adebaumann/shorefront
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: pin bcrypt<4.0.0 to restore passlib compatibility

Browse Source 
passlib 1.7.4 (unmaintained since 2020) is incompatible with bcrypt>=4.0:
- bcrypt 4.x removed bcrypt.__about__ (passlib version probe fails)
- bcrypt 4.x enforces 72-byte password limit strictly, crashing
  passlib's detect_wrap_bug() compatibility test during context init

Pinning bcrypt<4.0.0 is the standard workaround until passlib is replaced.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Adrian A. Baumann
2026-02-28 21:49:00 +01:00
parent 3f5b0d1591
commit 123e914f01
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
backend/requirements.txt
View File

@@ -5,6 +5,7 @@ alembic==1.13.1
psycopg2-binary==2.9.9 psycopg2-binary==2.9.9
python-jose[cryptography]==3.3.0 python-jose[cryptography]==3.3.0
passlib[bcrypt]==1.7.4 passlib[bcrypt]==1.7.4
bcrypt<4.0.0
python-multipart==0.0.9 python-multipart==0.0.9
pydantic[email]==2.7.1 pydantic[email]==2.7.1
pydantic-settings==2.2.1 pydantic-settings==2.2.1