fix: upgrade pip in container image (CVE-2026-1703)

Path traversal in malicious wheel extraction, fixed in pip 26.0.
2026-02-21 18:50:35 +01:00
parent a741c0a017
commit c1c92ddc39
1 changed files with 2 additions and 1 deletions
--- a/3
+++ b/3
@@ -1,6 +1,7 @@
 FROM python:3.13-alpine
-RUN pip install --no-cache-dir pyyaml>=6.0
+RUN pip install --no-cache-dir --upgrade pip && \
    pip install --no-cache-dir pyyaml>=6.0
 WORKDIR /app