PyPI - howler-api - Versions diffs - 4.0.0.dev596__tar.gz → 4.0.0.dev642__tar.gz - Mend

howler-api 4.0.0.dev596tar.gz → 4.0.0.dev642tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (208) hide show

{howler_api-4.0.0.dev596 → howler_api-4.0.0.dev642}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: howler-api
-Version: 4.0.0.dev596
+Version: 4.0.0.dev642
 Summary: Howler - API server
 License: MIT
 Keywords: howler,alerting,gc,canada,cse-cst,cse,cst,cyber,cccs
@@ -39,7 +39,7 @@ Requires-Dist: prometheus-client (==0.24.1)
 Requires-Dist: pydantic (>=2.11.4,<3.0.0)
 Requires-Dist: pydantic-settings[yaml] (>=2.9.1,<3.0.0)
 Requires-Dist: pydash (>=8.0.5,<9.0.0)
-Requires-Dist: pyjwt (==2.11.0)
+Requires-Dist: pyjwt (==2.12.1)
 Requires-Dist: pysigma (==0.11.23)
 Requires-Dist: pysigma-backend-elasticsearch (>=1.1.2,<2.0.0)
 Requires-Dist: python-baseconv (==1.2.2)

{howler_api-4.0.0.dev596 → howler_api-4.0.0.dev642}/howler/api/v1/dossier.py RENAMED Viewed

@@ -139,7 +139,7 @@ def get_dossier_for_hit(id: str, user: User, **kwargs):
         hit = response["items"][0]
-        return ok(dossier_service.get_matching_dossiers(hit))
+        return ok(dossier_service.get_matching_dossiers(hit, username=user.uname))
     except ValueError as e:
         return bad_request(err=str(e))

{howler_api-4.0.0.dev596 → howler_api-4.0.0.dev642}/howler/api/v1/search.py RENAMED Viewed

@@ -16,6 +16,7 @@ from howler.common.logging import get_logger
 from howler.common.swagger import generate_swagger_docs
 from howler.datastore.exceptions import SearchException
 from howler.helper.search import get_collection, get_default_sort, has_access_control, list_all_fields
+from howler.odm.models.user import User
 from howler.security import api_login
 from howler.services import hit_service, lucene_service
@@ -100,7 +101,7 @@ def search(index, **kwargs):
      "next_deep_paging_id": "asX3f...342",  # ID to pass back for the next page during deep paging
      "items": []}                           # List of results
     """
-    user = kwargs["user"]
+    user: User = kwargs["user"]
     collection = get_collection(index, user)
     default_sort = get_default_sort(index, user)

{howler_api-4.0.0.dev596 → howler_api-4.0.0.dev642}/howler/api/v2/case.py RENAMED Viewed

@@ -48,8 +48,7 @@ def create_case(user: User, **kwargs):
         return bad_request(err="Request body must be a JSON object with case data.")
     try:
-        new_case = case_service.create_case(case_data, user.uname)
-        return created(new_case)
+        return created(case_service.create_case(case_data, user.uname))
     except InvalidDataException as e:
         return bad_request(err=str(e))
     except ResourceExists as e:

{howler_api-4.0.0.dev596 → howler_api-4.0.0.dev642}/howler/api/v2/ingest.py RENAMED Viewed

@@ -275,7 +275,7 @@ def update_by_query(indexes: str, **kwargs):
     """Update a set of hits using a query.
     Variables:
-    None
+    indexes => Comma-separated list of indexes to update
     Arguments:
     None

{howler_api-4.0.0.dev596 → howler_api-4.0.0.dev642}/howler/api/v2/search.py RENAMED Viewed

@@ -279,7 +279,7 @@ def facet(indexes: str, **kwargs):
     values where the documents matches the specified queries.
     Variables:
-    index       =>   Index to search in (hit, user,...)
+    indexes       =>   Comma-separated indexes to search in (hit, user,...)
     Optional Arguments:
     query       =>   Query to search for

{howler_api-4.0.0.dev596 → howler_api-4.0.0.dev642}/howler/odm/models/case.py RENAMED Viewed

