled. +- Enables `HTTP Strict Transport + Security `_. +- Sets Flask's session cookie to ``secure``, so it will never be set if + your application is somehow accessed via a non-secure connection. +- Sets Flask's session cookie to ``httponly``, preventing JavaScript + from being able to access its content. CSRF via Ajax uses a separate + cookie and should be unaffected. +- Sets Flask's session cookie to ``Lax``, preventing the cookie to be leaked + in CSRF-prone request methods. +- Sets + `X-Frame-Options `_ + to ``SAMEORIGIN`` to avoid + `clickjacking `_. +- Sets `X-Content-Type-Options + `_ + to prevent content type sniffing. +- Sets a strict `Content Security + Policy `__ + of ``default-src: 'self', 'object-src': 'none'``. This is intended to almost completely + prevent Cross Site Scripting (XSS) attacks. This is probably the only + setting that you should reasonably change. See the + `Content Security Policy`_ section. +- Sets a strict `Referrer-Policy `_ + of ``strict-origin-when-cross-origin`` that governs which referrer information should be included with + requests made. +- Disables ``browsing-topics`` by default in the `Permissions-Policy `_ + like `Drupal `_ to enhance privacy protection. + + +In addition to Talisman, you **should always use a cross-site request +forgery (CSRF) library**. It's highly recommended to use +`Flask-SeaSurf `_, +which is based on Django's excellent library. + +Installation & Basic Usage +-------------------------- + +Install via `pip `_: + +:: + + pip install flask-talisman + +After installing, wrap your Flask app with a ``Talisman``: + +.. code:: python + + from flask import Flask + from flask_talisman import Talisman + + app = Flask(__name__) + Talisman(app) + + +There is also a full `Example App `_. + +Options +------- + +- ``force_https``, default ``True``, forces all non-debug connects to + ``https`` (`about HTTPS `_). +- ``force_https_permanent``, default ``False``, uses ``301`` instead of + ``302`` for ``https`` redirects. + +- ``frame_options``, default ``SAMEORIGIN``, can be ``SAMEORIGIN``, + ``DENY``, or ``ALLOWFROM`` (`about Frame Options `_). +- ``frame_options_allow_from``, default ``None``, a string indicating + the domains that are allowed to embed the site via iframe. + +- ``strict_transport_security``, default ``True``, whether to send HSTS + headers (`about HSTS `_). +- ``strict_transport_security_preload``, default ``False``, enables HSTS + preloading. If you register your application with + `Google's HSTS preload list `_, + Firefox and Chrome will never load your site over a non-secure + connection. +- ``strict_transport_security_max_age``, default ``ONE_YEAR_IN_SECS``, + length of time the browser will respect the HSTS header. +- ``strict_transport_security_include_subdomains``, default ``True``, + whether subdomains should also use HSTS. + +- ``content_security_policy``, default ``default-src: 'self'`, 'object-src': 'none'``, see the + `Content Security Policy`_ section (`about Content Security Policy `_). +- ``content_security_policy_nonce_in``, default ``[]``. Adds a per-request nonce + value to the flask request object and also to the specified CSP header section. + I.e. ``['script-src', 'style-src']`` +- ``content_security_policy_report_only``, default ``False``, whether to set + the CSP header as "report-only" (as `Content-Security-Policy-Report-Only`) + to ease deployment by disabling the policy enforcement by the browser, + requires passing a value with the ``content_security_policy_report_uri`` + parameter +- ``content_security_policy_report_uri``, default ``None``, a string + indicating the report URI used for `CSP violation reports + `_ + +- ``referrer_policy``, default ``strict-origin-when-cross-origin``, a string + that sets the Referrer Policy header to send a full URL when performing a same-origin + request, only send the origin of the document to an equally secure destination + (HTTPS->HTTPS), and send no header to a less secure destination (HTTPS->HTTP) (`about Referrer