[Snyk] Security upgrade python from 3.9 to 3.13.11#15
[Snyk] Security upgrade python from 3.9 to 3.13.11#15trongthanht3 wants to merge 1 commit intomainfrom
Conversation
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-DEBIAN13-IMAGEMAGICK-13615061 - https://snyk.io/vuln/SNYK-DEBIAN13-IMAGEMAGICK-13615061 - https://snyk.io/vuln/SNYK-DEBIAN13-IMAGEMAGICK-13615061 - https://snyk.io/vuln/SNYK-DEBIAN13-IMAGEMAGICK-13615061 - https://snyk.io/vuln/SNYK-DEBIAN13-IMAGEMAGICK-13615061
There was a problem hiding this comment.
Pull request overview
This PR upgrades the Python base image in the backend Docker container from Python 3.9 to 3.13.11 to address security vulnerabilities, specifically an Integer Overflow vulnerability in ImageMagick (SNYK-DEBIAN13-IMAGEMAGICK-13615061). The upgrade is part of an automated Snyk security fix.
Key Changes:
- Updates Python base image version from 3.9 to 3.13.11 in backend.dockerfile
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| @@ -1,4 +1,4 @@ | |||
| FROM python:3.9 | |||
| FROM python:3.13.11 | |||
There was a problem hiding this comment.
The pyproject.toml file specifies Python version constraint as "^3.9" which allows Python 3.9.x through 3.x (but not 4.0). While Python 3.13 falls within this range, the major version jump from 3.9 to 3.13 introduces several breaking changes and new features that may affect compatibility with dependencies. Consider updating the pyproject.toml Python version constraint to reflect the minimum supported version after this upgrade (e.g., "^3.13" if dropping support for older versions, or testing to ensure all dependencies work with both 3.9 and 3.13).
| FROM python:3.13.11 | |
| FROM python:3.9 |
Snyk has created this PR to fix 1 vulnerabilities in the dockerfile dependencies of this project.
Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.
Snyk changed the following file(s):
docker/backend.dockerfileWe recommend upgrading to
python:3.13.11, as this image has only 189 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.Vulnerabilities that will be fixed with an upgrade:
SNYK-DEBIAN13-IMAGEMAGICK-13615061
SNYK-DEBIAN13-IMAGEMAGICK-13615061
SNYK-DEBIAN13-IMAGEMAGICK-13615061
SNYK-DEBIAN13-IMAGEMAGICK-13615061
SNYK-DEBIAN13-IMAGEMAGICK-13615061
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Integer Overflow or Wraparound