diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 80d5913..ffe9f77 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -29,11 +29,11 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize CodeQL - uses: github/codeql-action/init@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3.27.9 + uses: github/codeql-action/init@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0 with: languages: "python" - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3.27.9 + uses: github/codeql-action/analyze@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0 with: category: "/language:python" diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml index 8ce6875..bef13d6 100644 --- a/.github/workflows/mega-linter.yml +++ b/.github/workflows/mega-linter.yml @@ -51,7 +51,7 @@ jobs: # Upload MegaLinter artifacts - name: Archive production artifacts if: ${{ success() || failure() }} - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: MegaLinter reports path: | diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index ddca689..c5fdc58 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -44,6 +44,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3.27.9 + uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0 with: sarif_file: results.sarif diff --git a/Dockerfile b/Dockerfile index 739255b..225d0c0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM cgr.dev/chainguard/python:latest-dev@sha256:912ce75048fac19785891f3ab53f4ccd3ac714d920aaf6e5f8919bb25e109126 AS builder +FROM cgr.dev/chainguard/python:latest-dev@sha256:5e6ca9b750521d933b0bb572dd66bbb0a33c5b11f1e827d83b5e2255e2d9f057 AS builder ENV PATH=$PATH:/home/nonroot/.local/bin @@ -10,7 +10,7 @@ ENV PATH=/home/nonroot/.local/bin:$PATH RUN wget -q -O - https://install.python-poetry.org | python - RUN poetry install --no-root; -FROM cgr.dev/chainguard/python:latest@sha256:2d14d0505ffe2d03b1cef2675dec60b3d1da3576732a127249058655cecf64dc +FROM cgr.dev/chainguard/python:latest@sha256:8485986f5483c93e0e154a6dd186695c0b218eab68ae6e72573df506b3cffdb2 USER nonroot ENV DB_HOST localhost ENV DB_NAME postgres diff --git a/pyproject.toml b/pyproject.toml index 9d23e1e..abba16a 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -10,16 +10,16 @@ readme = "README.md" python = "^3.12" fastapi = "0.115.6" psycopg2-binary = "2.9.10" -pydantic = "2.10.3" +pydantic = "2.10.4" sqlalchemy = "2.0.36" -uvicorn = "0.32.1" +uvicorn = "0.34.0" requests = "2.32.3" -certifi = "2024.8.30" +certifi = "2024.12.14" cvss = "3.3" defusedxml = "0.7.1" packageurl-python = "0.16.0" idna = "3.10" -starlette = "0.41.3" +starlette = "0.42.0" [build-system]