@@ -1,4 +1,4 @@
-from typing import Optional
+from typing import Any, Optional
 from howler import odm
 from howler.common.exceptions import HowlerValueError
@@ -62,7 +62,6 @@ class CaseLog(odm.Model):
 class CaseItem(odm.Model):
     path: str = odm.Keyword(description="Path of the item in the case hierarchy.")
     type: str = odm.Enum(values=CaseItemTypes, description="Type of case item.")
-    id: str | None = odm.Keyword(description="Identifier for the backing object when available.", optional=True)
     value: str = odm.Keyword(description="String reference value for the item (ID, URL, or token).")
     visible: bool = odm.Boolean(default=True, description="Whether the item is visible/accessible in the frontend.")
@@ -177,3 +176,10 @@ class Case(odm.Model):
             description="A list of changes to the case with timestamps and attribution.",
         )
     )
+    def as_primitives(self, hidden_fields=False, strip_null=True) -> dict[str, Any]:
+        result = super().as_primitives(hidden_fields, strip_null)
+        result["__index"] = self.__class__.__name__.lower()
+        return result

{howler_api-4.0.0.dev596 → howler_api-4.0.0.dev642}/howler/odm/models/observable.py RENAMED Viewed

@@ -53,7 +53,6 @@ class Log(odm.Model):
 DEFAULT_LABELS = {"assignments": [], "generic": []}
-DEFAULT_ASSIGNMENT = "unassigned"
 @odm.model(

{howler_api-4.0.0.dev596 → howler_api-4.0.0.dev642}/howler/odm/models/record.py RENAMED Viewed

@@ -1,5 +1,5 @@
 # mypy: ignore-errors
-from typing import Optional
+from typing import Any, Optional
 from howler import odm
 from howler.common.logging import get_logger
@@ -334,3 +334,10 @@ class Record(odm.Model):
             reference="https://www.elastic.co/guide/en/ecs/8.5/ecs-vulnerability.html",
         )
     )
+    def as_primitives(self, hidden_fields=False, strip_null=True) -> dict[str, Any]:
+        result = super().as_primitives(hidden_fields, strip_null)
+        result["__index"] = self.__class__.__name__.lower()
+        return result

{howler_api-4.0.0.dev596 → howler_api-4.0.0.dev642}/howler/odm/random_data.py RENAMED Viewed

@@ -717,7 +717,6 @@ def create_cases(ds: HowlerDatastore, num_cases: int = 5):
                 {
                     "path": f"alerts/{hit['howler']['analytic']} ({hit['howler']['id']})",
                     "type": "hit",
-                    "id": hit_id,
                     "value": hit_id,
                 }
             )
@@ -731,7 +730,6 @@ def create_cases(ds: HowlerDatastore, num_cases: int = 5):
                 {
                     "path": f"observable/{observable['howler']['id']}",
                     "type": "observable",
-                    "id": observable_id,
                     "value": observable_id,
                 }
             )
@@ -747,7 +745,6 @@ def create_cases(ds: HowlerDatastore, num_cases: int = 5):
                 {
                     "path": f"alerts/{get_random_word()}/{get_random_word()}",
                     "type": "hit",
-                    "id": nested_hit_id,
                     "value": nested_hit_id,
                 }
             )
@@ -769,7 +766,6 @@ def create_cases(ds: HowlerDatastore, num_cases: int = 5):
                 {
                     "path": f"alerts/{get_random_word()}/{get_random_word()}/{get_random_word()}",
                     "type": "observable",
-                    "id": nested_observable_id,
                     "value": nested_observable_id,
                 }
             )
@@ -788,7 +784,6 @@ def create_cases(ds: HowlerDatastore, num_cases: int = 5):
                 {
                     "path": f"cases/Related Case {idx}",
                     "type": "case",
-                    "id": related_case_id,
                     "value": related_case_id,
                 }
             )
@@ -883,8 +878,8 @@ def create_cases(ds: HowlerDatastore, num_cases: int = 5):
         ds.case.save(case_id, case_data)
         generated_case_ids.append(case_id)
-        case_hit_ids = list({item["id"] for item in items if item.get("type") == "hit"})
-        case_observable_ids = list({item["id"] for item in items if item.get("type") == "observable"})
+        case_hit_ids = list({item["value"] for item in items if item.get("type") == "hit"})
+        case_observable_ids = list({item["value"] for item in items if item.get("type") == "observable"})
         for hit_id in case_hit_ids:
             ds.hit.update(hit_id, [hit_helper.list_add("howler.related", case_id)])

{howler_api-4.0.0.dev596 → howler_api-4.0.0.dev642}/howler/services/case_service.py RENAMED Viewed

