update dependencies to fix various high/critical security

[gitworkflows]

User description

Description

This PR fixes #

Notes for Reviewers

Signed commits

• [*] Yes, I signed my commits.

---

PR Type

enhancement, dependencies

---

Description

• Standardized the casing for AS keyword in multi-stage builds within the Dockerfile.
• No functional changes were made; the changes are purely stylistic to improve readability and maintain consistency.

---

Changes walkthrough 📝

	Relevant files
Enhancement	Dockerfile Standardize casing for `AS` keyword in Dockerfile                docker/Dockerfile Standardized the casing for AS keyword in multi-stage builds. No functional changes, purely stylistic improvements. +9/-9

---

💡 PR-Agent usage:
Comment /help on the PR to get a list of all available PR-Agent tools and their descriptions

[sourcery-ai]

We have skipped reviewing this pull request. We don't review packaging changes - Let us know if you'd like us to change this.

[codiumai-pr-agent-free]

PR Reviewer Guide 🔍

⏱️ Estimated effort to review: 1 🔵⚪⚪⚪⚪

🧪 No relevant tests

🔒 No security concerns identified

⚡ No key issues to review

[codiumai-pr-agent-free]

PR Code Suggestions ✨

Category	Suggestion	Score
Security	Use a non-root user to run applications inside Docker containers for enhanced security To avoid potential security risks, consider using non-root users to run your applications inside Docker containers. This can be achieved by adding a user and switching to it before running the application. docker/Dockerfile [31] +RUN useradd -m myuser +USER myuser CMD ["python", "pr_assistant/servers/azuredevops_server_webhook.py"] Apply this suggestion Suggestion importance[1-10]: 10 Why: Running applications as a non-root user inside Docker containers is a crucial security measure. It minimizes the potential impact of a security breach by limiting the permissions available to the application.	10
Best practice	Use a specific Python image tag to ensure consistent build environments Consider using a more specific tag for the Python base image to ensure consistent environments across builds. Using a general tag like 3.10 might pull different minor versions over time, which could introduce inconsistencies or unexpected behaviors. docker/Dockerfile [1] -FROM python:3.10 AS base +FROM python:3.10.6 AS base Apply this suggestion Suggestion importance[1-10]: 9 Why: Using a specific tag for the Python base image ensures consistent environments across builds, reducing the risk of inconsistencies or unexpected behaviors due to minor version changes. This is a best practice for maintaining stable and predictable builds.	9
Maintainability	Reduce command repetition by using shared volumes or copying from a single stage To reduce the repetition of adding the same directory across multiple stages, consider using a shared volume or copying the directory once in a base stage that all other stages inherit from. docker/Dockerfile [10-40] -ADD pr_assistant pr_assistant +COPY --from=builder /app/pr_assistant /app/pr_assistant Apply this suggestion Suggestion importance[1-10]: 7 Why: Reducing repetition by using shared volumes or copying from a single stage can improve maintainability and reduce the risk of errors. However, the suggested code does not fully align with the existing structure and would require additional modifications to implement correctly.	7