chore(deps): update dependency psycopg2-binary to v2.9.11 #1446
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,3 +1,3 @@ | ||
| Django==4.2.9 | ||
| psycopg2-binary==2.9.11 | ||
| python-dateutil==2.8.2 | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,4 +1,4 @@ | ||
| Django==4.2.10 | ||
| requests==2.31.0 | ||
| psycopg2-binary==2.9.11 | ||
|
There was a problem hiding this comment. For production environments, it is strongly recommended to use Using the source distribution ( This will require adding build dependencies to your RUN apk add --no-cache postgresql-dev gcc musl-devReferences
|
||
| debugpy # Required for debugging | ||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For production environments, it is strongly recommended to use
psycopg2instead ofpsycopg2-binary. Thepsycopg2-binarypackage is meant for development and testing, as it comes with its own pre-compiled dependencies which may not be up-to-date with security patches or compatible with the system libraries.Using the source distribution (
psycopg2) ensures that it's compiled against the system's libraries in the Docker image, which is safer and more reliable for production.This will require adding build dependencies to your
Dockerfile. For an Alpine-based image, you would need to add something like this before installing the requirements:RUN apk add --no-cache postgresql-dev gcc musl-devReferences
psycopg2-binarypackage is intended for development and testing purposes, not for production use. For production, the source distributionpsycopg2should be used to ensure it is built against the system's trusted libraries, avoiding potential security vulnerabilities or incompatibilities from bundled dependencies.