Overview

This PR migrates our project from pip-based dependency management to Poetry, providing better dependency resolution, environment isolation, and project maintenance. Additionally, it includes security-related improvements and configuration updates.

Changes

Infrastructure Changes

Migrated from pip to Poetry for dependency management
Updated base Docker image from Python 3.11 to 3.10-slim-bullseye for better compatibility
Updated CI configuration to work with Poetry
Removed legacy requirements files in favor of pyproject.toml and poetry.lock
Updated cache paths and environment variables in CI pipeline

Security Improvements

Modified SecurityHeadersMiddleware to conditionally apply security headers -- Content-Security-Policy and X-XSS-Protection headers now skip "/docs" path
Updated RSA package from version 4.2 to 4.7
Enabled JWT checking in application settings

Documentation Updates

Added Poetry documentation to README
Updated local development instructions
Changed dependency references from requirements.txt to pyproject.toml

Testing

The CI pipeline has been updated to run tests using Poetry commands. All tests are passing with the new configuration.

How to Test

Clone this branch
Install Poetry if not already installed (pip install poetry)
Run poetry install to set up the environment
Run poetry run pytest to verify tests pass

Migration to Poetry for Dependency Management