aiwaf 0.1.9.1.2__tar.gz → 0.1.9.1.4__tar.gz

{aiwaf-0.1.9.1.2 → aiwaf-0.1.9.1.4}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: aiwaf
-Version: 0.1.9.1.2
+Version: 0.1.9.1.4
 Summary: AI-powered Web Application Firewall
 Home-page: https://github.com/aayushgauba/aiwaf
 Author: Aayush Gauba
@@ -14,6 +14,8 @@ Requires-Dist: numpy>=1.21
 Requires-Dist: pandas>=1.3
 Requires-Dist: scikit-learn<2.0,>=1.0
 Requires-Dist: joblib>=1.1
+Requires-Dist: packaging>=21.0
+Requires-Dist: requests>=2.25.0
 Dynamic: author
 Dynamic: home-page
 Dynamic: license-file
@@ -59,7 +61,11 @@ aiwaf/
 │   └── dynamic_keywords.json    # evolves daily
 ├── management/
 │   └── commands/
-│       └── detect_and_train.py  # `python manage.py detect_and_train`
+│       ├── detect_and_train.py      # `python manage.py detect_and_train`
+│       ├── check_dependencies.py    # `python manage.py check_dependencies`
+│       ├── add_ipexemption.py       # `python manage.py add_ipexemption`
+│       ├── aiwaf_reset.py           # `python manage.py aiwaf_reset`
+│       └── aiwaf_logging.py         # `python manage.py aiwaf_logging`
 └── LICENSE
 ```
 
@@ -104,6 +110,23 @@ aiwaf/
   - **Captures response times** for better anomaly detection
   - **Zero configuration** - works out of the box
 
+- **Smart Training System**  
+  AI trainer automatically uses the best available data source:
+  - **Primary**: Configured access log files (`AIWAF_ACCESS_LOG`)
+  - **Fallback**: Database RequestLog model when files unavailable
+  - **Seamless switching** between data sources
+  - **Enhanced compatibility** with exemption system
+
+- **Dependency Management**  
+  Built-in dependency checker ensures package compatibility:
+  - **Version compatibility** checking (NumPy 2.0 vs pandas, etc.)
+  - **Missing dependency** detection
+  - **Security vulnerability** scanning
+  - **Smart upgrade suggestions** with compatibility validation
+  - **Safe automated upgrades** that preserve AIWAF stability
+  - **Dry run mode** for testing upgrade plans
+  - **Cross-package dependency** analysis and conflict resolution
+
 
 **Exempt Path & IP Awareness**
 
@@ -189,6 +212,142 @@ python manage.py aiwaf_reset --blacklist-only
 python manage.py aiwaf_reset --exemptions-only
 ```
 