@@ -4,7 +4,7 @@ This module provides functionality for creating, updating, retrieving, and manag
 cases - collections of security alerts and investigation data organized by analysts.
 """
-from typing import Any, overload
+from typing import Any, cast, overload
 from prometheus_client import Counter
@@ -13,6 +13,7 @@ from howler.common.loader import APP_NAME, datastore
 from howler.common.logging import get_logger
 from howler.datastore.exceptions import DataStoreException
 from howler.odm.models.case import Case, CaseItem, CaseItemTypes, CaseLog
+from howler.odm.models.ecs.related import Related
 from howler.odm.models.hit import Hit
 from howler.odm.models.observable import Observable
 from howler.odm.models.user import User
@@ -22,7 +23,7 @@ logger = get_logger(__file__)
 CREATED_CASES = Counter(f"{APP_NAME.replace('-', '_')}_created_cases_total", "The number of created cases")
-def create_case(_case: dict, user: str = None) -> dict[str, Any]:  # type: ignore
+def create_case(_case: dict, user: str = None) -> Case:  # type: ignore
     """Create a new case in the datastore.
     Args:
@@ -50,8 +51,9 @@ def create_case(_case: dict, user: str = None) -> dict[str, Any]:  # type: ignor
         append_case_item(case.case_id, item=CaseItem(item))
     if items:
-        return datastore().case.get_if_exists(case.case_id, as_obj=False)
-    return case.as_primitives()
+        return cast(Case, datastore().case.get(case.case_id))
+    return case
 def hide_cases(case_ids: set[str], user: str) -> None:
@@ -66,19 +68,20 @@ def hide_cases(case_ids: set[str], user: str) -> None:
     """
     ds = datastore()
-    items_query = f"items.id:({' OR '.join(case_ids)})"
+    items_query = f"items.value:({' OR '.join(case_ids)})"
     for case in ds.case.stream_search(items_query, as_obj=False):
         related_case_id = case["case_id"]
         if related_case_id in case_ids:
             continue
-        related_case = ds.case.get_if_exists(related_case_id, as_obj=True)
+        related_case = ds.case.get(related_case_id)
         if related_case:
             hidden_ids: list[str] = []
             for item in related_case.items:
-                if item.id in case_ids:
+                if item.value in case_ids:
                     item.visible = False
-                    hidden_ids.append(item.id)
+                    hidden_ids.append(item.value)
             if hidden_ids:
                 related_case.log.append(
                     CaseLog(
@@ -92,7 +95,7 @@ def hide_cases(case_ids: set[str], user: str) -> None:
                 ds.case.save(related_case_id, related_case)
     for case_id in case_ids:
-        case = ds.case.get_if_exists(case_id, as_obj=True)
+        case = ds.case.get(case_id)
         if case:
             case.visible = False
             case.log.append(
@@ -122,15 +125,15 @@ def delete_cases(case_ids: set[str]) -> bool:
     """
     ds = datastore()
-    items_query = f"items.id:({' OR '.join(case_ids)})"
+    items_query = f"items.value:({' OR '.join(case_ids)})"
     for case in ds.case.stream_search(items_query, as_obj=False):
         related_case_id = case["case_id"]
         if related_case_id in case_ids:
             continue
-        related_case = ds.case.get_if_exists(related_case_id, as_obj=True)
+        related_case = ds.case.get(related_case_id)
         if related_case:
-            related_case.items = [item for item in related_case.items if item.id not in case_ids]
+            related_case.items = [item for item in related_case.items if item.value not in case_ids]
             ds.case.save(related_case_id, related_case)
     return ds.case.delete_by_query(f"case_id:({' OR '.join(case_ids)})")
@@ -156,7 +159,7 @@ def update_case(case_id: str, case_data: dict[str, Any], user: User) -> Case:
     """
     ds = datastore()
-    case = ds.case.get_if_exists(case_id, as_obj=True)
+    case = ds.case.get(case_id)
     if case is None:
         raise NotFoundException(f"Case {case_id} does not exist")
@@ -303,7 +306,7 @@ def append_hit(case_id: str, item: CaseItem):
