search

nathanramoscfa / pycgapi

An unofficial Python wrapper for the CoinGecko API
MIT License
3 stars 1 forks source link

[Snyk] Security upgrade python from 3.11-slim to 3.13.0rc2-slim #23

Open nathanramoscfa opened 1 month ago

nathanramoscfa commented 1 month ago

snyk-top-banner

Snyk has created this PR to fix 4 vulnerabilities in the dockerfile dependencies of this project.

Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Snyk changed the following file(s):

We recommend upgrading to python:3.13.0rc2-slim, as this image has only 40 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Vulnerabilities that will be fixed with an upgrade:

Issue Score
critical severity Integer Overflow or Wraparound
SNYK-DEBIAN12-ZLIB-6008963		   500  
low severity Improper Verification of Cryptographic Signature
SNYK-DEBIAN12-APT-1541449		   150  
low severity Improper Verification of Cryptographic Signature
SNYK-DEBIAN12-APT-1541449		   150  
low severity Improper Input Validation
SNYK-DEBIAN12-COREUTILS-1543939		   150  
low severity Arbitrary Code Injection
SNYK-DEBIAN12-SHADOW-5423923		   150  

[!IMPORTANT]

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report 📜 Customise PR templates 🛠 Adjust project settings 📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Improper Input Validation

codecov[bot] commented 1 month ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 99.06%. Comparing base (71af62f) to head (f666e4e).

Additional details and impacted files ```diff @@ Coverage Diff @@ ## main #23 +/- ## ======================================= Coverage 99.06% 99.06% ======================================= Files 2 2 Lines 532 532 Branches 41 41 ======================================= Hits 527 527 Misses 1 1 Partials 4 4 ``` | [Flag](https://app.codecov.io/gh/nathanramoscfa/pycgapi/pull/23/flags?src=pr&el=flags&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Nathan+Ramos%2C+CFA) | Coverage Δ | | |---|---|---| | [unittests](https://app.codecov.io/gh/nathanramoscfa/pycgapi/pull/23/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Nathan+Ramos%2C+CFA) | `99.06% <ø> (ø)` | | Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Nathan+Ramos%2C+CFA#carryforward-flags-in-the-pull-request-comment) to find out more.

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.