[Snyk] Security upgrade python from 3.12.3-alpine to 3.14.0a1-alpine

[ascott1]

Snyk has created this PR to fix 5 vulnerabilities in the dockerfile dependencies of this project.

Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Snyk changed the following file(s):

• Dockerfile.mac_chip

We recommend upgrading to python:3.14.0a1-alpine, as this image has only 1 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Integer Overflow or Wraparound SNYK-ALPINE320-EXPAT-7908298	714
	Integer Overflow or Wraparound SNYK-ALPINE320-EXPAT-7908299	714
	XML External Entity (XXE) Injection SNYK-ALPINE320-EXPAT-7908300	614
	Use After Free SNYK-ALPINE320-BUSYBOX-7233533	514
	Use After Free SNYK-ALPINE320-BUSYBOX-7233586	514

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 XML External Entity (XXE) Injection
🦉 Use After Free

[github-actions]

Coverage report

This PR does not seem to contain any modification to coverable code.

[jcadam14]

Rejecting this PR since 3.14 of python is not set to officially release until 2025-10-01. We will be migrating to 3.13 assuming all our dependencies work with that version. See cfpb/regtech-deployments#26