fix(deps): update all dependencies (#536)

renovate[bot] · web-flow · commit 1551cdf3fa74 · 2025-12-06T08:38:49.000Z
Co-authored-by: renovate[bot] &lt;29139614+renovate[bot]@users.noreply.github.com&gt;
diff --git a/.github/workflows/build-push-chart.yml b/.github/workflows/build-push-chart.yml
@@ -15,7 +15,7 @@ name: Build/Push Image and Release Charts
 permissions: read-all
 jobs:
   setenv:
-    uses: ortelius/workflow-toolkit/.github/workflows/env-config-workflow.yml@438b5318171d213a1388be4bf4ce1f84dafed25c # v1.0.167
+    uses: ortelius/workflow-toolkit/.github/workflows/env-config-workflow.yml@a0751e4c6e2039e275bb92fd3716ea51fd8a325e # v1.0.168
     with:
       gh_head_ref: ${{ github.head_ref }}
       gh_ref_name: ${{ github.ref_name }}
@@ -27,7 +27,7 @@ jobs:
     permissions:
       id-token: write
       contents: write
-    uses: ortelius/workflow-toolkit/.github/workflows/container-release-workflow.yml@438b5318171d213a1388be4bf4ce1f84dafed25c # v1.0.167
+    uses: ortelius/workflow-toolkit/.github/workflows/container-release-workflow.yml@a0751e4c6e2039e275bb92fd3716ea51fd8a325e # v1.0.168
     needs: setenv
     with:
       gh_repository_owner: ${{ github.repository_owner }}
@@ -44,7 +44,7 @@ jobs:
     permissions:
       security-events: write
       statuses: write
-    uses: ortelius/workflow-toolkit/.github/workflows/trivy-scan-workflow.yml@438b5318171d213a1388be4bf4ce1f84dafed25c # v1.0.167
+    uses: ortelius/workflow-toolkit/.github/workflows/trivy-scan-workflow.yml@a0751e4c6e2039e275bb92fd3716ea51fd8a325e # v1.0.168
     needs:
       - setenv
       - release
@@ -56,7 +56,7 @@ jobs:
   helm:
     permissions:
       contents: write
-    uses: ortelius/workflow-toolkit/.github/workflows/helm-release-workflow.yml@438b5318171d213a1388be4bf4ce1f84dafed25c # v1.0.167
+    uses: ortelius/workflow-toolkit/.github/workflows/helm-release-workflow.yml@a0751e4c6e2039e275bb92fd3716ea51fd8a325e # v1.0.168
     needs:
       - setenv
       - release
@@ -76,7 +76,7 @@ jobs:
       GPG_KEY: ${{ secrets.GPG_KEY }}
       gh_token: ${{ secrets.HELM_INDEXER_TOKEN }}
   sbom:
-    uses: ortelius/workflow-toolkit/.github/workflows/sbom-generation-workflow.yml@438b5318171d213a1388be4bf4ce1f84dafed25c # v1.0.167
+    uses: ortelius/workflow-toolkit/.github/workflows/sbom-generation-workflow.yml@a0751e4c6e2039e275bb92fd3716ea51fd8a325e # v1.0.168
     needs:
       - setenv
       - release
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -29,11 +29,11 @@ jobs:
         uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6
+        uses: github/codeql-action/init@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7
         with:
           languages: "python"
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6
+        uses: github/codeql-action/analyze@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7
         with:
           category: "/language:python"
diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml
@@ -62,7 +62,7 @@ jobs:
       - name: Create Pull Request with applied fixes
         id: cpr
         if: steps.ml.outputs.has_updated_sources == 1 && (env.APPLY_FIXES_EVENT == 'all' || env.APPLY_FIXES_EVENT == github.event_name) && env.APPLY_FIXES_MODE == 'pull_request' && (github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository) && !contains(github.event.head_commit.message, 'skip fix')
-        uses: peter-evans/create-pull-request@84ae59a2cdc2258d6fa0732dd66352dddae2a412 # v7.0.9
+        uses: peter-evans/create-pull-request@22a9089034f40e5a961c8808d113e2c98fb63676 # v7.0.11
         with:
           token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }}
           commit-message: "[MegaLinter] Apply linters automatic fixes"
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
@@ -44,6 +44,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6
+        uses: github/codeql-action/upload-sarif@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7
         with:
           sarif_file: results.sarif
diff --git a/Dockerfile b/Dockerfile
@@ -1,4 +1,4 @@
-FROM cgr.dev/chainguard/python:latest-dev@sha256:aa61c7202aa7308f33e2472d457dc7c0a4aafa4b30060f583e1687b7e3ef604c AS builder
+FROM cgr.dev/chainguard/python:latest-dev@sha256:6c8b993b7f1024b286e15c77d73a6681eb56f766ddb09f3ee0d90f3b5152ba49 AS builder
 
 COPY . /app
 
diff --git a/poetry.lock b/poetry.lock
diff --git a/pyproject.toml b/pyproject.toml
@@ -8,7 +8,7 @@ readme = "README.md"
 
 [tool.poetry.dependencies]
 python = "^3.12"
-fastapi = "0.123.9"
+fastapi = "0.123.10"
 psycopg2-binary = "2.9.11"
 pydantic = "2.12.5"
 sqlalchemy = "2.0.44"

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-FROM cgr.dev/chainguard/python:latest-dev@sha256:aa61c7202aa7308f33e2472d457dc7c0a4aafa4b30060f583e1687b7e3ef604c AS builder`
	`1`	`+FROM cgr.dev/chainguard/python:latest-dev@sha256:6c8b993b7f1024b286e15c77d73a6681eb56f766ddb09f3ee0d90f3b5152ba49 AS builder`
`2`	`2`
`3`	`3`	`COPY . /app`
`4`	`4`