Update backend requirements - security hardening

2026-02-13 13:01:22 +01:00
parent d9f3de9468
commit 9ccde7ca37
3 changed files with 11 additions and 5 deletions
--- a/backend/Dockerfile
+++ b/backend/Dockerfile
@@ -1,4 +1,4 @@
-FROM python:3.12-slim AS base
+FROM python:3.13-slim AS base

 ENV PYTHONDONTWRITEBYTECODE=1
 ENV PYTHONUNBUFFERED=1
@@ -6,6 +6,10 @@ ENV PIP_NO_CACHE_DIR=1

 WORKDIR /app

+RUN apt-get update \
+    && apt-get upgrade -y \
+    && rm -rf /var/lib/apt/lists/*
+
 RUN addgroup --system app && adduser --system --ingroup app app

 COPY requirements.txt /app/requirements.txt
--- a/backend/app/core/config.py
+++ b/backend/app/core/config.py
@@ -2,7 +2,7 @@ from functools import lru_cache
 from pydantic import field_validator
 from pydantic_settings import BaseSettings, SettingsConfigDict

-NEXAPG_VERSION = "0.1.4"
+NEXAPG_VERSION = "0.1.7"


 class Settings(BaseSettings):
--- a/backend/requirements.txt
+++ b/backend/requirements.txt
@@ -1,4 +1,5 @@
-fastapi==0.116.1
+fastapi==0.129.0
+starlette==0.52.1
 uvicorn[standard]==0.35.0
 gunicorn==23.0.0
 sqlalchemy[asyncio]==2.0.44
@@ -9,5 +10,6 @@ pydantic-settings==2.11.0
 email-validator==2.2.0
 python-jose[cryptography]==3.5.0
 passlib[argon2]==1.7.4
-cryptography==45.0.7
-python-multipart==0.0.20
+cryptography==46.0.5
+python-multipart==0.0.22
+ecdsa==0.19.1