+### Checking Dependencies
+
+Check your project's dependencies for updates and compatibility issues:
+
+```bash
+# Basic dependency check
+python manage.py check_dependencies
+
+# JSON format output
+python manage.py check_dependencies --format json
+
+# Include security vulnerability scanning
+python manage.py check_dependencies --check-security
+
+# Dry run - show what would be upgraded
+python manage.py check_dependencies --upgrade --dry-run
+
+# Actually upgrade packages safely
+python manage.py check_dependencies --upgrade
+
+# Full workflow: check, upgrade, and scan for vulnerabilities
+python manage.py check_dependencies --upgrade --check-security
+```
+
+**Core Features:**
+- ✅ **Parses pyproject.toml and requirements.txt**
+- ✅ **Shows current vs latest versions** 
+- ✅ **Checks package compatibility** (NumPy 2.0 vs pandas, etc.)
+- ✅ **Detects missing dependencies**
+- ✅ **Security vulnerability scanning** (requires `safety` package)
+- ✅ **Safe package upgrades** (maintains AIWAF stability)
+- ✅ **Dry run mode** for testing upgrade plans
+- ✅ **AIWAF compatibility validation**
+
+**Safe Upgrade System:**
+
+The upgrade system is designed to maintain AIWAF stability while keeping your packages up to date:
+
+| Protection Level | Description | Example |
+|------------------|-------------|---------|
+| 🛡️ **AIWAF Core** | Never upgrades AIWAF itself | Skips `aiwaf` package |
+| 🔒 **Breaking Changes** | Avoids known problematic versions | Blocks NumPy 2.0+ |
+| 🧠 **Smart Constraints** | Respects AIWAF compatibility matrix | pandas ≤ 2.9.99 |
+| 🔍 **Dependency Analysis** | Checks cross-package compatibility | NumPy vs pandas versions |
+
+**AIWAF Compatibility Matrix:**
+
+| Package | Safe Range | Blocked Versions | Reason |
+|---------|------------|------------------|---------|
+| Django | 3.2+ | None | AIWAF compatible with all Django versions |
+| NumPy | 1.21 - 1.99 | 2.0+ | Avoid breaking changes |
+| pandas | 1.3 - 2.9 | 3.0+ | AIWAF compatibility |
+| scikit-learn | 1.0 - 1.99 | 2.0+ | Model compatibility |
+| joblib | 1.1 - 1.99 | 2.0+ | AIWAF tested range |
+- ✅ **Provides upgrade commands**
+
+**Example Output:**
+```
+🔍 Checking project dependencies...
+
+📊 Summary: 5 packages checked
+   ✅ Up to date: 2
+   ⚠️  Outdated: 2
+   ❌ Not installed: 0
+
+⚠️  OUTDATED PACKAGES:
+────────────────────────────────────────
+📦 pandas    1.3.5 → 2.2.2 (constraint: pandas>=1.3)
+📦 numpy     1.21.0 → 1.26.4 (constraint: numpy>=1.21)
+
+🔍 Checking package compatibility...
+✅ All packages appear to be compatible!
+
+� Planning safe package upgrades...
+
+✅ SAFE UPGRADES PLANNED:
+────────────────────────────────────────
+📦 pandas              1.3.5        → 1.5.3        (Latest: 2.2.2)
+   💡 Upgraded to latest safe version (AIWAF constraint: <=1.99.99)
+📦 joblib              1.1.0        → 1.4.2        (Latest: 1.4.2)
+   💡 Safe to upgrade to latest version
+
+⚠️  UPGRADES BLOCKED FOR STABILITY:
+────────────────────────────────────────
+❌ numpy               1.21.0       ✗ 2.0.1
+   🚨 NumPy 2.0+ may cause compatibility issues (max safe: 1.99.99)
+
+�💡 To update outdated packages, run:
+   pip install --upgrade pandas==1.5.3 joblib
+```
+
+**Safe Upgrade System:**
+- 🛡️ **AIWAF Protection**: Never breaks AIWAF functionality
+- 🔍 **Compatibility Validation**: Checks package interdependencies  
+- 📊 **Conservative Constraints**: Avoids known problematic versions
+- 🧪 **Dry Run Mode**: Test upgrade plans before execution
+- ⚠️ **Clear Blocking Reasons**: Explains why upgrades are blocked
+
+**Recommended Upgrade Workflow:**
+
+1. **Check current status:**
+   ```bash
+   python manage.py check_dependencies
+   ```
+
+2. **Preview safe upgrades:**
+   ```bash
+   python manage.py check_dependencies --upgrade --dry-run
+   ```
+
+3. **Execute safe upgrades:**
+   ```bash
+   python manage.py check_dependencies --upgrade
+   ```
+
+4. **Verify after upgrade:**
+   ```bash
+   python manage.py check_dependencies
+   python manage.py detect_and_train  # Retrain with new packages
+   ```
+
+5. **Test your application:**
+   ```bash
+   python manage.py test  # Run your test suite
+   ```
+
+**Upgrade Decision Logic:**
+
+The system uses a multi-layer decision process:
+
+- **Layer 1**: Skip AIWAF itself (manual upgrade recommended)
+- **Layer 2**: Check AIWAF compatibility constraints
+- **Layer 3**: Analyze cross-package dependencies  
+- **Layer 4**: Select highest safe version within constraints
+- **Layer 5**: Execute with error handling and rollback capability
+
 This will ensure the IP is never blocked by AI‑WAF. You can also manage exemptions via the Django admin interface.
 
