Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: update dependencies #36

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

chore: update dependencies #36

wants to merge 3 commits into from

Conversation

m-revetria
Copy link
Member

Type of change

  • Fix
  • Story
  • Chore

Description of the change

Update all dependencies in project and setup dependabot (only docker now, because it's not compatible with poetry v2: dependabot/dependabot-core#11237)

$ poetry show --outdated
pydantic-core 2.27.2 2.28.0 Core functionality for Pydantic validation and serialization
wtforms       3.1.2  3.2.1  Form validation and rendering for Python web development.

Notice pydantic-core and wtforms are transitive dependencies that can't be updated because they are locked in their dependent packages.

Docker scout analysis:

Main branch This branch
image image

Critical CVE is related to jose-jwt: https://scout.docker.com/vulnerabilities/id/CVE-2024-33663

Related PRs

N/A

@m-revetria m-revetria requested a review from a team February 3, 2025 14:18
@m-revetria m-revetria force-pushed the chore/update-dependencies branch from ab204ae to 1689877 Compare February 3, 2025 14:22
@m-revetria
Copy link
Member Author

updated dependencies on Feb, 13th

gastonsalgueiro
gastonsalgueiro reviewed Feb 13, 2025
View reviewed changes
.vscode/settings.json
Comment on lines +1 to +7
{
"python.testing.unittestEnabled": false,
"python.testing.pytestArgs": [
"src/tests"
],
"python.testing.pytestEnabled": true
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we move this to devcontainer.json file, under customizations -> vscode -> settings ?

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What's the difference? Is there a reason why this shouldn't be here? As it is now, it works within the dev container and also in the host's environment.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gastonsalgueiro gastonsalgueiro gastonsalgueiro left review comments

@mrevetria-sp mrevetria-sp mrevetria-sp left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@m-revetria @gastonsalgueiro @mrevetria-sp