Merge pull request #514 from NHSDigital/dependabot/docker/python-3.14.0-alpine3.21

MatMoore · web-flow · commit 73775690c967 · 2025-12-08T09:19:24.000Z
Bump python from 3.13.7-alpine3.21 to 3.14.0-alpine3.21
diff --git a/.github/workflows/stage-3-build.yaml b/.github/workflows/stage-3-build.yaml
@@ -46,7 +46,7 @@ jobs:
   build:
     name: 'Build'
     runs-on: ubuntu-latest
-    timeout-minutes: 4
+    timeout-minutes: 5
     permissions:
       contents: read
       packages: write
diff --git a/.tool-versions b/.tool-versions
@@ -1,8 +1,7 @@
 pre-commit 3.6.0
-python 3.13.7
+python 3.14.0
 nodejs 24.11.0
 uv 0.9.7
-
 # TODO: can we switch all these docker scripts to github actions instead? Or at least something that
 # will be maintained by Dependabot?
 # docker/ghcr.io/gitleaks/gitleaks v8.18.0@sha256:fd2b5cab12b563d2cc538b14631764a1c25577780e3b7dba71657d58da45d9d9 # SEE: https://github.com/gitleaks/gitleaks/pkgs/container/gitleaks
diff --git a/Dockerfile b/Dockerfile
@@ -13,7 +13,7 @@ COPY manage_breast_screening ./manage_breast_screening
 RUN npm ci
 RUN npm run compile
 
-FROM python:3.13.7-alpine3.21@sha256:0c3d4f28025c9adc2c03326aa160dde8f53faaa8684134a0e146e4edca28a946 AS python_builder
+FROM python:3.14.0-alpine3.21@sha256:f1ac9e01293a18a24919826ea8c7bb8f7bbc25497887a0a1cade58801bb83d1c AS python_builder
 
 WORKDIR /app
 
@@ -32,7 +32,7 @@ RUN uv sync --frozen --no-dev --compile-bytecode --no-editable && rm -rf $UV_CAC
 
 #### FINAL RUNTIME IMAGE
 
-FROM python:3.13.7-alpine3.21@sha256:0c3d4f28025c9adc2c03326aa160dde8f53faaa8684134a0e146e4edca28a946
+FROM python:3.14.0-alpine3.21@sha256:f1ac9e01293a18a24919826ea8c7bb8f7bbc25497887a0a1cade58801bb83d1c
 
 # Workaround for CVE-2024-6345 upgrade the installed version of setuptools to the latest version
 RUN pip install -U setuptools
diff --git a/pyproject.toml b/pyproject.toml
@@ -3,7 +3,7 @@ name = "manage-breast-screening"
 version = "0.1.0"
 description = ""
 authors = [{ name = "Your Name", email = "you@example.com" }]
-requires-python = ">=3.13,<4.0.0"
+requires-python = ">=3.14,<4.0.0"
 readme = "README.md"
 license = { text = "MIT" }
 dependencies = [
@@ -62,7 +62,7 @@ addopts = "--doctest-modules"
 markers = [
   "system: mark a test as a system test",
   "integration: mark a test as an integration test",
-  "skip_insights_mock: don't auto use the mock_insights_logging fixture"
+  "skip_insights_mock: don't auto use the mock_insights_logging fixture",
 ]
 
 [tool.ruff]
diff --git a/uv.lock b/uv.lock
