chore: update dependencies

alexferl · alexferl · commit df9416a0dcf1 · 2025-12-21T17:05:55.000-05:00
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -23,22 +23,22 @@ repos:
       - id: trailing-whitespace
 
   - repo: https://github.com/astral-sh/ruff-pre-commit
-    rev: v0.14.8
+    rev: v0.14.10
     hooks:
       - id: ruff
         args: ["--fix", "--exit-non-zero-on-fix"]
       - id: ruff-format
 
   - repo: https://github.com/pre-commit/mirrors-mypy
-    rev: v1.19.0
+    rev: v1.19.1
     hooks:
       - id: mypy
         args: [".", "--ignore-missing-imports"]
         language: system
         pass_filenames: false
 
   - repo: https://github.com/astral-sh/uv-pre-commit
-    rev: 0.9.16
+    rev: 0.9.18
     hooks:
       - id: uv-lock
       - id: uv-export
diff --git a/Dockerfile b/Dockerfile
@@ -19,14 +19,15 @@ ENV PYTHONDONTWRITEBYTECODE=1 \
 
 WORKDIR /app
 
-RUN useradd -ms /bin/bash app
+RUN groupadd -g 65532 nonroot && \
+    useradd -u 65532 -g 65532 -s /usr/sbin/nologin -m nonroot
 
-COPY --from=builder --chown=app:app /build/docker-entrypoint.sh /usr/local/bin/
-COPY --from=builder --chown=app:app /build /app
+COPY --from=builder --chown=nonroot:nonroot /build/docker-entrypoint.sh /usr/local/bin/
+COPY --from=builder --chown=nonroot:nonroot /build /app
 
 ENV PATH="/app/.venv/bin:$PATH"
 
-USER app
+USER nonroot
 
 ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]
 CMD ["app.main"]
diff --git a/pyproject.toml b/pyproject.toml
@@ -20,10 +20,10 @@ dependencies = [
 
 [dependency-groups]
 dev = [
-  "coverage==7.12.0",
-  "mypy==1.19.0",
-  "pre-commit==4.5.0",
-  "ruff==0.14.8",
+  "coverage==7.13.0",
+  "mypy==1.19.1",
+  "pre-commit==4.5.1",
+  "ruff==0.14.10",
 ]
 
 [tool.hatch.build.targets.wheel]
diff --git a/requirements.txt b/requirements.txt
@@ -3,18 +3,18 @@
 -e .
 cfgv==3.4.0
     # via pre-commit
-coverage==7.12.0
+coverage==7.13.0
 distlib==0.3.9
     # via virtualenv
 filelock==3.16.1
     # via virtualenv
 identify==2.6.4
     # via pre-commit
-librt==0.7.3
+librt==0.7.3 ; platform_python_implementation != 'PyPy'
     # via mypy
 mimesis==18.0.0
     # via python-boilerplate
-mypy==1.19.0
+mypy==1.19.1
 mypy-extensions==1.0.0
     # via mypy
 nodeenv==1.9.1
@@ -23,10 +23,10 @@ pathspec==0.12.1
     # via mypy
 platformdirs==4.3.6
     # via virtualenv
-pre-commit==4.5.0
+pre-commit==4.5.1
 pyyaml==6.0.2
     # via pre-commit
-ruff==0.14.8
+ruff==0.14.10
 typing-extensions==4.12.2
     # via mypy
 virtualenv==20.28.1
diff --git a/uv.lock b/uv.lock