 - **Daily Retraining**  
@@ -380,6 +539,68 @@ MIDDLEWARE = [
 - Missing migrations: `python manage.py migrate`
 - Import errors: Check `INSTALLED_APPS` includes `'aiwaf'`
 
+### **Dependency Upgrade Troubleshooting**
+
+**Common Upgrade Scenarios:**
+
+1. **NumPy 2.0 Upgrade Blocked:**
+   ```bash
+   # Check pandas compatibility first
+   python manage.py check_dependencies --upgrade --dry-run
+   
+   # If pandas < 2.1, upgrade pandas first
+   pip install 'pandas>=2.1,<3.0'
+   
+   # Then allow NumPy upgrade
+   python manage.py check_dependencies --upgrade
+   ```
+
+2. **All Upgrades Blocked:**
+   ```bash
+   # Check what's blocking upgrades
+   python manage.py check_dependencies --upgrade --dry-run
+   
+   # Manual override (use with caution)
+   pip install --upgrade package-name
+   
+   # Verify AIWAF still works
+   python manage.py detect_and_train
+   ```
+
+3. **Package Conflict After Upgrade:**
+   ```bash
+   # Check current compatibility
+   python manage.py check_dependencies
+   
+   # Downgrade to last known good version
+   pip install package-name==previous-version
+   
+   # Find safe upgrade path
+   python manage.py check_dependencies --upgrade --dry-run
+   ```
+
+4. **AIWAF Model Issues After Upgrade:**
+   ```bash
+   # Regenerate model with new package versions
+   python manage.py regenerate_model
+   
+   # Retrain with current environment
+   python manage.py detect_and_train
+   ```
+
+**Emergency Rollback:**
+If an upgrade breaks your system:
+```bash
+# Reinstall exact previous versions
+pip install package-name==old-version
+
+# Or use requirements.txt backup
+pip install -r requirements.txt.backup
+
+# Verify AIWAF functionality
+python manage.py aiwaf_diagnose
+```
+
 ---
 
 ##  Running Detection & Training

{aiwaf-0.1.9.1.2 → aiwaf-0.1.9.1.4}/README.md

@@ -38,7 +38,11 @@ aiwaf/
 │   └── dynamic_keywords.json    # evolves daily
 ├── management/
 │   └── commands/
-│       └── detect_and_train.py  # `python manage.py detect_and_train`
+│       ├── detect_and_train.py      # `python manage.py detect_and_train`
+│       ├── check_dependencies.py    # `python manage.py check_dependencies`
+│       ├── add_ipexemption.py       # `python manage.py add_ipexemption`
+│       ├── aiwaf_reset.py           # `python manage.py aiwaf_reset`
+│       └── aiwaf_logging.py         # `python manage.py aiwaf_logging`
 └── LICENSE
 ```
 
@@ -83,6 +87,23 @@ aiwaf/
   - **Captures response times** for better anomaly detection
   - **Zero configuration** - works out of the box
 
+- **Smart Training System**  
+  AI trainer automatically uses the best available data source:
+  - **Primary**: Configured access log files (`AIWAF_ACCESS_LOG`)
+  - **Fallback**: Database RequestLog model when files unavailable
+  - **Seamless switching** between data sources
+  - **Enhanced compatibility** with exemption system
+
+- **Dependency Management**  
+  Built-in dependency checker ensures package compatibility:
+  - **Version compatibility** checking (NumPy 2.0 vs pandas, etc.)
+  - **Missing dependency** detection
+  - **Security vulnerability** scanning
+  - **Smart upgrade suggestions** with compatibility validation
+  - **Safe automated upgrades** that preserve AIWAF stability
+  - **Dry run mode** for testing upgrade plans
+  - **Cross-package dependency** analysis and conflict resolution
+
 
 **Exempt Path & IP Awareness**
 
@@ -168,6 +189,142 @@ python manage.py aiwaf_reset --blacklist-only
 python manage.py aiwaf_reset --exemptions-only
 ```
 