Policy `_). + +- ``feature_policy``, default ``{}``, see the `Feature Policy`_ section (`about Feature Policy `_). + +- ``permissions_policy``, default ``{'browsing-topics': '()'}``, see the `Permissions Policy`_ section (`about Permissions Policy `_). +- ``document_policy``, default ``{}``, see the `Document Policy`_ section (`about Document Policy `_). + +- ``session_cookie_secure``, default ``True``, set the session cookie + to ``secure``, preventing it from being sent over plain ``http`` (`about cookies (https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie)_`). +- ``session_cookie_http_only``, default ``True``, set the session + cookie to ``httponly``, preventing it from being read by JavaScript. +- ``session_cookie_samesite``, default ``Lax``, set this to ``Strict`` to prevent the cookie from being sent by the browser to the target site in all cross-site browsing context, even when following a regular link. + + +- ``force_file_save``, default ``False``, whether to set the + `X-Download-Options `_ + header to ``noopen`` to prevent IE >= 8 to from opening file downloads + directly and only save them instead. + +- ``x_content_type_options``, default ``True``, Protects against MIME sniffing vulnerabilities (`about Content Type Options `_). +- ``x_xss_protection``, default ``False``, Protects against cross-site scripting (XSS) attacks (`about XSS Protection `_). This option is disabled by default because no modern browser (`supports this header `_) anymore. + +For a full list of (security) headers, check out: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers. + +Per-view options +~~~~~~~~~~~~~~~~ + +Sometimes you want to change the policy for a specific view. The +``force_https``, ``frame_options``, ``frame_options_allow_from``, +`content_security_policy``, ``feature_policy``, ``permissions_policy`` +and ``document_policy`` options can be changed on a per-view basis. + +.. code:: python + + from flask import Flask + from flask_talisman import Talisman, ALLOW_FROM + + app = Flask(__name__) + talisman = Talisman(app) + + @app.route('/normal') + def normal(): + return 'Normal' + + @app.route('/embeddable') + @talisman(frame_options=ALLOW_FROM, frame_options_allow_from='*') + def embeddable(): + return 'Embeddable' + +Content Security Policy +----------------------- + +The default content security policy is extremely strict and will +prevent loading any resources that are not in the same domain as the +application. Most web applications will need to change this policy. +If you're not ready to deploy Content Security Policy, you can set +`content_security_policy` to `False` to disable sending this header +entirely. + +A slightly more permissive policy is available at +``flask_talisman.GOOGLE_CSP_POLICY``, which allows loading Google-hosted JS +libraries, fonts, and embeding media from YouTube and Maps. + +You can and should create your own policy to suit your site's needs. +Here's a few examples adapted from +`MDN `_: + +Example 1 +~~~~~~~~~ + +This is the default policy. A web site administrator wants all content +to come from the site's own origin (this excludes subdomains) and disallow +legacy HTML elements. + +.. code:: python + + csp = { + 'default-src': '\'self\'', + 'object-src': '\'none\'', + } + talisman = Talisman(app, content_security_policy=csp) + +Example 2 +~~~~~~~~~ + +A web site administrator wants to allow content from a trusted domain +and all its subdomains (it doesn't have to be the same domain that the +CSP is set on.) + +.. code:: python + + csp = { + 'default-src': [ + '\'self\'', + '*.trusted.com' + ] + } + +Example 3 +~~~~~~~~~ + +A web site administrator wants to allow users of a web application to +include images from any origin in their own content, but to restrict +audio or video media to trusted providers, and all scripts only to a +specific server that hosts trusted code. + +.. code:: python + + csp = { + 'default-src': '\'self\'', + 'img-src': '*', + 'media-src': [ + 'media1.com', + 'media2.com', + ], + 