Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): bump python from 3.11.7-slim-bookworm to 3.12.2-slim-bookworm #354

Closed
wants to merge 118 commits into from
Closed

chore(deps): bump python from 3.11.7-slim-bookworm to 3.12.2-slim-bookworm #354

wants to merge 118 commits into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Feb 8, 2024
edited
Loading

Bumps python from 3.11.7-slim-bookworm to 3.12.2-slim-bookworm.

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

snyk-bot and others added 30 commits July 6, 2023 01:11
@snyk-bot
fix: docker/Dockerfile.armhf to reduce vulnerabilities
8582a89 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-DEBIAN11-OPENSSL-3368735
- https://snyk.io/vuln/SNYK-DEBIAN11-OPENSSL-5291773
- https://snyk.io/vuln/SNYK-DEBIAN11-OPENSSL-5291777
- https://snyk.io/vuln/SNYK-DEBIAN11-OPENSSL-5661566
- https://snyk.io/vuln/SNYK-DEBIAN11-OPENSSL-5661566
@snyk-bot
fix: requirements.txt to reduce vulnerabilities
2f3a5a2 
The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5777683
@snyk-bot
fix: requirements.txt to reduce vulnerabilities
ea04fa6 
The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-5798483
@snyk-bot
fix: requirements.txt to reduce vulnerabilities
882b2f7 
The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5813745
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5813746
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5813750
@snyk-bot
fix: docker/Dockerfile.armhf to reduce vulnerabilities
fff59c2 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-DEBIAN11-OPENSSL-3368735
- https://snyk.io/vuln/SNYK-DEBIAN11-OPENSSL-3368735
- https://snyk.io/vuln/SNYK-DEBIAN11-OPENSSL-5291773
- https://snyk.io/vuln/SNYK-DEBIAN11-OPENSSL-5291777
- https://snyk.io/vuln/SNYK-DEBIAN11-OPENSSL-5661566
@snyk-bot
fix: docker/Dockerfile.armhf to reduce vulnerabilities
4dc89b6 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-DEBIAN11-OPENSSL-3368735
- https://snyk.io/vuln/SNYK-DEBIAN11-OPENSSL-3368735
- https://snyk.io/vuln/SNYK-DEBIAN11-OPENSSL-5291773
- https://snyk.io/vuln/SNYK-DEBIAN11-OPENSSL-5291777
- https://snyk.io/vuln/SNYK-DEBIAN11-OPENSSL-5661566
@snyk-bot
fix: docker/Dockerfile.armhf to reduce vulnerabilities
f132d62 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-DEBIAN11-OPENSSL-3368735
- https://snyk.io/vuln/SNYK-DEBIAN11-OPENSSL-3368735
- https://snyk.io/vuln/SNYK-DEBIAN11-OPENSSL-5291773
- https://snyk.io/vuln/SNYK-DEBIAN11-OPENSSL-5291777
- https://snyk.io/vuln/SNYK-DEBIAN11-OPENSSL-5661566
@snyk-bot
fix: requirements.txt to reduce vulnerabilities
1064ba7 
The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5914629
@snyk-bot
fix: requirements-freqai.txt to reduce vulnerabilities
bac6a1f 
The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-5918878
@snyk-bot
fix: requirements.txt to reduce vulnerabilities
a286446 
The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-PYDANTIC-5907722
@snyk-bot
fix: requirements.txt to reduce vulnerabilities
8ce0c81 
The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-PYDANTIC-5926694
@snyk-bot
fix: requirements.txt to reduce vulnerabilities
54b2cd0 
The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-5926907
@snyk-bot
fix: docker/Dockerfile.armhf to reduce vulnerabilities
90da97f 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-DEBIAN11-GLIBC-5927133
- https://snyk.io/vuln/SNYK-DEBIAN11-GLIBC-5927133
- https://snyk.io/vuln/SNYK-DEBIAN11-NCURSES-5421197
- https://snyk.io/vuln/SNYK-DEBIAN11-NCURSES-5421197
- https://snyk.io/vuln/SNYK-DEBIAN11-NCURSES-5421197
@snyk-bot
fix: requirements.txt to reduce vulnerabilities
53e482b 
The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-6002459
@snyk-bot
fix: requirements-freqai.txt to reduce vulnerabilities
5476cad 
The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321964
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321966
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321970
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-5918878
@xsa-dev
Merge pull request #253 from xsa-dev/snyk-fix-c2f0658a39d91c39fc168f3…
4655363 
…b06a4ce13
@snyk-bot
fix: requirements-freqai.txt to reduce vulnerabilities
3b04352 
The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321964
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321966
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321970
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-5918878
@snyk-bot
fix: requirements.txt to reduce vulnerabilities
eb28aec 
The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6036192
@xsa-dev
Merge branch 'freqtrade:develop' into develop
0b2a37a
@snyk-bot
fix: docker/Dockerfile.armhf to reduce vulnerabilities
64d1366 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-DEBIAN11-GLIBC-5927133
- https://snyk.io/vuln/SNYK-DEBIAN11-GLIBC-5927133
- https://snyk.io/vuln/SNYK-DEBIAN11-NCURSES-5421197
- https://snyk.io/vuln/SNYK-DEBIAN11-NCURSES-5421197
- https://snyk.io/vuln/SNYK-DEBIAN11-NCURSES-5421197
@snyk-bot
fix: docker/Dockerfile.armhf to reduce vulnerabilities
a7d94ba 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-DEBIAN11-GLIBC-5927133
- https://snyk.io/vuln/SNYK-DEBIAN11-GLIBC-5927133
- https://snyk.io/vuln/SNYK-DEBIAN11-NCURSES-5421197
- https://snyk.io/vuln/SNYK-DEBIAN11-NCURSES-5421197
- https://snyk.io/vuln/SNYK-DEBIAN11-NCURSES-5421197
@xsa-dev
Merge branch 'freqtrade:develop' into develop
1c0e622
@xsa-dev
Merge branch 'freqtrade:develop' into develop
314bb66
@dependabot
Bump scikit-learn from 1.1.3 to 1.3.2
6cc70fd 
Bumps [scikit-learn](https://github.com/scikit-learn/scikit-learn) from 1.1.3 to 1.3.2.
- [Release notes](https://github.com/scikit-learn/scikit-learn/releases)
- [Commits](scikit-learn/scikit-learn@1.1.3...1.3.2)

