[Snyk] Security upgrade python from 3.11-slim to 3.13.0b1-slim #201

2024-05-10T07:08:53+02:00

luketainton commented

2024-05-10 07:08:53 +02:00

(Migrated from github.com)

This PR was automatically created by Snyk using the credentials of a real user.

Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Changes included in this PR

Dockerfile

We recommend upgrading to python:3.13.0b1-slim, as this image has only 50 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Some of the most important vulnerabilities in your base image include:

Priority Score / 1000	Issue	Exploit Maturity
182	Out-of-Bounds SNYK-DEBIAN12-GLIBC-1547196	No Known Exploit
182	Out-of-Bounds SNYK-DEBIAN12-GLIBC-1547196	No Known Exploit
169	Allocation of Resources Without Limits or Throttling SNYK-DEBIAN12-SYSTEMD-6277507	No Known Exploit
182	CVE-2005-2541 SNYK-DEBIAN12-TAR-1560620	No Known Exploit
264	Integer Overflow or Wraparound SNYK-DEBIAN12-ZLIB-6008963	No Known Exploit

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Allocation of Resources Without Limits or Throttling

This PR was automatically created by Snyk using the credentials of a real user. Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image. #### Changes included in this PR - Dockerfile We recommend upgrading to `python:3.13.0b1-slim`, as this image has only 50 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected. Some of the most important vulnerabilities in your base image include: | Severity | Priority Score / 1000 | Issue | Exploit Maturity | | :------: | :-------------------- | :---- | :--------------- | | ![low severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/l.png "low severity") | **182** | Out-of-Bounds [SNYK-DEBIAN12-GLIBC-1547196](https://snyk.io/vuln/SNYK-DEBIAN12-GLIBC-1547196) | No Known Exploit | | ![low severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/l.png "low severity") | **182** | Out-of-Bounds [SNYK-DEBIAN12-GLIBC-1547196](https://snyk.io/vuln/SNYK-DEBIAN12-GLIBC-1547196) | No Known Exploit | | ![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png "high severity") | **169** | Allocation of Resources Without Limits or Throttling [SNYK-DEBIAN12-SYSTEMD-6277507](https://snyk.io/vuln/SNYK-DEBIAN12-SYSTEMD-6277507) | No Known Exploit | | ![low severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/l.png "low severity") | **182** | CVE-2005-2541 [SNYK-DEBIAN12-TAR-1560620](https://snyk.io/vuln/SNYK-DEBIAN12-TAR-1560620) | No Known Exploit | | ![critical severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/c.png "critical severity") | **264** | Integer Overflow or Wraparound [SNYK-DEBIAN12-ZLIB-6008963](https://snyk.io/vuln/SNYK-DEBIAN12-ZLIB-6008963) | No Known Exploit | --- **Note:** _You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs._ For more information: <img src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiI1YzFkZDc0ZS0yNmQ2LTQyNWMtOWFjYS02YjM5MzFjMjViYWUiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjVjMWRkNzRlLTI2ZDYtNDI1Yy05YWNhLTZiMzkzMWMyNWJhZSJ9fQ==" width="0" height="0"/> 🧐 [View latest project report](https://app.snyk.io/org/luketainton/project/bb2acb95-6cb0-453b-8345-ae0e1c4cc3fb?utm_source=github&utm_medium=referral&page=fix-pr) 🛠 [Adjust project settings](https://app.snyk.io/org/luketainton/project/bb2acb95-6cb0-453b-8345-ae0e1c4cc3fb?utm_source=github&utm_medium=referral&page=fix-pr/settings) [//]: # 'snyk:metadata:{"prId":"5c1dd74e-26d6-425c-9aca-6b3931c25bae","prPublicId":"5c1dd74e-26d6-425c-9aca-6b3931c25bae","dependencies":[{"name":"python","from":"3.11-slim","to":"3.13.0b1-slim"}],"packageManager":"dockerfile","projectPublicId":"bb2acb95-6cb0-453b-8345-ae0e1c4cc3fb","projectUrl":"https://app.snyk.io/org/luketainton/project/bb2acb95-6cb0-453b-8345-ae0e1c4cc3fb?utm_source=github&utm_medium=referral&page=fix-pr","type":"auto","patch":[],"vulns":["SNYK-DEBIAN12-ZLIB-6008963","SNYK-DEBIAN12-GLIBC-1547196","SNYK-DEBIAN12-TAR-1560620","SNYK-DEBIAN12-SYSTEMD-6277507"],"upgrade":["SNYK-DEBIAN12-GLIBC-1547196","SNYK-DEBIAN12-GLIBC-1547196","SNYK-DEBIAN12-SYSTEMD-6277507","SNYK-DEBIAN12-TAR-1560620","SNYK-DEBIAN12-ZLIB-6008963"],"isBreakingChange":false,"env":"prod","prType":"fix","templateVariants":["updated-fix-title","priorityScore"],"priorityScoreList":[264,182,182,169],"remediationStrategy":"vuln"}' --- **Learn how to fix vulnerabilities with free interactive lessons:** 🦉 [Allocation of Resources Without Limits or Throttling](https://learn.snyk.io/lesson/no-rate-limiting/?loc=fix-pr)

