chore(deps): resolve backend dependency CVEs (pysaml2 fork, cryptography, twisted, pydantic-ai)#5663
Merged
Merged
Conversation
…yopenssl CVEs The baserow/pysaml2 fork is v7.5.4 with IdentityPython/pysaml2#1021 cherry-picked, lifting the pyopenssl<24.3.0 cap that blocked the cryptography upgrade. Pinned to the immutable merge commit (tagged v7.5.4+deps-upgrade) via tool.uv.sources. Upgrades cryptography 43.0.3 -> 49.0.0 and pyopenssl 24.2.1 -> 26.3.0, resolving 3 high and 3 low Dependabot alerts including CVE-2026-26007. git is added to the Dockerfile builder-prod-base and dev stages because uv requires the git CLI to fetch git-sourced dependencies.
…c-settings to fix remaining CVEs - twisted 25.5.0 -> 26.4.0: DNS compression pointer DoS (high) - pydantic-ai-slim 1.77.0 -> 1.102.0: two SSRF blocklist bypasses (medium); requires boto3 >= 1.42.63 - pydantic-settings 2.12.0 -> 2.14.2: secrets_dir symlink traversal (medium) - django 5.2.14 -> 5.2.15 and daphne 4.2.1 -> 4.2.2 security patches pydantic-ai 1.102 turned StreamedResponse._parts_manager into a cached_property and added _finished/_cancelled class-default fields. These shadow __getattr__ on the assistant's _ErrorRecoveringStream proxy, so get() would build the response from an empty proxy-local parts manager. The shadowed attributes are now property-delegated to the inner stream, with a regression test asserting get() sees the streamed parts.
Contributor
There was a problem hiding this comment.
Pull request overview
This PR resolves backend Dependabot security alerts by upgrading multiple Python dependencies (notably cryptography/pyopenssl/twisted/pydantic-ai) and introducing a temporary git-sourced fork of pysaml2 to unblock the upgrades. It also updates the enterprise assistant streaming proxy to remain compatible with the newer pydantic-ai internals and adds a regression test for the streaming .get() behavior.
Changes:
- Upgrade backend dependency set in
pyproject.toml/uv.lock, including switchingpysaml2to a git SHA-pinned fork viatool.uv.sources. - Update backend Docker build stages to install
gitsouv sync --frozencan fetch git-based dependencies. - Fix
_ErrorRecoveringStreamattribute shadowing by delegating additionalStreamedResponseclass/default attributes to the inner stream, with an added regression assertion in enterprise tests.
Reviewed changes
Copilot reviewed 5 out of 6 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
enterprise/backend/tests/baserow_enterprise_tests/assistant/test_retrying_model.py |
Extends streaming recovery tests to validate .get() reads parts from the inner stream’s parts manager after pydantic-ai changes. |
enterprise/backend/src/baserow_enterprise/assistant/retrying_model.py |
Ensures the stream proxy delegates shadowed StreamedResponse attributes (incl. _parts_manager) to the wrapped stream. |
changelog/entries/unreleased/bug/upgrades_backend_dependencies_to_fix_known_security_vulnerab.json |
Adds an unreleased changelog entry covering the backend security dependency upgrades. |
backend/uv.lock |
Updates locked dependency resolution (including pysaml2 git source and multiple version bumps) to address CVEs. |
backend/pyproject.toml |
Bumps key pinned versions and adds tool.uv.sources override to consume the pysaml2 fork by immutable SHA. |
backend/Dockerfile |
Installs git in relevant build/dev stages so uv can fetch git-sourced dependencies during image builds. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Coverage reportClick to see where and how coverage changed
This report was generated by python-coverage-comment-action |
||||||||||||||||||||||||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
Resolves all fixable Dependabot alerts on the backend (4 high, 3 low, 3 medium).
1. pysaml2 fork (
2ec1971f)pysaml2==7.5.4capspyopenssl<24.3.0, which blocked upgradingcryptographypast the CVE-2026-26007 fix. Upstream fix exists but is unreleased (IdentityPython/pysaml2#1021), so we cherry-picked it into baserow/pysaml2 (fork PR #1, tagv7.5.4+deps-upgrade) and consume it via[tool.uv.sources]pinned to the immutable merge-commit SHA (a tag can be force-moved; the SHA cannot). Drop the source and return to PyPI once upstream releases the fix.gitis added to the Dockerfilebuilder-prod-baseanddevstages — uv needs the git CLI to fetch git-sourced dependencies and the python-slim base image doesn't ship it.2. Remaining CVE upgrades (
dbf1effa)pydantic-ai 1.102 turned
StreamedResponse._parts_managerinto acached_property(plus new_finished/_cancelledclass-default fields), which shadowed__getattr__on the assistant's_ErrorRecoveringStreamproxy —stream.get()would have built the response from an empty proxy-local parts manager. Fixed by property-delegating the shadowed attributes to the inner stream, with a regression test.pip-audit over the new resolution reports a single remaining finding:
lupa 2.6— dev-only (fakeredis lua extra, never in prod images), no fixed release exists.The saas Dockerfiles mirror this one and consume the synced
uv.lock— they need the same one-linegitpackage addition or image builds will fail atuv sync --frozenafter the next lock sync. MR: https://gitlab.com/baserow/baserow-saas/-/merge_requests/634Verification
docs/development/sso-saml.mdand verify SAML SSO still works.just build backend latest --no-cacheand verify withdocker scout cves local:baserow/backend:latest > /tmp/scout.txtthe High CVE about pysaml2, cryptography and pyopenssl are gone. The only ones remaining are from the python base image: https://hub.docker.com/layers/library/python/3.14.6-slim-trixie/images/sha256-802bfded3f783b1d84b2022e67e00f8e4b6631d25c5bc3c24736864095a55f97