fix: resolver alertas CodeQL y actualizar deps para DoS fix CVE-2025-62727

Neiland85 · Neiland85 · commit bcd8d1fe143c · 2025-12-13T14:42:55.000+01:00
- Eliminar imports no usados en config.py, dependencies.py, operator.py, router_clean.py - Eliminar redundant assignment en api/index.py - Actualizar fastapi 0.116.1 -> 0.124.4 (permite starlette parcheado) - Actualizar starlette 0.47.2 -> 0.49.1 (fix DoS CVE-2025-62727) - Actualizar pydantic 2.7.0 -> 2.9.2, pydantic-settings 2.2.1 -> 2.6.1 - Tests passing: 7/7
diff --git a/api/index.py b/api/index.py
@@ -16,8 +16,6 @@
 from app.main import app
 
 # Vercel expects the app to be named 'app'
-# If your FastAPI app is named differently, change this
-app = app
 
 
 # Optional: Add Vercel-specific middleware or configuration
diff --git a/api/requirements.txt b/api/requirements.txt
@@ -1,10 +1,10 @@
-fastapi==0.116.1
-starlette==0.47.2
+fastapi==0.124.4
+starlette==0.49.1
 uvicorn[standard]==0.38.0
 uvloop==0.21.0
 
-pydantic==2.7.0
-pydantic-settings==2.2.1
+pydantic==2.9.2
+pydantic-settings==2.6.1
 
 python-dotenv==1.0.1
 python-multipart==0.0.20
diff --git a/app/auth/dependencies.py b/app/auth/dependencies.py
@@ -1,4 +1,3 @@
-import os
 from typing import Optional
 
 from fastapi import Depends, HTTPException, Request
diff --git a/app/backoffice/router_clean.py b/app/backoffice/router_clean.py
@@ -12,7 +12,6 @@
 
 from fastapi import APIRouter, HTTPException, Request
 from fastapi.responses import HTMLResponse, JSONResponse
-from fastapi.staticfiles import StaticFiles
 from fastapi.templating import Jinja2Templates
 from pydantic import BaseModel, Field
 
diff --git a/app/config.py b/app/config.py
@@ -5,7 +5,6 @@
 It MUST NOT import FastAPI, routers, or app.main to avoid circular dependencies.
 """
 
-import os
 from functools import lru_cache
 from typing import List
 
diff --git a/app/routers/operator.py b/app/routers/operator.py
@@ -1,5 +1,3 @@
-from typing import List
-
 from fastapi import APIRouter, Depends, HTTPException, Path, status
 from pydantic import BaseModel, Field
 
diff --git a/requirements.txt b/requirements.txt
@@ -1,10 +1,10 @@
-fastapi==0.116.1
-starlette==0.47.2
+fastapi==0.124.4
+starlette==0.49.1
 uvicorn[standard]==0.38.0
 uvloop==0.21.0
 
-pydantic==2.7.0
-pydantic-settings==2.2.1
+pydantic==2.9.2
+pydantic-settings==2.6.1
 
 python-dotenv==1.0.1
 python-multipart==0.0.20

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,3 @@`
`1`		`-import os`
`2`	`1`	`from typing import Optional`
`3`	`2`
`4`	`3`	`from fastapi import Depends, HTTPException, Request`
Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,3 @@`
`1`		`-from typing import List`
`2`		`-`
`3`	`1`	`from fastapi import APIRouter, Depends, HTTPException, Path, status`
`4`	`2`	`from pydantic import BaseModel, Field`
`5`	`3`