'script-src': 'userscripts.example.com' + } + +In this example content is only permitted from the document's origin +with the following exceptions: + +- Images may loaded from anywhere (note the ``*`` wildcard). +- Media is only allowed from media1.com and media2.com (and not from + subdomains of those sites). +- Executable script is only allowed from userscripts.example.com. + +Example 4 +~~~~~~~~~ + +A web site administrator for an online banking site wants to ensure that +all its content is loaded using SSL, in order to prevent attackers from +eavesdropping on requests. + +.. code:: python + + csp = { + 'default-src': 'https://onlinebanking.jumbobank.com' + } + +The server only permits access to documents being loaded specifically +over HTTPS through the single origin onlinebanking.jumbobank.com. + +Example 5 +~~~~~~~~~ + +A web site administrator of a web mail site wants to allow HTML in +email, as well as images loaded from anywhere, but not JavaScript or +other potentially dangerous content. + +.. code:: python + + csp = { + 'default-src': [ + '\'self\'', + '*.mailsite.com', + ], + 'img-src': '*' + } + +Note that this example doesn't specify a ``script-src``; with the +example CSP, this site uses the setting specified by the ``default-src`` +directive, which means that scripts can be loaded only from the +originating server. + +Example 6 +~~~~~~~~~ + +A web site administrator wants to allow embedded scripts (which might +be generated dynamicially). + +.. code:: python + + csp = { + 'default-src': '\'self\'', + 'script-src': '\'self\'', + } + talisman = Talisman( + app, + content_security_policy=csp, + content_security_policy_nonce_in=['script-src'] + ) + +The nonce needs to be added to the script tag in the template: + +.. code:: html + + + +Note that the CSP directive (`script-src` in the example) to which the `nonce-...` +source should be added needs to be defined explicitly. + +Example 7 +~~~~~~~~~ + +A web site adminstrator wants to override the CSP directives via an +environment variable which doesn't support specifying the policy as +a Python dictionary, e.g.: + +.. code:: bash + + export CSP_DIRECTIVES="default-src 'self'; image-src *" + python app.py + +Then in the app code you can read the CSP directives from the environment: + +.. code:: python + + import os + from flask_talisman import Talisman, DEFAULT_CSP_POLICY + + talisman = Talisman( + app, + content_security_policy=os.environ.get("CSP_DIRECTIVES", DEFAULT_CSP_POLICY), + ) + +As you can see above the policy can be defined simply just like the official +specification requires the HTTP header to be set: As a semicolon separated +list of individual CSP directives. + +Feature Policy +-------------- + +**Note:** Feature Policy has largely been `renamed Permissions Policy `_ +in the latest draft and some features are likely to move to Document Policy. +At this writing, most browsers support the ``Feature-Policy`` HTTP Header name. +See the `Permissions Policy`_ and `Document Policy`_ sections below should you wish +to set these. + +Also note that the Feature Policy specification did not progress beyond the `draft https://wicg.github.io/feature-policy/` +stage before being renamed, but is `supported in some form in most browsers +`_. + +The default feature policy is empty, as this is the default expected behaviour. + +Geolocation Example +~~~~~~~~~~~~~~~~~~~ + +Disable access to Geolocation interface. + +.. code:: python + + feature_policy = { + 'geolocation': '\'none\'' + } + talisman = Talisman(app, feature_policy=feature_policy) + +Permissions Policy +------------------ + +Feature Policy has been split into Permissions Policy and Document Policy but +at this writing `browser support of Permissions Policy is very limited `_, +and it is recommended to still set the ``Feature-Policy`` HTTP Header. +Permission Policy support is included in Talisman for when this becomes more +widely supported. + +Note that the `Permission Policy is still an Working Draft `_. + +When the