mirror of
https://github.com/recklessop/Zerto_Exporter.git
synced 2026-07-03 16:03:15 -04:00
Bump to Python 3.14.3-slim, fix 9 CVEs, remove leaked PyPI token
- Dockerfile: python:3.13-slim -> python:3.14.3-slim (stable as of Feb 2026)
- certifi: 2023.7.22 -> >=2024.7.4 (CVE-2024-39689, LOW)
- idna: 3.4 -> >=3.7 (CVE-2024-3651, MEDIUM)
- requests: 2.32.0 -> >=2.32.4 (CVE-2024-47081, MEDIUM)
- urllib3: 2.0.6 -> >=2.6.3 (6 CVEs including 3 HIGH decompression/redirect)
- Add app/.pypirc and .pypirc to .gitignore to prevent future token leaks
NOTE: PyPI token was previously committed at 21f32e5 - rotate at pypi.org.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
+1
-1
@@ -1,4 +1,4 @@
|
||||
FROM python:3.13-slim
|
||||
FROM python:3.14.3-slim
|
||||
|
||||
EXPOSE 9999
|
||||
|
||||
|
||||
Reference in New Issue
Block a user