Security updates (#2773)

* update Dockerfile fix FromAsCasing: 'as' and 'FROM' keywords' casing do not match upgrade pip * security patches * use bookworm repository instead of main
onaio · Feb 3, 2025 · 41f0dee · 41f0dee
1 parent 86e0d79
commit 41f0dee
Show file tree

Hide file tree

Showing 6 changed files with 9 additions and 8 deletions.
diff --git a/docker/onadata-uwsgi/Dockerfile.ubuntu b/docker/onadata-uwsgi/Dockerfile.ubuntu
@@ -28,7 +28,8 @@ RUN chown -R appuser:appuser /home/appuser/.pyenv
 USER appuser
 
 # hadolint ignore=DL3013
-RUN python -m pip install --no-cache-dir -U pip && \
+RUN python -m pip install --upgrade pip && \
+    python -m pip install --no-cache-dir -U pip && \
     python -m pip install --no-cache-dir -r requirements/base.pip && \
     python -m pip install --no-cache-dir -r requirements/s3.pip && \
     python -m pip install --no-cache-dir -r requirements/ses.pip && \
@@ -58,12 +59,12 @@ RUN python -m pip install --no-cache-dir -r requirements/docs.pip && \
     make -C docs html
 
 
-FROM debian:bookworm-20241202 as runtime
+FROM debian:bookworm-20250113 AS runtime
 
 ENV DEBIAN_FRONTEND=noninteractive
 
 # Install prerequisite packages
-RUN echo "deb http://deb.debian.org/debian unstable main non-free contrib" >> /etc/apt/sources.list \
+RUN echo "deb http://deb.debian.org/debian bookworm main non-free contrib" >> /etc/apt/sources.list \
     && apt-get update -q \
     && apt-get install -y --no-install-recommends locales netcat-traditional \
     && sed -i '/en_US.UTF-8/s/^# //g' /etc/locale.gen \

diff --git a/requirements/azure.pip b/requirements/azure.pip
@@ -22,7 +22,7 @@ cryptography==43.0.1
     # via
     #   -r requirements/azure.in
     #   azure-storage-blob
-django==4.2.17
+django==4.2.18
     # via
     #   -r requirements/azure.in
     #   django-storages

diff --git a/requirements/base.pip b/requirements/base.pip
@@ -88,7 +88,7 @@ deprecated==1.2.14
     # via onadata
 dict2xml==1.7.5
     # via onadata
-django==4.2.17
+django==4.2.18
     # via
     #   django-activity-stream
     #   django-cors-headers

diff --git a/requirements/dev.pip b/requirements/dev.pip
@@ -104,7 +104,7 @@ dill==0.3.8
     # via pylint
 distlib==0.3.8
     # via virtualenv
-django==4.2.17
+django==4.2.18
     # via
     #   django-activity-stream
     #   django-cors-headers

diff --git a/requirements/s3.pip b/requirements/s3.pip
@@ -12,7 +12,7 @@ botocore==1.34.134
     # via
     #   boto3
     #   s3transfer
-django==4.2.17
+django==4.2.18
     # via
     #   -r requirements/s3.in
     #   django-storages

diff --git a/requirements/ses.pip b/requirements/ses.pip
@@ -14,7 +14,7 @@ botocore==1.34.134
     # via
     #   boto3
     #   s3transfer
-django==4.2.17
+django==4.2.18
     # via
     #   -r requirements/ses.in
     #   django-ses