ROB-1486 CVE (#441)

RoiGlinik · web-flow · commit 79680eef7ce8 · 2025-07-07T10:54:23.000+03:00
diff --git a/enforcer/Dockerfile b/enforcer/Dockerfile
@@ -1,15 +1,9 @@
-# Use the official Python 3.12 slim image as the base image
-FROM python:3.12-slim
+FROM python:3.12-alpine
 ENV LANG=C.UTF-8
 ENV PYTHONDONTWRITEBYTECODE=1
 ENV PYTHONUNBUFFERED=1
 ENV PATH="/app/venv/bin:$PATH"
 
-# We're installing here libexpat1, to upgrade the package to include a fix to 3 high CVEs. CVE-2024-45491,CVE-2024-45490,CVE-2024-45492
-RUN apt-get update \
-    && apt-get install -y --no-install-recommends libexpat1 \
-    && rm -rf /var/lib/apt/lists/*
-
 # Set the working directory
 WORKDIR /app/enforcer
 
diff --git a/enforcer/requirements.txt b/enforcer/requirements.txt
@@ -1,4 +1,4 @@
-fastapi==0.109.2
+fastapi==0.115.12
 uvicorn==0.27.1
 pydantic==2.6.1
 supabase==2.5
