Merge pull request #37 from leonid-granulate/feature/fix-CVE-issues

CVE issues resolving

Author: mlim19

.github/workflows/backend-ci.yml

@@ -35,17 +35,17 @@ on:
 jobs:
   build:
     # The type of runner that the job will run on
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-24.04
 
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
 
-      - uses: actions/setup-python@v2
+      - uses: actions/setup-python@v5
         with:
           python-version: '3.10' # Version range or exact version of a Python version to use, using SemVer's version range syntax
           architecture: 'x64' # optional x64 or x86. Defaults to x64 if not specified
 
-      - uses: actions/cache@v2
+      - uses: actions/cache@v4
         with:
           path: ~/.cache/pip
           key: ${{ runner.os }}-pip-${{ hashFiles('**/*requirements.txt') }}

.github/workflows/frontend-ci.yml

@@ -31,33 +31,33 @@ jobs:
   # Jobs are running in parallel, saving time
   build:
     # The type of runner that the job will run on
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-24.04
 
     # Steps represent a sequence of tasks that will be executed as part of the job
     steps:
       # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
 
       - name: Get frontend source code HASH
         run: |
           export HASH=`git ls-files ./src/gprofiler/frontend/src ./src/gprofiler/frontend/yarn.lock | xargs md5sum | cut -d" " -f1 | md5sum | cut -d" " -f1`
           echo "FRONTEND_SRC_HASH=$HASH" >> $GITHUB_ENV
 
       - name: Use frontend build cache
-        uses: actions/cache@v2
+        uses: actions/cache@v4
         id: frontend-build-cache
         with:
           path: "src/gprofiler/frontend/build"
           key: ${{ runner.os }}-frontend-build--${{ env.FRONTEND_SRC_HASH }}
 
       - name: Setup node
         if: steps.frontend-build-cache.outputs.cache-hit != 'true'
-        uses: actions/setup-node@v2
+        uses: actions/setup-node@v4
         with:
-          node-version: "16.15.1"
+          node-version: "20.19"
 
       - name: Use Yarn cache
-        uses: actions/cache@v2
+        uses: actions/cache@v4
         id: yarn-cache
         with:
           path: "**/node_modules"

dev-requirements.txt

@@ -15,11 +15,11 @@
 #
 
 flake8==7.0.0
-black==22.3.0
+black==25.1.0
 mypy==0.942
 isort==5.8.0
 pytest==6.2.5
-requests==2.27.1
+requests==2.32.3
 boto3-stubs==1.26.13
 types-requests==2.28.3
 types-jsonschema==4.17.0.1

src/gprofiler-dev/requirements.txt

@@ -17,7 +17,7 @@
 boto3==1.34.25
 botocore==1.34.25
 terminaltables==3.1.10
-requests~=2.31.0
+requests~=2.32.3
 python-json-logger==2.0.7
 psutil==5.9.8
 backoff==1.10.0

src/gprofiler/Dockerfile

@@ -1,4 +1,4 @@
-FROM node:16.18 as frontend_dependencies
+FROM node:20.19 as frontend_dependencies
 
 ARG VITE_PRODUCTION_ENV
 ARG VITE_SERVER_HOST

src/gprofiler/frontend/package.json

@@ -58,7 +58,7 @@
     "eslint-plugin-simple-import-sort": "^7.0.0",
     "prettier": "^2.3.2",
     "use-resize-observer": "^7.0.1",
-    "vite": "^4.5.0",
+    "vite": "^6.2.6",
     "vite-plugin-svgr": "^2.2.2"
   }
 }