---
updated-dependencies:
- dependency-name: scikit-learn
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@snyk-bot
fix: docker/Dockerfile.armhf to reduce vulnerabilities
a643c46 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-DEBIAN11-GLIBC-5927133
- https://snyk.io/vuln/SNYK-DEBIAN11-GLIBC-5927133
- https://snyk.io/vuln/SNYK-DEBIAN11-NCURSES-5421197
- https://snyk.io/vuln/SNYK-DEBIAN11-NCURSES-5421197
- https://snyk.io/vuln/SNYK-DEBIAN11-OPENSSL-3368735
@xsa-dev
Merge branch 'freqtrade:develop' into develop
92fe222
@snyk-bot
fix: requirements.txt to reduce vulnerabilities
4cb5a2a 
The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6092044
@snyk-bot
fix: docker/Dockerfile.armhf to reduce vulnerabilities
ef5baf7 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-DEBIAN11-GLIBC-5927133
- https://snyk.io/vuln/SNYK-DEBIAN11-GLIBC-5927133
- https://snyk.io/vuln/SNYK-DEBIAN11-NCURSES-5421197
- https://snyk.io/vuln/SNYK-DEBIAN11-NCURSES-5421197
- https://snyk.io/vuln/SNYK-DEBIAN11-NCURSES-5421197
@xsa-dev
Merge branch 'freqtrade:develop' into develop
840dad6
@snyk-bot
fix: requirements-freqai.txt to reduce vulnerabilities
03515a2 
The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-FONTTOOLS-6133203
xsa-dev and others added 23 commits January 26, 2024 11:08
@xsa-dev
Merge pull request #231 from xsa-dev/snyk-fix-76963d7a6d676347a75f1ee…
c0b37bb 
…4c84cc0a6

[Snyk] Security upgrade pydantic from 2.3.0 to 2.4.0
@xsa-dev
Merge branch 'develop' into snyk-fix-176ea099dbab023d47a53873ca849099
ccd4a28
@xsa-dev
Merge pull request #316 from xsa-dev/snyk-fix-176ea099dbab023d47a5387…
1828172 
…3ca849099

[Snyk] Security upgrade fonttools from 4.38.0 to 4.43.0
@xsa-dev
Merge branch 'develop' into snyk-fix-b1be591ed9395036d0e658e440812886
41ee0b2
@xsa-dev
Merge pull request #320 from xsa-dev/snyk-fix-b1be591ed9395036d0e658e…
b2fe24c 
…440812886