+### Checking Dependencies
+
+Check your project's dependencies for updates and compatibility issues:
+
+```bash
+# Basic dependency check
+python manage.py check_dependencies
+
+# JSON format output
+python manage.py check_dependencies --format json
+
+# Include security vulnerability scanning
+python manage.py check_dependencies --check-security
+
+# Dry run - show what would be upgraded
+python manage.py check_dependencies --upgrade --dry-run
+
+# Actually upgrade packages safely
+python manage.py check_dependencies --upgrade
+
+# Full workflow: check, upgrade, and scan for vulnerabilities
+python manage.py check_dependencies --upgrade --check-security
+```
+
+**Core Features:**
+- ✅ **Parses pyproject.toml and requirements.txt**
+- ✅ **Shows current vs latest versions** 
+- ✅ **Checks package compatibility** (NumPy 2.0 vs pandas, etc.)
+- ✅ **Detects missing dependencies**
+- ✅ **Security vulnerability scanning** (requires `safety` package)
+- ✅ **Safe package upgrades** (maintains AIWAF stability)
+- ✅ **Dry run mode** for testing upgrade plans
+- ✅ **AIWAF compatibility validation**
+
+**Safe Upgrade System:**
+
+The upgrade system is designed to maintain AIWAF stability while keeping your packages up to date:
+
+| Protection Level | Description | Example |
+|------------------|-------------|---------|
+| 🛡️ **AIWAF Core** | Never upgrades AIWAF itself | Skips `aiwaf` package |
+| 🔒 **Breaking Changes** | Avoids known problematic versions | Blocks NumPy 2.0+ |
+| 🧠 **Smart Constraints** | Respects AIWAF compatibility matrix | pandas ≤ 2.9.99 |
+| 🔍 **Dependency Analysis** | Checks cross-package compatibility | NumPy vs pandas versions |
+
+**AIWAF Compatibility Matrix:**
+
+| Package | Safe Range | Blocked Versions | Reason |
+|---------|------------|------------------|---------|
+| Django | 3.2+ | None | AIWAF compatible with all Django versions |
+| NumPy | 1.21 - 1.99 | 2.0+ | Avoid breaking changes |
+| pandas | 1.3 - 2.9 | 3.0+ | AIWAF compatibility |
+| scikit-learn | 1.0 - 1.99 | 2.0+ | Model compatibility |
+| joblib | 1.1 - 1.99 | 2.0+ | AIWAF tested range |
+- ✅ **Provides upgrade commands**
+
+**Example Output:**
+```
+🔍 Checking project dependencies...
+
+📊 Summary: 5 packages checked
+   ✅ Up to date: 2
+   ⚠️  Outdated: 2
+   ❌ Not installed: 0
+
+⚠️  OUTDATED PACKAGES:
+────────────────────────────────────────
+📦 pandas    1.3.5 → 2.2.2 (constraint: pandas>=1.3)
+📦 numpy     1.21.0 → 1.26.4 (constraint: numpy>=1.21)
+
+🔍 Checking package compatibility...
+✅ All packages appear to be compatible!
+
+� Planning safe package upgrades...
+
+✅ SAFE UPGRADES PLANNED:
+────────────────────────────────────────
+📦 pandas              1.3.5        → 1.5.3        (Latest: 2.2.2)
+   💡 Upgraded to latest safe version (AIWAF constraint: <=1.99.99)
+📦 joblib              1.1.0        → 1.4.2        (Latest: 1.4.2)
+   💡 Safe to upgrade to latest version
+
+⚠️  UPGRADES BLOCKED FOR STABILITY:
+────────────────────────────────────────
+❌ numpy               1.21.0       ✗ 2.0.1
+   🚨 NumPy 2.0+ may cause compatibility issues (max safe: 1.99.99)
+
+�💡 To update outdated packages, run:
+   pip install --upgrade pandas==1.5.3 joblib
+```
+
+**Safe Upgrade System:**
+- 🛡️ **AIWAF Protection**: Never breaks AIWAF functionality
+- 🔍 **Compatibility Validation**: Checks package interdependencies  
+- 📊 **Conservative Constraints**: Avoids known problematic versions
+- 🧪 **Dry Run Mode**: Test upgrade plans before execution
+- ⚠️ **Clear Blocking Reasons**: Explains why upgrades are blocked
+
+**Recommended Upgrade Workflow:**
+
+1. **Check current status:**
+   ```bash
+   python manage.py check_dependencies
+   ```
+
+2. **Preview safe upgrades:**
+   ```bash
+   python manage.py check_dependencies --upgrade --dry-run
+   ```
+
+3. **Execute safe upgrades:**
+   ```bash
+   python manage.py check_dependencies --upgrade
+   ```
+
+4. **Verify after upgrade:**
+   ```bash
+   python manage.py check_dependencies
+   python manage.py detect_and_train  # Retrain with new packages
+   ```
+
+5. **Test your application:**
+   ```bash
+   python manage.py test  # Run your test suite
+   ```
+
+**Upgrade Decision Logic:**
+
+The system uses a multi-layer decision process:
+
+- **Layer 1**: Skip AIWAF itself (manual upgrade recommended)
+- **Layer 2**: Check AIWAF compatibility constraints
+- **Layer 3**: Analyze cross-package dependencies  
+- **Layer 4**: Select highest safe version within constraints
+- **Layer 5**: Execute with error handling and rollback capability
+
 This will ensure the IP is never blocked by AI‑WAF. You can also manage exemptions via the Django admin interface.
 
