fix: Dockerfile to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-DEBIAN12-GNUTLS28-8705121 - https://snyk.io/vuln/SNYK-DEBIAN12-LIBTASN16-8689970 - https://snyk.io/vuln/SNYK-DEBIAN12-ZLIB-6008963 - https://snyk.io/vuln/SNYK-DEBIAN12-KRB5-8679228 - https://snyk.io/vuln/SNYK-DEBIAN12-GLIBC-8658672
updating deps
2025-12-06 14:17:19 +00:00 · 2025-02-18 05:16:01 +00:00 · 2024-04-15 16:23:56 +01:00
4 changed files with 13 additions and 16 deletions
--- a/7
+++ b/7
@@ -1,4 +1,4 @@
-FROM python:3.12-slim-bookworm
+FROM python:3.13.2-slim-bookworm
 ENV PYTHONFAULTHANDLER=1 \
    PYTHONHASHSEED=random \
@@ -15,8 +15,11 @@ WORKDIR /src
 COPY . /src/
 RUN  echo "deb http://ftp.uk.debian.org/debian bookworm non-free non-free-firmware" > /etc/apt/sources.list.d/non-free.list
 RUN apt update \
-    && apt install -y npm cron unrar-free libmariadb-dev libpq-dev pkg-config swig \
+    && apt install -y npm cron unrar libmariadb-dev libpq-dev pkg-config swig \
    && pip install --upgrade pip \
    && pip install -r requirements.txt \
    && cd frontend \
--- a/frontend/package-lock.json
+++ b/frontend/package-lock.json
@@ -11,7 +11,7 @@
        "@fortawesome/fontawesome-svg-core": "^6.1.2",
        "@fortawesome/free-solid-svg-icons": "^6.1.2",
        "@fortawesome/vue-fontawesome": "^3.0.1",
-        "axios": "^1.6.0",
+        "axios": "^0.27.2",
        "bootstrap": "^5.2.0",
        "hammerjs": "^2.0.8",
        "jwt-decode": "^3.1.2",
@@ -3740,13 +3740,12 @@
      }
    },
    "node_modules/axios": {
-      "version": "1.6.0",
+      "version": "0.27.2",
-      "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.0.tgz",
+      "resolved": "https://registry.npmjs.org/axios/-/axios-0.27.2.tgz",
-      "integrity": "sha512-EZ1DYihju9pwVB+jg67ogm+Tmqc6JmhamRN6I4Zt8DfZu5lbcQGw3ozH9lFejSJgs/ibaef3A9PMXPLeefFGJg==",
+      "integrity": "sha512-t+yRIyySRTp/wua5xEr+z1q60QmLq8ABsS5O9Me1AsE5dfKqgnCFzwiCZZ/cGNd1lq4/7akDWMxdhVlucjmnOQ==",
      "dependencies": {
-        "follow-redirects": "^1.15.0",
+        "follow-redirects": "^1.14.9",
-        "form-data": "^4.0.0",
+        "form-data": "^4.0.0"
        "proxy-from-env": "^1.1.0"
      }
    },
    "node_modules/babel-loader": {
@@ -9797,11 +9796,6 @@
        "node": ">= 0.10"
      }
    },
    "node_modules/proxy-from-env": {
      "version": "1.1.0",
      "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz",
      "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg=="
    },
    "node_modules/pseudomap": {
      "version": "1.0.2",
      "resolved": "https://registry.npmjs.org/pseudomap/-/pseudomap-1.0.2.tgz",
--- a/frontend/package.json
+++ b/frontend/package.json
@@ -11,7 +11,7 @@
    "@fortawesome/fontawesome-svg-core": "^6.1.2",
    "@fortawesome/free-solid-svg-icons": "^6.1.2",
    "@fortawesome/vue-fontawesome": "^3.0.1",
-    "axios": "^1.6.0",
+    "axios": "^0.27.2",
    "bootstrap": "^5.2.0",
    "hammerjs": "^2.0.8",
    "jwt-decode": "^3.1.2",
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -3,7 +3,7 @@ line_length = 119
 [tool.poetry]
 name = "cbwebreader"
-version = "1.1.7"
+version = "1.1.8"
 description = "CBR/Z Web Reader"
 authors = ["ajurna <ajurna@gmail.com>"]
 license = "Creative Commons Attribution-ShareAlike 4.0 International License"