build: bump deps and base image

.github/workflows/codeql.yml

@@ -18,7 +18,7 @@ jobs:
       security-events: write
     steps:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-      - uses: github/codeql-action/init@439137e1b50c27ba9e2f9befc93e43091b449c34 # v3
+      - uses: github/codeql-action/init@9e907b5e64f6b83e7804b09294d44122997950d6 # v3
         with:
           languages: python
-      - uses: github/codeql-action/analyze@439137e1b50c27ba9e2f9befc93e43091b449c34 # v3
+      - uses: github/codeql-action/analyze@9e907b5e64f6b83e7804b09294d44122997950d6 # v3

.github/workflows/run_tests.yml

@@ -53,13 +53,13 @@ jobs:
       - name: Run Docker E2E tests
         run: uv run --group test pytest tests/e2e/docker_*.py -v --timeout=600
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
+        uses: aquasecurity/trivy-action@c1824fd6edce30d7ab345a9989de00bbd46ef284 # 0.34.0
         with:
           image-ref: 'perfectframeai-perfectframe:latest'
           format: 'sarif'
           output: 'trivy-results.sarif'
           severity: 'CRITICAL,HIGH'
       - name: Upload Trivy scan results
-        uses: github/codeql-action/upload-sarif@439137e1b50c27ba9e2f9befc93e43091b449c34 # v3
+        uses: github/codeql-action/upload-sarif@9e907b5e64f6b83e7804b09294d44122997950d6 # v3
         with:
           sarif_file: 'trivy-results.sarif'

.github/workflows/scorecard.yml

@@ -33,6 +33,6 @@ jobs:
           publish_results: true
 
       - name: Upload SARIF results
-        uses: github/codeql-action/upload-sarif@439137e1b50c27ba9e2f9befc93e43091b449c34 # v3
+        uses: github/codeql-action/upload-sarif@9e907b5e64f6b83e7804b09294d44122997950d6 # v3
         with:
           sarif_file: results.sarif

Dockerfile

@@ -1,4 +1,4 @@
-FROM python:3.13.11-slim-bookworm@sha256:97e9392d12279f8c180eb80f0c7c0f3dfe5650f0f2573f7ad770aea58f75ed12
+FROM python:3.13.12-slim-bookworm@sha256:8092ae2ef67061f9db412458dbdce44dbf16748fb3cae5cdbd020f467a9712d0
 
 LABEL authors="BKDDFS"
 

pyproject.toml

@@ -10,7 +10,7 @@ readme = "README.md"
 requires-python = ">=3.11,<3.14"
 
 dependencies = [
-    "fastapi==0.128.0",                                  # API endpoints
+    "fastapi==0.129.0",                                  # API endpoints
     "uvicorn==0.40.0",                                   # Server
     "opencv-python==4.13.0.92",                          # Frame extraction
     "requests==2.32.5",                                  # Model download