 - **Daily Retraining**  
@@ -359,6 +516,68 @@ MIDDLEWARE = [
 - Missing migrations: `python manage.py migrate`
 - Import errors: Check `INSTALLED_APPS` includes `'aiwaf'`
 
+### **Dependency Upgrade Troubleshooting**
+
+**Common Upgrade Scenarios:**
+
+1. **NumPy 2.0 Upgrade Blocked:**
+   ```bash
+   # Check pandas compatibility first
+   python manage.py check_dependencies --upgrade --dry-run
+   
+   # If pandas < 2.1, upgrade pandas first
+   pip install 'pandas>=2.1,<3.0'
+   
+   # Then allow NumPy upgrade
+   python manage.py check_dependencies --upgrade
+   ```
+
+2. **All Upgrades Blocked:**
+   ```bash
+   # Check what's blocking upgrades
+   python manage.py check_dependencies --upgrade --dry-run
+   
+   # Manual override (use with caution)
+   pip install --upgrade package-name
+   
+   # Verify AIWAF still works
+   python manage.py detect_and_train
+   ```
+
+3. **Package Conflict After Upgrade:**
+   ```bash
+   # Check current compatibility
+   python manage.py check_dependencies
+   
+   # Downgrade to last known good version
+   pip install package-name==previous-version
+   
+   # Find safe upgrade path
+   python manage.py check_dependencies --upgrade --dry-run
+   ```
+
+4. **AIWAF Model Issues After Upgrade:**
+   ```bash
+   # Regenerate model with new package versions
+   python manage.py regenerate_model
+   
+   # Retrain with current environment
+   python manage.py detect_and_train
+   ```
+
+**Emergency Rollback:**
+If an upgrade breaks your system:
+```bash
+# Reinstall exact previous versions
+pip install package-name==old-version
+
+# Or use requirements.txt backup
+pip install -r requirements.txt.backup
+
+# Verify AIWAF functionality
+python manage.py aiwaf_diagnose
+```
+
 ---
 
 ##  Running Detection & Training

{aiwaf-0.1.9.1.2 → aiwaf-0.1.9.1.4}/aiwaf/__init__.py

@@ -1,6 +1,6 @@
 default_app_config = "aiwaf.apps.AiwafConfig"
 
-__version__ = "0.1.9.1.2"
+__version__ = "0.1.9.1.4"
 
 # Note: Middleware classes are available from aiwaf.middleware
 # Import them only when needed to avoid circular imports during Django app loading