same feature or permission is set in both Feature Policy and Permission Policy, +the Permission Policy setting will take precedence in browsers that support both. + +It should be noted that the syntax differs between Feature Policy and Permission Policy +as can be seen from the ``geolocation`` examples provided. + +The default Permissions Policy is ``browsing-topics=()``, which opts sites out of +`Federated Learning of Cohorts `_ an interest-based advertising initiative +called Topics API. + +Permission Policy can be set either using a dictionary, or using a string. + +Geolocation and Microphone Example +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Disable access to Geolocation interface and Microphone using dictionary syntax + +.. code:: python + + permissions_policy = { + 'geolocation': '()', + 'microphone': '()' + } + talisman = Talisman(app, permissions_policy=permissions_policy) + +Disable access to Geolocation interface and Microphone using string syntax + +.. code:: python + + permissions_policy = 'geolocation=(), microphone=()' + talisman = Talisman(app, permissions_policy=permissions_policy) + +Document Policy +--------------- + +Feature Policy has been split into Permissions Policy and Document Policy but +at this writing `browser support of Document Policy is very limited `_, +and it is recommended to still set the ``Feature-Policy`` HTTP Header. +Document Policy support is included in Talisman for when this becomes more +widely supported. + +Note that the `Document Policy is still an Unofficial Draft `_. + +The default Document Policy is empty, as this is the default expected behaviour. + +Document Policy can be set either using a dictionary, or using a string. + +Oversized-Images Example +~~~~~~~~~~~~~~~~~~~~~~~~ + +Forbid oversized-images using dictionary syntax: + +.. code:: python + + document_policy = { + 'oversized-images': '?0' + } + talisman = Talisman(app, document_policy=document_policy) + +Forbid oversized-images using string syntax: + +.. code:: python + + document_policy = 'oversized-images=?0' + talisman = Talisman(app, document_policy=document_policy) + +Disclaimer +---------- + +This code originated at Google, but is not an official Google product, +experimental or otherwise. It was forked on June 6th, 2021 from the +unmaintained GoogleCloudPlatform/flask-talisman. + +There is no silver bullet for web application security. Talisman can +help, but security is more than just setting a few headers. Any +public-facing web application should have a comprehensive approach to +security. + + +Contributing changes +-------------------- + +- See `CONTRIBUTING.md`_ + +Licensing +--------- + +- Apache 2.0 - See `LICENSE`_ + +.. _LICENSE: https://github.com/wntrblm/flask-talisman/blob/master/LICENSE +.. _CONTRIBUTING.md: https://github.com/wntrblm/flask-talisman/blob/master/CONTRIBUTING.md +.. |PyPI Version| image:: https://img.shields.io/pypi/v/flask-talisman.svg + :target: https://pypi.python.org/pypi/flask-talisman + + diff --git a/venv/lib/python3.11/site-packages/flask_talisman-1.1.0.dist-info/RECORD b/venv/lib/python3.11/site-packages/flask_talisman-1.1.0.dist-info/RECORD new file mode 100644 index 0000000..85f28a9 --- /dev/null +++ b/venv/lib/python3.11/site-packages/flask_talisman-1.1.0.dist-info/RECORD @@ -0,0 +1,13 @@ +flask_talisman-1.1.0.dist-info/INSTALLER,sha256=zuuue4knoyJ-UwPPXg8fezS7VCrXJQrAP7zeNuwvFQg,4 +flask_talisman-1.1.0.dist-info/LICENSE,sha256=xx0jnfkXJvxRnG63LTGOxlggYnIysveWIZ6H3PNdCrQ,11357 +flask_talisman-1.1.0.dist-info/METADATA,sha256=AwnGEfgydNEYCwtRCtDWiQB6hSaTi1QBQrdWhw997_0,18722 +flask_talisman-1.1.0.dist-info/RECORD,, +flask_talisman-1.1.0.dist-info/REQUESTED,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0 +flask_talisman-1.1.0.dist-info/WHEEL,sha256=z9j0xAa_JmUKMpmz72K0ZGALSM_n-wQVmGbleXx2VHg,110 +flask_talisman-1.1.0.dist-info/top_level.txt,sha256=mXVUQo_kTE7G1KmO-Pl2mbgm8braqn1FfwVzSh2rh68,15 +flask_talisman/__init__.py,sha256=cTbxfRkVoP9JwIwHJFEymT3-ZuOr4uspReRunGwSNns,1027 +flask_talisman/__pycache__/__init__.cpython-311.pyc,, +flask_talisman/__pycache__/talisman.cpython-311.pyc,, +flask_talisman/__pycache__/talisman_test.cpython-311.pyc,, +flask_talisman/talisman.py,sha256=Y2q-X4ug-91wpS54wArEP0LWpA0bErDNW86ZL-hPhEY,17033 +flask_talisman/talisman_test.py,sha256=Ht7OTCm2VXWJJlxXNxGmMARGn3dYQg51E4lrpT772dY,14153 diff --git a/venv/lib/python3.11/site-packages/flask_talisman-1.1.0.dist-info/REQUESTED b/venv/lib/python3.11/site-packages/flask_talisman-1.1.0.dist-info/REQUESTED new file mode 100644 index 0000000..e69de29 diff --git a/venv/lib/python3.11/site-packages/flask_talisman-1.1.0.dist-info/WHEEL b/venv/lib/python3.11/site-packages/flask_talisman-1.1.0.dist-info/WHEEL new file mode 100644 index 0000000..0b18a28 --- /dev/null +++ b/venv/lib/python3.11/site-packages/flask_talisman-1.1.0.dist-info/WHEEL @@ -0,0 +1,6 @@ +Wheel-Version: 1.0 +Generator: bdist_wheel (0.37.1) +Root-Is-Purelib: true +Tag: py2-none-any +Tag: py3-none-any + diff --git a/venv/lib/python3.11/site-packages/flask_talisman-1.1.0.dist-info/top_level.txt b/venv/lib/python3.11/site-packages/flask_talisman-1.1.0.dist-info/top_level.txt new file mode 100644 index 0000000..d89915c --- /dev/null +++ b/venv/lib/python3.11/site-packages/flask_talisman-1.1.0.dist-info/top_level.txt @@ -0,0 +1 @@ +flask_talisman diff --git a/venv/lib/python3.11/site-packages/flask_talisman/__init__.py b/venv/lib/python3.11/site-packages/flask_talisman/__init__.py new file mode 100644 index 0000000..b567808 --- /dev/null +++ b/venv/lib/python3.11/site-packages/flask_talisman/__init__.py @@ -0,0 +1,31 @@ +# Copyright 2015 Google Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +from .talisman import ( + ALLOW_FROM, DEFAULT_CSP_POLICY, DEFAULT_DOCUMENT_POLICY, + DEFAULT_FEATURE_POLICY, DEFAULT_PERMISSIONS_POLICY, DENY, + GOOGLE_CSP_POLICY, NONCE_LENGTH, SAMEORIGIN, Talisman) + +__all__ = ( + 'ALLOW_FROM', + 'DEFAULT_CSP_POLICY', + 'DEFAULT_DOCUMENT_POLICY', + 'DEFAULT_FEATURE_POLICY', + 'DEFAULT_PERMISSIONS_POLICY', + 'DENY', + 'GOOGLE_CSP_POLICY', + 'NONCE_LENGTH', + 'SAMEORIGIN', + 'Talisman', +) diff --git a/venv/lib/python3.11/site-packages/flask_talisman/__pycache__/__init__.cpython-311.pyc b/venv/lib/python3.11/site-packages/flask_talisman/__pycache__/__init__.cpython-311.pyc new file mode 100644 index 0000000..40d2e7c Binary files /dev/null and b/venv/lib/python3.11/site-packages/flask_talisman/__pycache__/__init__.cpython-311.pyc differ diff --git a/venv/lib/python3.11/site-packages/flask_talisman/__pycache__/talisman.cpython-311.pyc b/venv/lib/python3.11/site-packages/flask_talisman/__pycache__/talisman.cpython-311.pyc new file mode 100644 index 0000000..a50359e Binary files /dev/null and b/venv/lib/python3.11/site-packages/flask_talisman/__pycache__/talisman.cpython-311.pyc differ diff --git a/venv/lib/python3.11/site-packages/flask_talisman/__pycache__/talisman_test.cpython-311.pyc b/venv/lib/python3.11/site-packages/flask_talisman/__pycache__/talisman_test.cpython-311.pyc new file mode 100644 index 0000000..7dd117c Binary files /dev/null and b/venv/lib/python3.11/site-packages/flask_talisman/__pycache__/talisman_test.cpython-311.pyc differ diff --git a/venv/lib/python3.11/site-packages/flask_talisman/talisman.py b/venv/lib/python3.11/site-packages/flask_talisman/talisman.py new file mode 100644 index 0000000..3911da9 --- /dev/null +++ b/venv/lib/python3.11/site-packages/flask_talisman/talisman.py @@ -0,0 +1,465 @@ +# Copyright 2015 Google Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +from collections import OrderedDict + +import flask + + +DENY = 'DENY' +SAMEORIGIN = 'SAMEORIGIN' +ALLOW_FROM = 'ALLOW-FROM' +ONE_YEAR_IN_SECS = 31556926 + +DEFAULT_REFERRER_POLICY = 'strict-origin-when-cross-origin' + +DEFAULT_CSP_POLICY = { + 'default-src': '\'self\'', + 'object-src': '\'none\'', +} + +DEFAULT_SESSION_COOKIE_SAMESITE = "Lax" + +GOOGLE_CSP_POLICY = { + # Fonts from fonts.google.com + 'font-src': '\'self\' themes.googleusercontent.com *.gstatic.com', + #