Merge pull request #1083 from pc-bob/BL/fix-security-vulns

update dependencies to fix various high/critical security vulnerabilies
Codium-ai · Aug 1, 2024 · c95a8cd · c95a8cd
2 parents 23ec25c + 346ea8f
commit c95a8cd
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 12 deletions.
diff --git a/docker/Dockerfile b/docker/Dockerfile
@@ -1,41 +1,41 @@
-FROM python:3.10 as base
+FROM python:3.10 AS base
 
 WORKDIR /app
 ADD pyproject.toml .
 ADD requirements.txt .
 RUN pip install . && rm pyproject.toml requirements.txt
 ENV PYTHONPATH=/app
 
-FROM base as github_app
+FROM base AS github_app
 ADD pr_agent pr_agent
 CMD ["python", "-m", "gunicorn", "-k", "uvicorn.workers.UvicornWorker", "-c", "pr_agent/servers/gunicorn_config.py", "--forwarded-allow-ips", "*", "pr_agent.servers.github_app:app"]
 
-FROM base as bitbucket_app
+FROM base AS bitbucket_app
 ADD pr_agent pr_agent
 CMD ["python", "pr_agent/servers/bitbucket_app.py"]
 
-FROM base as bitbucket_server_webhook
+FROM base AS bitbucket_server_webhook
 ADD pr_agent pr_agent
 CMD ["python", "pr_agent/servers/bitbucket_server_webhook.py"]
 
-FROM base as github_polling
+FROM base AS github_polling
 ADD pr_agent pr_agent
 CMD ["python", "pr_agent/servers/github_polling.py"]
 
-FROM base as gitlab_webhook
+FROM base AS gitlab_webhook
 ADD pr_agent pr_agent
 CMD ["python", "pr_agent/servers/gitlab_webhook.py"]
 
-FROM base as azure_devops_webhook
+FROM base AS azure_devops_webhook
 ADD pr_agent pr_agent
 CMD ["python", "pr_agent/servers/azuredevops_server_webhook.py"]
 
-FROM base as test
+FROM base AS test
 ADD requirements-dev.txt .
 RUN pip install -r requirements-dev.txt && rm requirements-dev.txt
 ADD pr_agent pr_agent
 ADD tests tests
 
-FROM base as cli
+FROM base AS cli
 ADD pr_agent pr_agent
 ENTRYPOINT ["python", "pr_agent/cli.py"]
diff --git a/requirements.txt b/requirements.txt
@@ -1,12 +1,12 @@
-aiohttp==3.9.1
+aiohttp==3.9.4
 anthropic[vertex]==0.21.3
 atlassian-python-api==3.41.4
 azure-devops==7.1.0b3
 azure-identity==1.15.0
 boto3==1.33.6
 dynaconf==3.2.4
 fastapi==0.111.0
-GitPython==3.1.32
+GitPython==3.1.41
 google-cloud-aiplatform==1.38.0
 google-cloud-storage==2.10.0
 Jinja2==3.1.2
@@ -24,7 +24,7 @@ tiktoken==0.7.0
 ujson==5.8.0
 uvicorn==0.22.0
 tenacity==8.2.3
-gunicorn==20.1.0
+gunicorn==22.0.0
 # Uncomment the following lines to enable the 'similar issue' tool
 # pinecone-client
 # pinecone-datasets @ git+https://github.com/mrT23/pinecone-datasets.git@main