     """
     ds = datastore()
-    case: Case = ds.case.get_if_exists(key=case_id, as_obj=True)
+    case = ds.case.get(key=case_id)
     if case is None:
         raise NotFoundException(f"Case {case_id} does not exist")
@@ -311,13 +314,11 @@ def append_hit(case_id: str, item: CaseItem):
     if any(item.value == case_item["value"] for case_item in case.items):
         raise InvalidDataException(f"Hit {item.value} already exists in case {case_id}")
-    hit: Hit = ds.hit.get_if_exists(key=item.value, as_obj=True)
+    hit = ds.hit.get(key=item.value)
     if hit is None:
         raise NotFoundException(f"Hit {item.value} not found, cannot be added to case")
-    item.id = item.value
     if item.path == "related/":
         item.path = f"alerts/{hit.howler.analytic} ({hit.howler.id})"
@@ -326,7 +327,8 @@ def append_hit(case_id: str, item: CaseItem):
     if not datastore().case.save(case.case_id, case):
         raise DataStoreException(f"Failed to save {case.case_id} with new item {item.value}")
-    add_backreference(hit, case.case_id)
+    _add_backreference(hit, case.case_id)
+    _sync_case_metadata(case_id)
 def append_observable(case_id: str, item: CaseItem):
@@ -348,30 +350,29 @@ def append_observable(case_id: str, item: CaseItem):
     """
     ds = datastore()
-    case: Case = ds.case.get_if_exists(key=case_id, as_obj=True)
+    _case = ds.case.get(key=case_id)
-    if case is None:
+    if _case is None:
         raise NotFoundException(f"Case {case_id} does not exist")
-    if any(item.value == case_item["value"] for case_item in case.items):
+    if any(item.value == case_item["value"] for case_item in _case.items):
         raise InvalidDataException(f"Observable {item.value} already exists in case {case_id}")
-    observable: Observable = ds.observable.get_if_exists(key=item.value, as_obj=True)
+    observable = ds.observable.get(key=item.value)
     if observable is None:
         raise NotFoundException(f"Observable {item.value} not found, cannot be added to case")
-    item.id = item.value
     if item.path == "related/":
         item.path = f"observables/{observable.howler.id}"
-    case.items.append(item)
+    _case.items.append(item)
-    if not datastore().case.save(case.case_id, case):
-        raise DataStoreException(f"Failed to save {case.case_id} with new item {item.value}")
+    if not datastore().case.save(_case.case_id, _case):
+        raise DataStoreException(f"Failed to save {_case.case_id} with new item {item.value}")
-    add_backreference(observable, case.case_id)
+    _add_backreference(observable, _case.case_id)
+    _sync_case_metadata(case_id)
 def append_case(case_id: str, item: CaseItem):
@@ -393,30 +394,28 @@ def append_case(case_id: str, item: CaseItem):
     """
     ds = datastore()
-    case: Case = ds.case.get_if_exists(key=case_id, as_obj=True)
+    _case = ds.case.get(key=case_id)
-    if case is None:
+    if _case is None:
         raise NotFoundException(f"Case {case_id} does not exist")
-    if any(item.value == case_item["value"] for case_item in case.items):
+    if any(item.value == case_item["value"] for case_item in _case.items):
         raise InvalidDataException(f"Observable {item.value} already exists in case {case_id}")
-    referenced_case: Case = ds.case.get_if_exists(key=item.value, as_obj=True)
+    referenced_case = ds.case.get(item.value)
     if referenced_case is None:
         raise NotFoundException(f"Referenced case {item.value} not found, cannot be added to case")
-    item.id = item.value
     if item.path == "related/":
         item.path = "cases/"
     item.path += f"{referenced_case.case_id}"
-    case.items.append(item)
+    _case.items.append(item)
-    if not datastore().case.save(case.case_id, case):
-        raise DataStoreException(f"Failed to save {case.case_id} with new item {item.value}")
+    if not datastore().case.save(_case.case_id, _case):
+        raise DataStoreException(f"Failed to save {_case.case_id} with new item {item.value}")
 def append_table(case_id: str, item: CaseItem):
