anti/DECNET
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b3d1301925175b7cf59eb913f6e2ff1ff36f9a9c
DECNET/pyproject.toml
anti 011445b77a chore(license): add GPL-3.0-or-later LICENSE + pyproject metadata 
DECNET had no LICENSE file and no license metadata in pyproject.toml
despite intent being GPLv3. Legally that meant the code was "all
rights reserved" by default, so anyone distributing it (including via
GitHub clones, mirrors, or the forthcoming swarm enroll bundles) was
technically in violation even though the operator's own intent was
copyleft.

- Add canonical GPL-3.0 text from gnu.org/licenses/gpl-3.0.txt as
  LICENSE (verbatim, 674 lines).
- Add license = "GPL-3.0-or-later" and license-files = ["LICENSE"]
  to pyproject.toml [project] (SPDX identifier per PEP 639).
- Add the matching OSI classifier plus a few other standard ones
  (Python 3.11, Linux, Security, Network Monitoring, Beta) that
  pyproject was silently missing.

Prereq for the forthcoming p0f-db vendoring: establishing DECNET's
own license explicitly closes the first question an auditor would
ask about any third-party data we embed.
2026-04-24 11:35:59 -04:00

134 lines
3.6 KiB
TOML
Raw Blame History

[build-system]
requires = ["setuptools>=68", "wheel"]
build-backend = "setuptools.build_meta"
[project]
name = "decnet"
version = "0.2.0"
description = "Deception network: deploy honeypot deckies that appear as real LAN hosts"
license = "GPL-3.0-or-later"
license-files = ["LICENSE"]
requires-python = ">=3.11"
classifiers = [
"License :: OSI Approved :: GNU General Public License v3 or later (GPLv3+)",
"Programming Language :: Python :: 3.11",
"Operating System :: POSIX :: Linux",
"Topic :: Security",
"Topic :: System :: Networking :: Monitoring",
"Development Status :: 4 - Beta",
]
dependencies = [
"typer[all]>=0.12",
"pydantic>=2.0",
"docker>=7.0",
"pyyaml>=6.0",
"jinja2>=3.1",
"fastapi>=0.110.0",
"uvicorn>=0.29.0",
"aiosqlite>=0.20.0",
"asyncmy>=0.2.11",
"PyJWT>=2.8.0",
"bcrypt>=4.1.0",
"psutil>=5.9.0",
"python-dotenv>=1.0.0",
"sqlmodel>=0.0.16",
"scapy>=2.6.1",
"orjson>=3.10",
"cryptography>=46.0.7",
"python-multipart>=0.0.20",
"httpx>=0.28.1",
"requests>=2.33.1",
"slowapi>=0.1.9"
]
[project.optional-dependencies]
tracing = [
"opentelemetry-api>=1.20.0",
"opentelemetry-sdk>=1.20.0",
"opentelemetry-exporter-otlp>=1.20.0",
"opentelemetry-instrumentation-fastapi>=0.41b0",
]
profile = [
"py-spy>=0.4.1",
"pyinstrument>=4.7",
"pytest-benchmark>=4.0",
"memray>=1.14 ; sys_platform == 'linux'",
"snakeviz>=2.2",
]
dev = [
"decnet[tracing,profile]",
"pytest>=9.0.3",
"ruff>=0.15.10",
"bandit>=1.9.4",
"pip>=26.0",
"pip-audit>=2.10.0",
"httpx>=0.28.1",
"hypothesis>=6.151.14",
"pytest-cov>=7.1.0",
"pytest-asyncio>=1.3.0",
"freezegun>=1.5.5",
"schemathesis>=4.15.1",
"pytest-xdist>=3.8.0",
"pytest-timeout>=2.4.0",
"flask>=3.1.3",
"twisted>=25.5.0",
"requests>=2.33.1",
"redis>=7.4.0",
"pymysql>=1.1.2",
"psycopg2-binary>=2.9.11",
"paho-mqtt>=2.1.0",
"pymongo>=4.16.0",
"locust>=2.29",
"gevent>=24.0",
"pydeps>=3.0.3"
]
[project.scripts]
decnet = "decnet.cli:app"
[tool.pytest.ini_options]
asyncio_mode = "auto"
asyncio_debug = "true"
asyncio_default_fixture_loop_scope = "module"
addopts = "-m 'not fuzz and not live and not stress and not bench and not docker' -v -q -x -n logical --dist loadscope"
markers = [
"fuzz: hypothesis-based fuzz tests (slow, run with -m fuzz or -m '' for all)",
"live: live subprocess service tests (run with -m live)",
"live_docker: live Docker container tests (requires DECNET_LIVE_DOCKER=1)",
"stress: locust-based stress tests (run with -m stress)",
"bench: pytest-benchmark micro-benchmarks (run with -m bench)",
"docker: tests that build and run docker images (run with -m docker)",
]
filterwarnings = [
"ignore::pytest.PytestUnhandledThreadExceptionWarning",
"ignore::DeprecationWarning",
"ignore::RuntimeWarning",
]
[tool.coverage.run]
source = ["decnet"]
omit = ["*/tests/*", "*/templates/*"]
parallel = true
[tool.coverage.report]
show_missing = true
skip_covered = false
# Run with: pytest --cov --cov-report=term-missing
[tool.setuptools.packages.find]
where = ["."]
include = ["decnet*"]
[tool.setuptools.package-data]
# Ship docker build contexts + syslog_bridge.py as package data so they land
# in site-packages when agents install the bundle via `pip install`.
decnet = ["templates/**/*"]
[tool.bandit]
# Docker build contexts — code runs inside decoy containers, not in the
# master/agent process. Skipping keeps honeypot service scripts (hashlib.md5
# for JA3, /tmp/build in Dockerfile helpers, etc.) out of the scan.
exclude_dirs = [
"decnet/templates",
]
Reference in New Issue View Git Blame Copy Permalink