From b59a9c53095b92c38c0e9f4a1cdd4d9f4a2aa3bf Mon Sep 17 00:00:00 2001 From: jaw12346 Date: Sun, 5 Nov 2023 15:28:58 -0500 Subject: [PATCH] Vulnerability fixes and upgrades (requirements and Python version) --- .github/workflows/django.yml | 2 +- ACMAS/app/ACMAS/settings.py | 2 +- ACMAS/app/Dockerfile | 4 ++-- ACMAS/app/requirements.txt | 6 +++--- ACMAS/docker-compose.yml | 2 +- 5 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/django.yml b/.github/workflows/django.yml index 43c0dc1..2819cc9 100644 --- a/.github/workflows/django.yml +++ b/.github/workflows/django.yml @@ -14,7 +14,7 @@ jobs: strategy: max-parallel: 4 matrix: - python-version: [3.10.7] + python-version: [3.12] steps: - uses: actions/checkout@v3 diff --git a/ACMAS/app/ACMAS/settings.py b/ACMAS/app/ACMAS/settings.py index 5af1173..234da51 100644 --- a/ACMAS/app/ACMAS/settings.py +++ b/ACMAS/app/ACMAS/settings.py @@ -37,7 +37,7 @@ "django.contrib.contenttypes", "django.contrib.sessions", "django.contrib.messages", - "django.contrib.staticfiles", + "django_components.safer_staticfiles", "ACMAS_Web", "django_components", ] diff --git a/ACMAS/app/Dockerfile b/ACMAS/app/Dockerfile index 1285b49..d772582 100644 --- a/ACMAS/app/Dockerfile +++ b/ACMAS/app/Dockerfile @@ -7,7 +7,7 @@ ########### # pull official base image -FROM python:3.11.5-alpine AS builder +FROM python:3.12-alpine AS builder # set work directory WORKDIR /usr/src/app @@ -31,7 +31,7 @@ RUN pip wheel --no-cache-dir --no-deps --wheel-dir /usr/src/app/wheels -r requir ######### # pull official base image -FROM python:3.11.5-alpine +FROM python:3.12-alpine RUN apk update --no-cache #################################### diff --git a/ACMAS/app/requirements.txt b/ACMAS/app/requirements.txt index 30216ba..b166830 100644 --- a/ACMAS/app/requirements.txt +++ b/ACMAS/app/requirements.txt @@ -1,6 +1,6 @@ Django==4.2.7 django-dbbackup==4.0.2 -django_components +django_components==0.29 -psycopg2-binary==2.9.7 -gunicorn==20.1.0 \ No newline at end of file +psycopg2-binary==2.9.9 +gunicorn==21.2.0 \ No newline at end of file diff --git a/ACMAS/docker-compose.yml b/ACMAS/docker-compose.yml index 00fa599..fbff24d 100644 --- a/ACMAS/docker-compose.yml +++ b/ACMAS/docker-compose.yml @@ -26,7 +26,7 @@ services: ports: - "5432:5432" nginx: - image: nginx:1.21-alpine + image: nginx:1.25.3-alpine volumes: - ./nginx/conf.d/:/etc/nginx/conf.d/ - static_files:/home/app/web/staticfiles