@@ -464,7 +463,67 @@ def append_reference(case_id: str, item: CaseItem):
     raise NotImplementedError
-def add_backreference(backing_obj: Hit | Observable, case_id: str):
+def _collect_indicators_from_related(related: Related | None) -> set[str]:
+    """Extract all indicator values from a Related ECS compound object."""
+    if related is None:
+        return set()
+    indicators: set[str] = set()
+    for key in related.fields().keys():
+        value = related[key]
+        if value:
+            indicators.update(str(v) for v in value if v)
+    return indicators
+def _sync_case_metadata(case_id: str) -> None:  # noqa: C901
+    """Re-compute and persist threat/target/indicator lists from all case items.
+    Iterates over hit and observable items in the case and re-derives the
+    ``targets``, ``threats``, and ``indicators`` lists from the backing
+    objects' ECS ``related.*`` fields and, for hits, the outline fields.
+    """
+    ds = datastore()
+    _case = ds.case.get(case_id)
+    if _case is None:
+        return
+    targets: set[str] = set()
+    threats: set[str] = set()
+    indicators: set[str] = set()
+    for item in _case.items:
+        if item.type == CaseItemTypes.HIT and item.value:
+            hit = ds.hit.get(item.value)
+            if hit is None:
+                continue
+            indicators.update(_collect_indicators_from_related(hit.related))
+            if hit.howler.outline:
+                outline = hit.howler.outline
+                if outline.threat:
+                    threats.add(outline.threat)
+                if outline.target:
+                    targets.add(outline.target)
+                if outline.indicators:
+                    indicators.update(str(v) for v in outline.indicators if v)
+        elif item.type == CaseItemTypes.OBSERVABLE and item.value:
+            observable = ds.observable.get(item.value)
+            if observable is None:
+                continue
+            indicators.update(_collect_indicators_from_related(observable.related))
+    _case.targets = sorted(targets)
+    _case.threats = sorted(threats)
+    _case.indicators = sorted(indicators)
+    ds.case.save(case_id, _case)
+def _add_backreference(backing_obj: Hit | Observable | None, case_id: str):
     """Add a back-reference from a hit or observable to a case.
     Records the case ID in the backing object's ``howler.related_ids`` set so
@@ -491,7 +550,7 @@ def add_backreference(backing_obj: Hit | Observable, case_id: str):
     datastore()[backing_obj.__class__.__name__.lower()].save(backing_obj.howler.id, backing_obj)
-def remove_backreference(backing_obj: Hit | Observable, case_id: str):
+def remove_backreference(backing_obj: Hit | Observable | None, case_id: str):
     """Remove a back-reference from a hit or observable to a case.
     Removes the case ID from the backing object's ``howler.related`` list
@@ -533,7 +592,7 @@ def remove_case_item(case_id: str, item_value: str):
     """
     ds = datastore()
-    _case = ds.case.get(key=case_id, as_obj=True)
+    _case = ds.case.get(key=case_id)
     if not _case:
         raise NotFoundException(f"Case {case_id} does not exist")
@@ -543,16 +602,15 @@ def remove_case_item(case_id: str, item_value: str):
         raise NotFoundException(f"Case item {item_value} does not exist")
     backing_obj: Hit | Observable | None = None
-    match case_item.type:
-        case CaseItemTypes.HIT:
-            backing_obj = datastore().hit.get(case_item.id)
-        case CaseItemTypes.OBSERVABLE:
-            backing_obj = datastore().observable.get(case_item.id)
+    if case_item.type in [CaseItemTypes.HIT, CaseItemTypes.OBSERVABLE]:
+        backing_obj = ds[case_item.type].get(case_item.value)
     _case.items.remove(case_item)
-    if not datastore().case.save(_case.case_id, _case):
+    if not ds.case.save(_case.case_id, _case):
         raise DataStoreException("Failed to save case after item removal")
     if backing_obj:
         remove_backreference(backing_obj, _case.case_id)
+    _sync_case_metadata(case_id)

