chore(docker): pin dependencies

[renovate]

This PR contains the following updates:

Package	Type	Update	Change	OpenSSF
busybox		pinDigest	→ 1487d0a
ghcr.io/astral-sh/uv	stage	digest	8f53782 → 396b943
graphstack/dozerdb		pinDigest	→ a77526e
nginx		pinDigest	→ 2f07d83
postgres		pinDigest	→ 36ed712
python	final	digest	bb1f2fd → 420cd0b
toniblyx/prowler	final	pinDigest	→ 303c1ab
valkey/valkey		pinDigest	→ 4054fe7

---

Configuration

📅 Schedule: (in timezone Europe/Madrid)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

✅ Conflict Markers Resolved

All conflict markers have been successfully resolved in this pull request.

[github-actions]

🔒 Container Security Scan

Image: prowler-mcp:ef6bf62
Last scan: 2026-05-22 12:21:56 UTC

✅ No Vulnerabilities Detected

The container image passed all security checks. No known CVEs were found.

📋 Resources:

• Download full report (see artifacts)
• View in Security tab
• Scanned with Trivy

[github-actions]

🔒 Container Security Scan

Image: prowler-ui:ce6bed2
Last scan: 2026-05-21 12:45:50 UTC

✅ No Vulnerabilities Detected

The container image passed all security checks. No known CVEs were found.

📋 Resources:

• Download full report (see artifacts)
• View in Security tab
• Scanned with Trivy

[github-actions]

🔒 Container Security Scan

Image: prowler:ce6bed2
Last scan: 2026-05-21 12:49:22 UTC

📊 Vulnerability Summary

Severity	Count
🔴 Critical	6
Total	6

5 package(s) affected

⚠️ Action Required

Critical severity vulnerabilities detected. These should be addressed before merging:

• Review the detailed scan results
• Update affected packages to patched versions
• Consider using a different base image if updates are unavailable

---

📋 Resources:

• Download full report (see artifacts)
• View in Security tab
• Scanned with Trivy

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 93.97%. Comparing base (7d03bc5) to head (3934d72).
⚠️ Report is 6 commits behind head on master.

Additional details and impacted files

@@           Coverage Diff           @@
##           master   #11292   +/-   ##
=======================================
  Coverage   93.97%   93.97%           
=======================================
  Files         237      237           
  Lines       34829    34829           
=======================================
  Hits        32729    32729           
  Misses       2100     2100           

Flag	Coverage Δ
api	93.97% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Components	Coverage Δ
prowler	∅ <ø> (∅)
api	93.97% <ø> (ø)

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.