sonarqubecloud[bot] commented

2024-05-10 07:10:14 +02:00

(Migrated from github.com)

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud

## [![Quality Gate Passed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/qg-passed-20px.png 'Quality Gate Passed')](https://sonarcloud.io/dashboard?id=luketainton_roboluke-tasks&pullRequest=201) **Quality Gate passed** Issues ![](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/passed-16px.png '') [0 New issues](https://sonarcloud.io/project/issues?id=luketainton_roboluke-tasks&pullRequest=201&resolved=false&sinceLeakPeriod=true) ![](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/accepted-16px.png '') [0 Accepted issues](https://sonarcloud.io/component_measures?id=luketainton_roboluke-tasks&pullRequest=201&metric=new_accepted_issues&view=list) Measures ![](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/passed-16px.png '') [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=luketainton_roboluke-tasks&pullRequest=201&resolved=false&sinceLeakPeriod=true) ![](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/no-data-16px.png '') No data about Coverage ![](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/passed-16px.png '') [0.0% Duplication on New Code](https://sonarcloud.io/component_measures?id=luketainton_roboluke-tasks&pullRequest=201&metric=new_duplicated_lines_density&view=list) [See analysis details on SonarCloud](https://sonarcloud.io/dashboard?id=luketainton_roboluke-tasks&pullRequest=201)

sonarqubecloud[bot] commented

2024-08-28 00:05:30 +02:00

(Migrated from github.com)

Quality Gate failed

Failed conditions
D Maintainability Rating on New Code (required ≥ A)

See analysis details on SonarCloud

Catch issues before they fail your Quality Gate with our IDE extension SonarLint

## [![Quality Gate Failed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/qg-failed-20px.png 'Quality Gate Failed')](https://sonarcloud.io/dashboard?id=luketainton_roboluke-tasks&pullRequest=201) **Quality Gate failed** Failed conditions ![](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/failed-16px.png '') [D Maintainability Rating on New Code](https://sonarcloud.io/dashboard?id=luketainton_roboluke-tasks&pullRequest=201) (required ≥ A) [See analysis details on SonarCloud](https://sonarcloud.io/dashboard?id=luketainton_roboluke-tasks&pullRequest=201) ## ![](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/light_bulb-16px.png '') Catch issues before they fail your Quality Gate with our IDE extension ![](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/sonarlint-16px.png '') [SonarLint](https://www.sonarsource.com/products/sonarlint/features/connected-mode/?referrer=pull-request)

sonarqubecloud[bot] commented

2024-11-28 22:21:39 +01:00

(Migrated from github.com)

Quality Gate failed

Failed conditions
1 Security Hotspot
D Maintainability Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

## [![Quality Gate Failed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/qg-failed-20px.png 'Quality Gate Failed')](https://sonarcloud.io/dashboard?id=luketainton_roboluke-tasks&pullRequest=201) **Quality Gate failed** Failed conditions ![](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/failed-16px.png '') [1 Security Hotspot](https://sonarcloud.io/project/security_hotspots?id=luketainton_roboluke-tasks&pullRequest=201&issueStatuses=OPEN,CONFIRMED&sinceLeakPeriod=true) ![](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/failed-16px.png '') [D Maintainability Rating on New Code](https://sonarcloud.io/dashboard?id=luketainton_roboluke-tasks&pullRequest=201) (required ≥ A) [See analysis details on SonarQube Cloud](https://sonarcloud.io/dashboard?id=luketainton_roboluke-tasks&pullRequest=201) ## ![](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/light_bulb-16px.png '') Catch issues before they fail your Quality Gate with our IDE extension ![](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/sonarlint-16px.png '') [SonarQube for IDE](https://www.sonarsource.com/products/sonarlint/features/connected-mode/?referrer=pull-request)

Pull request closed

Please reopen this pull request to perform a merge.

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: repos/roboluke#201