{howler_api-4.0.0.dev596 → howler_api-4.0.0.dev642}/howler/services/dossier_service.py RENAMED Viewed

@@ -235,7 +235,9 @@ def update_dossier(dossier_id: str, dossier_data: dict[str, Any], user: User) ->
         raise InvalidDataException("We were unable to update the dossier.", cause=e) from e
-def get_matching_dossiers(hit: dict[str, Any], dossiers: list[dict[str, Any]] | None = None):
+def get_matching_dossiers(
+    hit: dict[str, Any], dossiers: list[dict[str, Any]] | None = None, username: str | None = None
+):
     """Get a list of dossiers that match a specific security alert/hit.
     This function evaluates each dossier's query against the provided hit data
@@ -256,7 +258,7 @@ def get_matching_dossiers(hit: dict[str, Any], dossiers: list[dict[str, Any]] |
     # Retrieve all dossiers if none provided
     if dossiers is None:
         dossiers = datastore().dossier.search(
-            "dossier_id:*",
+            f"type:global OR owner:{username}" if username else "type:global",
             as_obj=False,
             # TODO: Eventually implement caching here
             rows=1000,

{howler_api-4.0.0.dev596 → howler_api-4.0.0.dev642}/howler/services/hit_service.py RENAMED Viewed

@@ -800,7 +800,7 @@ def __match_metadata(candidates: list[dict[str, Any]], hit: dict[str, Any]) -> O
     return sorted(matching_candidates, key=functools.cmp_to_key(__compare_metadata))[0]
-def augment_metadata(data: list[dict[str, Any]] | dict[str, Any] | None, metadata: list[str], user: dict[str, Any]):  # noqa: C901
+def augment_metadata(data: list[dict[str, Any]] | dict[str, Any] | None, metadata: list[str], user: User):  # noqa: C901
     """Augment hit search results with additional metadata.
     This function enriches hit data by adding related information such as templates,
@@ -831,7 +831,7 @@ def augment_metadata(data: list[dict[str, Any]] | dict[str, Any] | None, metadat
     logger.debug("Augmenting %s hits with %s", len(hits), ",".join(metadata))
     if "template" in metadata:
-        template_candidates = template_service.get_matching_templates(hits, as_odm=False, uname=user["uname"])
+        template_candidates = template_service.get_matching_templates(hits, as_odm=False, uname=user.uname)
         logger.debug("\tRetrieved %s matching templates", len(template_candidates))
@@ -864,11 +864,11 @@ def augment_metadata(data: list[dict[str, Any]] | dict[str, Any] | None, metadat
     if "dossiers" in metadata:
         dossiers: list[dict[str, Any]] = datastore().dossier.search(
-            "dossier_id:*",
+            f"type:global OR owner:{user.uname}",
             as_obj=False,
             # TODO: Eventually implement caching here
             rows=1000,
         )["items"]
         for hit in hits:
-            hit["__dossiers"] = dossier_service.get_matching_dossiers(hit, dossiers)
+            hit["__dossiers"] = dossier_service.get_matching_dossiers(hit, dossiers, username=user.uname)

{howler_api-4.0.0.dev596 → howler_api-4.0.0.dev642}/howler/services/lucene_service.py RENAMED Viewed

@@ -60,12 +60,14 @@ class LuceneProcessor(TreeVisitor):
         for child in node.children:
             child_context = self.child_context(node, child, context)
             for result in self.visit_iter(child, context=child_context):
-                # If we run across a MUST or MUST NOT (plus, probhit) object and the value doesn't match, we immediately
-                # shortcircuit and return false.
+                # If we run across a MUST or MUST NOT (plus, prohibit) object and the value doesn't match, we
+                # immediately shortcircuit and return false.
+                # NOTE: visit_prohibit already negates the inner result, so a violated MUST NOT arrives here as
+                # False (not True). We therefore short-circuit on `not result` rather than `result`.
                 if isinstance(child, Plus) and not result:
                     yield False
                     return
-                elif isinstance(child, Prohibit) and result:
+                elif isinstance(child, Prohibit) and not result:
                     yield False
                     return

{howler_api-4.0.0.dev596 → howler_api-4.0.0.dev642}/pyproject.toml RENAMED Viewed

@@ -152,7 +152,7 @@ suppress-none-returning = true
 [tool.poetry]
 package-mode = true
 name = "howler-api"
-version = "4.0.0.dev596"
+version = "4.0.0.dev642"
 description = "Howler - API server"
 authors = [
     "Canadian Centre for Cyber Security <howler@cyber.gc.ca>",
@@ -208,7 +208,7 @@ gunicorn = "23.0.0"
 packaging = "<25.0"
 passlib = "1.7.4"
 prometheus-client = "0.24.1"
-pyjwt = "2.11.0"
+pyjwt = "2.12.1"
 python-baseconv = "1.2.2"
 python-datemath = "3.0.3"
 pyyaml = "6.0.3"
@@ -233,7 +233,7 @@ bcrypt = "4.3.0"
 [tool.poetry.group.dev.dependencies]
 pre-commit = "^3.7.0"
 ruff = ">=0.8,<0.16"
-pyright = {extras = ["nodejs"], version = "^1.1.408"}
+pyright = { extras = ["nodejs"], version = "^1.1.408" }
 mypy = "^1.6.1"
 [tool.poetry.group.test.dependencies]