141 lines
6.3 KiB
Markdown
141 lines
6.3 KiB
Markdown
# Python Dependencies
|
|
|
|
All Python modules used in the GDPR Scanner project, with a short explanation of each.
|
|
|
|
## Third-party packages (install via `pip install -r requirements.txt`)
|
|
|
|
### Web server
|
|
| Module | Purpose |
|
|
|---|---|
|
|
| `flask` | Web server and API routing for both the GDPRScanner UI |
|
|
|
|
### Microsoft 365 authentication and API
|
|
| Module | Purpose |
|
|
|---|---|
|
|
| `msal` | Microsoft Authentication Library — handles OAuth2 device code flow (delegated) and client credentials (application) for Microsoft Graph API access |
|
|
| `requests` | HTTP client used for all Microsoft Graph API calls |
|
|
|
|
### PDF handling
|
|
| Module | Purpose |
|
|
|---|---|
|
|
| `pdfplumber` | Text extraction from PDFs with a selectable text layer — fast and accurate for native PDFs |
|
|
| `pdf2image` | Converts PDF pages to images (via Poppler) for OCR processing of scanned/image-based PDFs |
|
|
| `pytesseract` | Python wrapper for the Tesseract OCR engine — extracts text from rasterised PDF pages and images |
|
|
| `pypdf` | PDF metadata reading and low-level page manipulation |
|
|
| `reportlab` | Fallback PDF redaction via overlay rendering — used when PyMuPDF is unavailable |
|
|
| `pymupdf` (fitz) | Physically removes the text layer from PDFs — preferred GDPR-compliant redaction method |
|
|
|
|
### Document formats
|
|
| Module | Purpose |
|
|
|---|---|
|
|
| `python-docx` | Read and write `.docx` Word documents; also used to generate the Article 30 Register of Processing Activities report |
|
|
| `openpyxl` | Read and write `.xlsx` Excel files — used for the scan result export workbook |
|
|
| `img2pdf` | Converts images to PDF for archiving redacted output |
|
|
|
|
### Image processing and face detection
|
|
| Module | Purpose |
|
|
|---|---|
|
|
| `opencv-python` (cv2) | Face detection in images via Haar cascade classifiers; also used for face blurring during anonymisation |
|
|
| `numpy` | Array operations required internally by OpenCV |
|
|
| `Pillow` (PIL) | Image manipulation — thumbnail generation, format conversion, image resizing |
|
|
|
|
### NLP / Named Entity Recognition
|
|
| Module | Purpose |
|
|
|---|---|
|
|
| `spacy` | NLP engine for Danish Named Entity Recognition — detects person names, addresses, and organisations in text. Requires the `da_core_news_lg` model (~500 MB) |
|
|
|
|
### Archive scanning
|
|
| Module | Purpose |
|
|
|---|---|
|
|
| `py7zr` | 7-Zip archive support — allows the scanner to inspect `.7z` compressed files |
|
|
|
|
### Desktop app packaging
|
|
| Module | Purpose |
|
|
|---|---|
|
|
| `pywebview` | Renders the Flask web UI inside a native OS window, creating a macOS `.app` or Windows `.exe` without requiring a browser |
|
|
| `pystray` | System tray icon integration for the desktop app builds |
|
|
| `pyinstaller` | Packages the Python application and all dependencies into a standalone executable |
|
|
| `pyinstaller-hooks-contrib` | Community-maintained hooks that help PyInstaller correctly bundle complex packages like spaCy and OpenCV |
|
|
|
|
---
|
|
|
|
## Standard library modules (no installation needed)
|
|
|
|
### Data storage
|
|
| Module | Purpose |
|
|
|---|---|
|
|
| `sqlite3` | SQLite database — stores scan results, CPR index (hashed), dispositions, deletion audit log, and scan history in `~/.gdpr_scanner.db` |
|
|
| `json` | Config files, checkpoint files, language files, API request/response serialisation |
|
|
| `zipfile` | Database export/import archive creation and reading; also used in the PyInstaller build process |
|
|
| `csv` | CSV file scanning support in the Document Scanner |
|
|
|
|
### Security and hashing
|
|
| Module | Purpose |
|
|
|---|---|
|
|
| `hashlib` | SHA-256 hashing of CPR numbers before storage — raw CPR values are never written to the database |
|
|
| `secrets` | Cryptographically secure random values (used in auth state parameters) |
|
|
|
|
### File system and paths
|
|
| Module | Purpose |
|
|
|---|---|
|
|
| `pathlib` | Cross-platform file and directory path handling throughout the codebase |
|
|
| `tempfile` | Temporary files for PDF and image processing — avoids leaving artefacts on disk |
|
|
| `shutil` | File copy and directory tree operations used in the build scripts |
|
|
|
|
### Networking and email
|
|
| Module | Purpose |
|
|
|---|---|
|
|
| `smtplib` | SMTP email delivery for the headless report feature — supports STARTTLS and SMTPS/SSL |
|
|
| `email` | Email message construction (MIME) for the SMTP report feature |
|
|
|
|
### Text and pattern matching
|
|
| Module | Purpose |
|
|
|---|---|
|
|
| `re` | Regular expression engine — CPR pattern matching, phone numbers, IBANs, email addresses, Danish bank account numbers |
|
|
|
|
### Concurrency
|
|
| Module | Purpose |
|
|
|---|---|
|
|
| `threading` | Background scan thread so the Flask web UI stays responsive during long scans |
|
|
| `queue` | Server-Sent Events message queue — passes scan results from the background thread to the browser |
|
|
| `concurrent.futures` | `ProcessPoolExecutor` for parallel OCR processing of multi-page PDFs |
|
|
|
|
### I/O and streams
|
|
| Module | Purpose |
|
|
|---|---|
|
|
| `io` | In-memory byte streams for generating Excel and Word documents without writing to disk |
|
|
| `struct` | Binary data unpacking (used in some PDF processing paths) |
|
|
|
|
### Date and time
|
|
| Module | Purpose |
|
|
|---|---|
|
|
| `time` | Unix timestamps for scan records, audit log entries, and token expiry tracking |
|
|
| `datetime` | Human-readable date/time formatting for reports, filenames, and retention cutoff calculations |
|
|
|
|
### System and process
|
|
| Module | Purpose |
|
|
|---|---|
|
|
| `platform` | Detects the operating system for macOS/Windows-specific code paths |
|
|
| `subprocess` | Launches Tesseract and Poppler as external processes for OCR and PDF rendering |
|
|
| `argparse` | CLI argument parsing for `--headless`, `--reset-db`, `--export-db`, `--import-db` etc. |
|
|
| `sys` | Python runtime access — sys.exit(), sys.path, sys.version |
|
|
| `os` | Environment variables and low-level file operations |
|
|
|
|
### Encoding and serialisation
|
|
| Module | Purpose |
|
|
|---|---|
|
|
| `base64` | Encodes thumbnail images as base64 strings for embedding in JSON API responses |
|
|
| `struct` | Binary format parsing used in some document processing paths |
|
|
|
|
---
|
|
|
|
## External system dependencies (not Python packages)
|
|
|
|
These must be installed separately — the installers (`install_windows.ps1`, `install_macos.sh`) handle this automatically.
|
|
|
|
| Tool | Purpose |
|
|
|---|---|
|
|
| Tesseract OCR | The OCR engine called by `pytesseract` — required for scanning image-based PDFs |
|
|
| Tesseract language packs | `dan` (Danish) and `eng` (English) language data files for Tesseract |
|
|
| Poppler | PDF rendering tools (`pdftoppm`, `pdfinfo`) required by `pdf2image` |
|