Skip to content

[Snyk] Security upgrade python from 3.9-slim to 3.14.3-slim#4

Open
dominicusin wants to merge 1 commit intomainfrom
snyk-fix-f9e35dcb780de5c2a0bb935ff7842e25
Open

[Snyk] Security upgrade python from 3.9-slim to 3.14.3-slim#4
dominicusin wants to merge 1 commit intomainfrom
snyk-fix-f9e35dcb780de5c2a0bb935ff7842e25

Conversation

@dominicusin
Copy link
Owner

@dominicusin dominicusin commented Feb 7, 2026

snyk-top-banner

Snyk has created this PR to fix 5 vulnerabilities in the dockerfile dependencies of this project.

Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Snyk changed the following file(s):

  • Dockerfile

We recommend upgrading to python:3.14.3-slim, as this image has only 26 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Vulnerabilities that will be fixed with an upgrade:

Issue Score
low severity CVE-2025-69421
SNYK-DEBIAN13-OPENSSL-15123186		   686  
low severity CVE-2025-15467
SNYK-DEBIAN13-OPENSSL-15123178		   436  
low severity CVE-2025-66199
SNYK-DEBIAN13-OPENSSL-15123183		   436  
low severity CVE-2026-22795
SNYK-DEBIAN13-OPENSSL-15123206		   436  
low severity CVE-2025-11187
SNYK-DEBIAN13-OPENSSL-15123211		   436  

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

@coderabbitai
Copy link

coderabbitai bot commented Feb 7, 2026

Important

Review skipped

Ignore keyword(s) in the title.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

  • 🔍 Trigger a full review
✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch snyk-fix-f9e35dcb780de5c2a0bb935ff7842e25

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@qodo-code-review
Copy link

qodo-code-review bot commented Feb 7, 2026

CI Feedback 🧐

A test triggered by this PR failed. Here is an AI-generated analysis of the failure:

Action: test (macos-latest, 3.11)

Failed stage: Test with pytest [❌]

Failed test name: tests/test_basic.py::test_import

Failure summary:

The action failed because pytest reported 2 failing tests due to an import error in the package:
-
tests/test_basic.py::test_import failed because importing package_maximizer raised
ModuleNotFoundError: No module named 'package_maximizer.core.enums' (triggered via
package_maximizer/init.py:14 importing .core.enums, which then fails in
package_maximizer/core/init.py:3).
- tests/test_basic.py::test_version failed for the same root
cause when executing from package_maximizer import version, which imports
package_maximizer/init.py and again errors on missing package_maximizer.core.enums.
This
indicates the module/file package_maximizer/core/enums.py (or equivalent package path) is missing,
misnamed, or not included in the package structure expected by package_maximizer/init.py.

Relevant error logs: 
1:  ##[group]Runner Image Provisioner
2:  Hosted Compute Agent
...

541:  env:
542:  PYTHON_VERSION: 3.9
543:  pythonLocation: /Users/runner/hostedtoolcache/Python/3.11.9/arm64
544:  PKG_CONFIG_PATH: /Users/runner/hostedtoolcache/Python/3.11.9/arm64/lib/pkgconfig
545:  Python_ROOT_DIR: /Users/runner/hostedtoolcache/Python/3.11.9/arm64
546:  Python2_ROOT_DIR: /Users/runner/hostedtoolcache/Python/3.11.9/arm64
547:  Python3_ROOT_DIR: /Users/runner/hostedtoolcache/Python/3.11.9/arm64
548:  ##[endgroup]
549:  ============================= test session starts ==============================
550:  platform darwin -- Python 3.11.9, pytest-9.0.2, pluggy-1.6.0 -- /Library/Frameworks/Python.framework/Versions/3.11/bin/python
551:  cachedir: .pytest_cache
552:  rootdir: /Users/runner/work/package-maximizer/package-maximizer
553:  configfile: pyproject.toml
554:  plugins: cov-7.0.0
555:  collecting ... collected 3 items
556:  tests/test_basic.py::test_import FAILED                                  [ 33%]
557:  tests/test_basic.py::test_basic_functionality PASSED                     [ 66%]
558:  tests/test_basic.py::test_version FAILED                                 [100%]
559:  =================================== FAILURES ===================================
560:  _________________________________ test_import __________________________________
561:  def test_import():
562:  """Тест импорта основных модулей"""
563:  try:
564:  >           import package_maximizer
565:  tests/test_basic.py:7: 
566:  _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
567:  package_maximizer/__init__.py:14: in <module>
568:  from .core.enums import PackageManagerType, SolverType
569:  _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
570:  """Основные компоненты Package Maximizer"""
571:  >   from .enums import PackageManagerType, SolverType
572:  E   ModuleNotFoundError: No module named 'package_maximizer.core.enums'
573:  package_maximizer/core/__init__.py:3: ModuleNotFoundError
574:  During handling of the above exception, another exception occurred:
575:  def test_import():
576:  """Тест импорта основных модулей"""
577:  try:
578:  import package_maximizer
579:  assert hasattr(package_maximizer, "__version__")
580:  assert package_maximizer.__version__ == "0.1.0"
581:  except ImportError:
582:  >           assert False, "Не удалось импортировать package_maximizer"
583:  E           AssertionError: Не удалось импортировать package_maximizer
584:  E           assert False
585:  tests/test_basic.py:12: AssertionError
586:  _________________________________ test_version _________________________________
587:  def test_version():
588:  """Тест версии пакета"""
589:  >       from package_maximizer import __version__
590:  tests/test_basic.py:23: 
591:  _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
592:  package_maximizer/__init__.py:14: in <module>
593:  from .core.enums import PackageManagerType, SolverType
594:  _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
595:  """Основные компоненты Package Maximizer"""
596:  >   from .enums import PackageManagerType, SolverType
597:  E   ModuleNotFoundError: No module named 'package_maximizer.core.enums'
598:  package_maximizer/core/__init__.py:3: ModuleNotFoundError
599:  ================================ tests coverage ================================
...

601:  Name                                      Stmts   Miss  Cover
602:  -------------------------------------------------------------
603:  package_maximizer/__init__.py                 9      4    56%
604:  package_maximizer/analyzers/__init__.py       0      0   100%
605:  package_maximizer/cli/__init__.py             0      0   100%
606:  package_maximizer/config/__init__.py          0      0   100%
607:  package_maximizer/core/__init__.py            5      4    20%
608:  package_maximizer/parsers/__init__.py         0      0   100%
609:  package_maximizer/solvers/__init__.py         0      0   100%
610:  package_maximizer/utils/__init__.py           0      0   100%
611:  package_maximizer/web/__init__.py             0      0   100%
612:  -------------------------------------------------------------
613:  TOTAL                                        14      8    43%
614:  Coverage XML written to file coverage.xml
615:  =========================== short test summary info ============================
616:  FAILED tests/test_basic.py::test_import - AssertionError: Не удалось импортировать package_maximizer
617:  assert False
618:  FAILED tests/test_basic.py::test_version - ModuleNotFoundError: No module named 'package_maximizer.core.enums'
619:  ========================= 2 failed, 1 passed in 0.05s ==========================
620:  ##[error]Process completed with exit code 1.
621:  Post job cleanup.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@dominicusin @snyk-bot