[Snyk] Security upgrade python from 3.12.0rc2-slim-bullseye to 3.13.0a2-slim-bullseye (#105)

* fix: Dockerfile to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-DEBIAN11-GLIBC-5927133
- https://snyk.io/vuln/SNYK-DEBIAN11-GLIBC-5927133
- https://snyk.io/vuln/SNYK-DEBIAN11-NCURSES-5421197
- https://snyk.io/vuln/SNYK-DEBIAN11-NCURSES-5421197
- https://snyk.io/vuln/SNYK-DEBIAN11-NCURSES-5421197

* Update Dockerfile with dependency installations

* Update Dockerfile to upgrade pip and install dependencies and removed gcc install

* Update Dockerfile to install additional
dependencies

* Fix Dockerfile dependencies installation

* Refactor Dockerfile installation commands

* Fix Dockerfile dependencies installation

* Update requirements.txt

* Fix Dockerfile dependencies installation order

* Update Python version in Dockerfile

* Update Dockerfile and fixed compile issues locally.

---------

Co-authored-by: snyk-bot <[email protected]>
Co-authored-by: Ismoh <[email protected]>

Author: Ismoh

.vscode/settings.json

@@ -0,0 +1,7 @@
+{
+    "cSpell.words": [
+        "esolve",
+        "venv",
+        "virtualenv"
+    ]
+}

Dockerfile

@@ -1,10 +1,12 @@
-# action will be executed in a python3 container
-FROM python:3.12.0rc2-slim-bullseye
-# copy requirements.txt to the container
-COPY requirements.txt /requirements.txt
-# install dependencies
-RUN pip install -r /requirements.txt
-# copy main.py to the container
-COPY main.py /main.py
-# run main.py
-CMD [ "python", "/main.py"]
+FROM python:3.13.0a2-slim-bullseye
+
+ENV VIRTUAL_ENV=/opt/venv
+RUN python3 -m venv $VIRTUAL_ENV
+ENV PATH="$VIRTUAL_ENV/bin:$PATH"
+
+COPY requirements.txt .
+RUN pip3 install --only-binary=:all: -r requirements.txt
+
+COPY main.py .
+
+CMD [ "python3", "/main.py"]

README.md

@@ -3,14 +3,13 @@
 [![test `pull_request`](https://img.shields.io/github/actions/workflow/status/ismoh-games/find-linked-issues/test.yml?event=pull_request&label=test%20%60pull_request%60&style=for-the-badge)](https://github.com/Ismoh-Games/find-linked-issues/actions/workflows/test.yml)
 [![test `pull_request_target`](https://img.shields.io/github/actions/workflow/status/ismoh-games/find-linked-issues/test.yml?event=pull_request_target&label=test%20%60pull_request_target%60&style=for-the-badge)](https://github.com/Ismoh-Games/find-linked-issues/actions/workflows/test.yml)
 
-Marketplace action for finding the linked issues of a pull request. 
+Marketplace action for finding the linked issues of a pull request.
 
 ## Usage
 
 Make use of GitHub's [keywords](https://docs.github.com/en/issues/tracking-your-work-with-issues/linking-a-pull-request-to-an-issue#linking-a-pull-request-to-an-issue-using-a-keyword) to link issues to a pull request by default.\
 You can also do this [manually](https://docs.github.com/en/issues/tracking-your-work-with-issues/linking-a-pull-request-to-an-issue#manually-linking-a-pull-request-or-branch-to-an-issue-using-the-issue-sidebar) in the 'development' section of the pull request sidebar on the right.
 
-
 ### Inputs and outputs
 
 | Name INPUTS                        | Description                                                          |                          | Default                                   |
@@ -23,7 +22,7 @@ You can also do this [manually](https://docs.github.com/en/issues/tracking-your-
 | `include-closed-issues`            | Includes closed issues, when searching for linked issues.            | optional                 | `false`                                   |
 | **Name OUTPUTS**                   | **Description**                                                      | **Values**               | **Defaults**                              |
 | `is-pull-request-linked-to-issues` | Whether the pull request is linked to issues or not.                 | `'True'` or `'False'`    | `'False'`                                 |
-| `linked-issues`                    | List of issues that are linked to the pull request.                  | `[1, 2, 4, 82, 124]`     | `[]`                                      |   
+| `linked-issues`                    | List of issues that are linked to the pull request.                  | `[1, 2, 4, 82, 124]`     | `[]`                                      |
 | `pull-request-labels`              | List of labels assigned to this pull request.                        | `[bug, enhancement, ..]` | `[]`                                      |
 
 Example workflow:
@@ -61,19 +60,34 @@ Example workflow:
 ## Important notes
 
 This action will only work on pull request events:
+
 - [pull_request](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request)
-    - opened
-    - edited
-    - synchronize
+  - opened
+  - edited
+  - synchronize
 - [pull_request_target](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target)
-    - opened
-    - edited
-    - synchronize
+  - opened
+  - edited
+  - synchronize
 
 When using `pull_request_target` the `token` input needs to be a personal access token (PAT), because of GitHubs security settings.\
 If you need help with creating a PAT, check out [this](https://docs.github.com/en/github/authenticating-to-github/keeping-your-account-and-data-secure/creating-a-personal-access-token) guide.
 
 #### Further reading
+
 There is a pattern used to find the linked issues in the pull request body.\
 To get insights on how this pattern works, check out the [regex101.com](https://regex101.com/r/f60fNx/4)!\
 When having problems with the pattern, you can test it out on [pythex.org](https://pythex.org).
+
+## Local development
+
+Windows:
+
+```bash
+pip install virtualenv
+virtualenv --python %PYTHON_PATH%\\python.exe venv
+.\venv\Scripts\activate
+# python.exe -m pip install --upgrade pip
+pip install --only-binary=:all: -r requirements.txt
+#deactivate
+```

requirements.txt

@@ -1,15 +1,4 @@
-certifi==2023.11.17
-cffi==1.16.0
-charset-normalizer==3.3.2
-Deprecated==1.2.14
-fastcore==1.5.29
-ghapi==1.0.4
-idna==3.6
-packaging==23.2
-pycparser==2.21
-PyGithub==2.1.1
-PyJWT==2.8.0
-PyNaCl==1.5.0
-requests==2.31.0
-urllib3==2.1.0
-wrapt==1.16.0
+# Automatically generated by https://github.com/damnever/pigar.
+
+requests
+PyGithub