[Snyk] Fix for 11 vulnerabilities
@xsa-dev
Merge branch 'develop' into snyk-fix-211a5afe0a2ab0f97dd03bee2fbbe48d
ef5b4ca
@xsa-dev
Merge pull request #322 from xsa-dev/snyk-fix-211a5afe0a2ab0f97dd03be…
7de40d5 
…e2fbbe48d

[Snyk] Fix for 10 vulnerabilities
@snyk-bot
fix: requirements-freqai.txt to reduce vulnerabilities
407790e 
The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-FONTTOOLS-6133203
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321964
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321966
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321970
@xsa-dev
Merge branch 'develop' into snyk-fix-d182d64243359b51d2ac903e90b8cb39
199ebbf
@xsa-dev
Merge pull request #325 from xsa-dev/snyk-fix-d182d64243359b51d2ac903…
e458bf1 
…e90b8cb39

[Snyk] Fix for 5 vulnerabilities
@xsa-dev
Merge pull request #327 from xsa-dev/snyk-fix-65accae55f244e45935b2b3…
5dc8784 
…ada47db31

[Snyk] Fix for 4 vulnerabilities
@xsa-dev
Merge pull request #324 from xsa-dev/snyk-fix-36c26a8f16f10c0e4378b96…
d5bd167 
…a5d329382

[Snyk] Fix for 3 vulnerabilities
@snyk-bot
fix: requirements.txt to reduce vulnerabilities
84e8bf1 
The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6091621
- https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6091622
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6092044
@xsa-dev
Merge pull request #328 from xsa-dev/snyk-fix-6af27529f8e958427311a08…
b501426 
…1c8d5ab8b

[Snyk] Fix for 3 vulnerabilities
@snyk-bot
fix: requirements.txt to reduce vulnerabilities
229098d 
The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6050294
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6126975
@xsa-dev
Merge pull request #330 from xsa-dev/snyk-fix-6046bb06b38c53315f31e58…
a63c03b 
…559fcba96

[Snyk] Security upgrade cryptography from 41.0.6 to 42.0.0
@dependabot
chore(deps): bump peter-evans/dockerhub-description from 3 to 4
efb2a90 
Bumps [peter-evans/dockerhub-description](https://github.com/peter-evans/dockerhub-description) from 3 to 4.
- [Release notes](https://github.com/peter-evans/dockerhub-description/releases)
- [Commits](peter-evans/dockerhub-description@v3...v4)

---
updated-dependencies:
- dependency-name: peter-evans/dockerhub-description
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@snyk-bot
fix: requirements.txt to reduce vulnerabilities
495ac9a 
The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6149518
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6157248
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6210214
@xsa-dev
Merge pull request #342 from xsa-dev/snyk-fix-c9fa9978d4c87bbe943ca32…
38a1ecd 
…c660c24b9

[Snyk] Security upgrade cryptography from 42.0.0 to 42.0.2
@xsa-dev
Merge pull request #341 from xsa-dev/dependabot/github_actions/develo…
a51643b 
…p/peter-evans/dockerhub-description-4

chore(deps): bump peter-evans/dockerhub-description from 3 to 4
@snyk-bot
fix: requirements-freqai.txt to reduce vulnerabilities
f00a2cd 
The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219984
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219986
@xsa-dev
Merge pull request #345 from xsa-dev/snyk-fix-a1dcb96d68e5d859611eb3c…
6cea9ea 
…dceca636f

[Snyk] Security upgrade pillow from 9.5.0 to 10.2.0
@dependabot
chore(deps): bump python
6a9f696 
Bumps python from 3.11.7-slim-bookworm to 3.12.2-slim-bookworm.

---
updated-dependencies:
- dependency-name: python
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file docker Pull requests that update Docker code labels Feb 8, 2024
@dependabot dependabot bot mentioned this pull request Feb 8, 2024
Closed
@dependabot Dependabot
Copy link
Author

dependabot bot commented on behalf of github Apr 10, 2024

Superseded by #409.

@dependabot dependabot bot closed this Apr 10, 2024
@dependabot dependabot bot deleted the dependabot/docker/python-3.12.2-slim-bookworm branch April 10, 2024 20:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file docker Pull requests that update Docker code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@snyk-bot @xsa-dev