studio/people
Archived
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

🔒️(security) upgrade python version to fix vulnerability

Browse Source 
Vulnerability in jaraco.context caused security issue
in setuptools and python3. change python version to fix
see https://github.com/advisories/GHSA-58pv-8j8x-9vj2
This commit is contained in:
Marie PUPO JEAMMET
2026-01-16 10:32:53 +01:00
committed by Marie
parent 9c62efc9f8
commit 5feee53bdd
5 changed files with 7 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/crowdin_upload.yml vendored
View File

@@ -25,7 +25,7 @@ jobs:
- name: Install Python - name: Install Python
uses: actions/setup-python@v3 uses: actions/setup-python@v3
with: with:
python-version: "3.11" python-version: '3.13'
- name: Upgrade pip and setuptools - name: Upgrade pip and setuptools
run: pip install --upgrade pip setuptools run: pip install --upgrade pip setuptools
- name: Install development dependencies - name: Install development dependencies

4
.github/workflows/people.yml vendored
View File

@@ -224,7 +224,7 @@ jobs:
- name: Install Python - name: Install Python
uses: actions/setup-python@v5 uses: actions/setup-python@v5
with: with:
python-version: '3.11' python-version: '3.13'
- name: Install development dependencies - name: Install development dependencies
run: pip install --user .[dev] run: pip install --user .[dev]
- name: Check code formatting with ruff - name: Check code formatting with ruff
@@ -281,7 +281,7 @@ jobs:
- name: Install Python - name: Install Python
uses: actions/setup-python@v5 uses: actions/setup-python@v5
with: with:
python-version: '3.11' python-version: '3.13'
- name: Install development dependencies - name: Install development dependencies
run: pip install --user .[dev] run: pip install --user .[dev]
- name: Install gettext (required to compile messages) - name: Install gettext (required to compile messages)

1
CHANGELOG.md
View File

@@ -8,6 +8,7 @@ and this project adheres to
## [Unreleased] ## [Unreleased]
- 🔒️(security) upgrade python version to fix vulnerability #1010
- 🐛(dimail) allow mailboxes and aliases to have the same local part #986 - 🐛(dimail) allow mailboxes and aliases to have the same local part #986
- 🐛(dimail) ignore oxadmin when importing mailboxes from dimail #986 - 🐛(dimail) ignore oxadmin when importing mailboxes from dimail #986
- ✨(aliases) delete all aliases in one call #1002 - ✨(aliases) delete all aliases in one call #1002

4
Dockerfile
View File

@@ -1,10 +1,10 @@
# Django People # Django People
# ---- base image to inherit from ---- # ---- base image to inherit from ----
FROM python:3.12.6-alpine3.20 AS base FROM python:3.13.11-alpine AS base
# Upgrade pip to its latest release to speed up dependencies installation # Upgrade pip to its latest release to speed up dependencies installation
RUN python -m pip install --upgrade pip setuptools RUN python -m pip install --upgrade pip
# Upgrade system packages to install security updates # Upgrade system packages to install security updates
RUN apk update && \ RUN apk update && \

1
src/backend/pyproject.toml
View File

@@ -52,6 +52,7 @@ dependencies = [
"factory_boy==3.3.3", "factory_boy==3.3.3",
"flower==2.0.1", "flower==2.0.1",
"gunicorn==23.0.0", "gunicorn==23.0.0",
"jaraco.context>=6.1.0",
"joserfc==1.3.0", "joserfc==1.3.0",
"jsonschema==4.25.1", "jsonschema==4.25.1",
"mozilla-django-oidc==4.0.1", "mozilla-django-oidc==4.0.1",