diff --git a/.github/workflows/gating.yaml b/.github/workflows/gating.yaml index 160a27f..d8acdb2 100644 --- a/.github/workflows/gating.yaml +++ b/.github/workflows/gating.yaml @@ -16,12 +16,12 @@ jobs: - uses: actions/checkout@v4 - name: Set up Python - uses: actions/setup-python@v4 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5 with: python-version: "3.12" - name: Install system dependencies - uses: nick-invision/retry@v2 + uses: nick-invision/retry@7152eba30c6575329ac0576536151aca5a72780e # v3 with: timeout_minutes: 10 retry_wait_seconds: 30 @@ -78,7 +78,7 @@ jobs: - uses: actions/checkout@v4 - name: Set up Python - uses: actions/setup-python@v4 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5 with: python-version: "3.12" @@ -122,12 +122,12 @@ jobs: - uses: actions/checkout@v4 - name: Set up Python - uses: actions/setup-python@v4 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5 with: python-version: "3.12" - name: Install system dependencies - uses: nick-invision/retry@v2 + uses: nick-invision/retry@7152eba30c6575329ac0576536151aca5a72780e # v3 with: timeout_minutes: 10 retry_wait_seconds: 30 diff --git a/Dockerfile b/Dockerfile index 31d552a..a960b98 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM quay.io/fedora/python-312:20241120@sha256:aedc5b00a981c671a5dab3c1885f89398b2bf633264542635e3fc3096a56538a AS builder +FROM quay.io/fedora/python-312:20250101@sha256:30e9dd44032e041c4967ec7d20f35929e6c5de30cd6afe0f575f9786e9c90723 AS builder # builder should use root to install/create all files USER root diff --git a/docker-compose.yml b/docker-compose.yml index a523866..7db4802 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -30,7 +30,7 @@ services: retries: 30 waiverdb-db: - image: postgres:14.7-alpine + image: postgres:17.2-alpine@sha256:d37d2c160d34430877c802e5adc22824a2ad453499db9bab1a2ceb2be6c1a46f restart: always env_file: ["docker/waiverdb-db.env"] healthcheck: @@ -38,7 +38,7 @@ services: test: "pg_isready -U postgres" keycloak: - image: quay.io/keycloak/keycloak:24.0.2 + image: quay.io/keycloak/keycloak:26.0.7@sha256:4388e2379b7e870a447adbe7b80bd61f5fbf04e925832b19669fda4957f05a81 ports: - 127.0.0.1:5004:5004 - 127.0.0.1:8080:8080 diff --git a/pyproject.toml b/pyproject.toml index dfee3e4..cee69f8 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -36,7 +36,7 @@ include = [ ] [tool.poetry.dependencies] -python = ">=3.8,<3.13" +python = ">=3.13,<3.14" # https://github.com/lepture/authlib/pull/662 # fix authlib to use correct auth method for token introspection @@ -44,13 +44,13 @@ python = ">=3.8,<3.13" # a fixed stable authlib release authlib = {git = "https://github.com/AdamWill/authlib.git", branch = "oauth2-fix-introspect-endpoint"} -flask = "^2.2.5" +flask = "^3.0.0" flask-oidc = "^2.2.0" flask-session = ">=0.6.0" Flask-SQLAlchemy = "^3.1.1" Flask-Cors = "^5.0.0" Flask-Migrate = "^4.0.5" -itsdangerous = {version = "==2.0.1", optional = true} +itsdangerous = {version = "==2.2.0", optional = true} gssapi = "^1.8.3" python-ldap = "^3.4.3" @@ -77,7 +77,7 @@ fedora-messaging = "^3.4.1" # Tests pytest = {version = "^8.3.3", optional = true} -pytest-cov = {version = "^5.0.0", optional = true} +pytest-cov = {version = "^6.0.0", optional = true} mock = {version = "^5.1.0", optional = true} # Functional Tests @@ -91,9 +91,9 @@ opentelemetry-instrumentation-flask = "^0.46b0" opentelemetry-instrumentation-sqlalchemy = "^0.46b0" # Documentation -sphinx = {version = "^7.1.1", optional = true} +sphinx = {version = "^8.0.0", optional = true} sphinxcontrib-httpdomain = {version = "^1.8.1", optional = true} -markupsafe = {version = "==2.1.5", optional = true} +markupsafe = {version = "==3.0.2", optional = true} pydantic = "^2.9.2" Flask-Pydantic = "^0.12.0" flask-restx = "^1.3.0"