[Snyk] Security upgrade python from 3.11-slim to 3.13.3-slim

[rubenfiszel]

Snyk has created this PR to fix 3 vulnerabilities in the dockerfile dependencies of this project.

Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Snyk changed the following file(s):

• lsp/Dockerfile

We recommend upgrading to python:3.13.3-slim, as this image has only 34 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Integer Overflow or Wraparound SNYK-DEBIAN12-ZLIB-6008963	500
	CVE-2025-4802 SNYK-DEBIAN12-GLIBC-10180077	221
	CVE-2025-4802 SNYK-DEBIAN12-GLIBC-10180077	221
	Information Exposure SNYK-DEBIAN12-UTILLINUX-2401083	150
	Information Exposure SNYK-DEBIAN12-UTILLINUX-2401083	150

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Information Exposure

---

Important

Upgrade Python base image in lsp/Dockerfile to 3.13.3-slim to fix security vulnerabilities.

• Dockerfile Update:
  • Upgrade base image in lsp/Dockerfile from python:3.11-slim to python:3.13.3-slim to address security vulnerabilities.
  • Fixes vulnerabilities: SNYK-DEBIAN12-ZLIB-6008963, SNYK-DEBIAN12-GLIBC-10180077, SNYK-DEBIAN12-UTILLINUX-2401083.

^{This description was created by for 7f59675. You can customize this summary. It will automatically update as commits are pushed.}

[cloudflare-workers-and-pages]

Deploying windmill with    Cloudflare Pages

Latest commit:	7f59675
Status:	✅  Deploy successful!
Preview URL:	https://9d6db74d.windmill.pages.dev
Branch Preview URL:	https://snyk-fix-3edd2bb556383068eba.windmill.pages.dev

View logs

[ellipsis-dev]

Important

Looks good to me! 👍

Reviewed everything up to 7f59675 in 34 seconds. Click for details.

• Reviewed 10 lines of code in 1 files
• Skipped 0 files when reviewing.
• Skipped posting 1 draft comments. View those below.
• Modify your settings and rules to customize what types of comments Ellipsis leaves. And don't forget to react with 👍 or 👎 to teach Ellipsis.

1. lsp/Dockerfile:1

• Draft comment:
  Upgraded from python:3.11-slim to python:3.13.3-slim. Ensure that all dependencies (especially pipenv and other Python packages) are compatible with Python 3.13 to prevent runtime issues.
• Reason this comment was not posted:
  Comment did not seem useful. Confidence is useful = 0% <= threshold 50% The comment is about a dependency change, specifically upgrading the Python version. It suggests ensuring compatibility with the new version, which is a general caution and not a specific code suggestion or issue. This violates the rule against commenting on dependency changes or asking the author to ensure compatibility.

Workflow ID: wflow_pnpCfCYJg8WptKWh

^{You can customize by changing your verbosity settings, reacting with 👍 or 👎, replying to comments, or adding code review rules.}