Outdated Python Dependencies - Improve Pipeline #11
Description
There are some outdated Python dependencies. E.g. in the control-center container.
These outdated dependencies could be found with a code pipeline. E.g. pip list --outdated or the third party tool safety:
https://pypi.org/project/safety/
The vulns reported in the control-center image by safety.:
root@c7b7705fb10d:/opt/app# safety check
+==============================================================================+
| |
| /$$$$$$ /$$ |
| /$$__ $$ | $$ |
| /$$$$$$$ /$$$$$$ | $$ \__//$$$$$$ /$$$$$$ /$$ /$$ |
| /$$_____/ |____ $$| $$$$ /$$__ $$|_ $$_/ | $$ | $$ |
| | $$$$$$ /$$$$$$$| $$_/ | $$$$$$$$ | $$ | $$ | $$ |
| \____ $$ /$$__ $$| $$ | $$_____/ | $$ /$$| $$ | $$ |
| /$$$$$$$/| $$$$$$$| $$ | $$$$$$$ | $$$$/| $$$$$$$ |
| |_______/ \_______/|__/ \_______/ \___/ \____ $$ |
| /$$ | $$ |
| | $$$$$$/ |
| by pyup.io \______/ |
| |
+==============================================================================+
| REPORT |
| checked 49 packages, using free DB (updated once a month) |
+============================+===========+==========================+==========+
| package | installed | affected | ID |
+============================+===========+==========================+==========+
| urllib3 | 1.26.3 | >=1.26.0,<1.26.4 | 40014 |
| pydantic | 1.8.1 | >=1.8.0a1,<1.8.2 | 40440 |
| pip | 21.0.1 | <21.1 | 40291 |
| fastapi | 0.52.0 | <0.60.2 | 38670 |
| fastapi | 0.52.0 | <0.65.1 | 40443 |
| fastapi | 0.52.0 | <0.65.2 | 40667 |
+==============================================================================+