[Snyk] Security upgrade python from 3.9.10 to 3.13.11

[bozza-man]

Snyk has created this PR to fix 2 vulnerabilities in the dockerfile dependencies of this project.

Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Snyk changed the following file(s):

• streamlit_fargat/Dockerfile

We recommend upgrading to python:3.13.11, as this image has only 189 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	CVE-2025-27363 SNYK-DEBIAN11-FREETYPE-9402510	884
	CVE-2025-27363 SNYK-DEBIAN11-FREETYPE-9402510	884
	CVE-2025-27363 SNYK-DEBIAN11-FREETYPE-9402510	884
	Out-of-bounds Write SNYK-DEBIAN11-LIBWEBP-5893094	852
	Out-of-bounds Write SNYK-DEBIAN11-LIBWEBP-5893094	852

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Out-of-bounds Write

---

Note

Updates streamlit_fargat/Dockerfile base image from python:3.9.10 to python:3.13.11.

^{Written by Cursor Bugbot for commit ec84856. This will update automatically on new commits. Configure here.}

[coderabbitai]

Important

Review skipped

Ignore keyword(s) in the title.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch snyk-fix-7ebcd4f3efcd3f0797be8d7b9d77a441

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[cursor]

Bug: Python upgrade breaks app due to deprecated Streamlit API

Upgrading from Python 3.9.10 to 3.13.11 will cause pip install to fetch newer dependency versions since requirements.txt doesn't pin versions. The application's app.py uses the deprecated @st.cache(allow_output_mutation=True) decorator, which has been removed in recent Streamlit versions that support Python 3.13. This will cause the container to fail at runtime with an AttributeError when the app attempts to use the removed st.cache decorator.