chore(security): bump pytest to 9.0.3

[jfagoagas]

Description

Bump pytest to 9.0.3 to fix CVE-2025-71176

Checklist

Community Checklist

• This feature/issue is listed in here or roadmap.prowler.com
• Is it assigned to me, if not, request it via the issue/feature in here or Prowler Community Slack

• Review if the code is being covered by tests.
• Review if code is being documented following this specification https://github.com/google/styleguide/blob/gh-pages/pyguide.md#38-comments-and-docstrings
• Review if backport is needed.
• Review if is needed to change the Readme.md
• Ensure new entries are added to CHANGELOG.md, if applicable.

SDK/CLI

• Are there new checks included in this PR? Yes / No
  • If so, do we need to update permissions for the provider? Please review this carefully.

UI

• All issue/task requirements work as expected on the UI
• Screenshots/Video of the functionality flow (if applicable) - Mobile (X < 640px)
• Screenshots/Video of the functionality flow (if applicable) - Table (640px > X < 1024px)
• Screenshots/Video of the functionality flow (if applicable) - Desktop (X > 1024px)
• Ensure new entries are added to CHANGELOG.md, if applicable.

API

• All issue/task requirements work as expected on the API
• Endpoint response output (if applicable)
• EXPLAIN ANALYZE output for new/modified queries or indexes (if applicable)
• Performance test results (if applicable)
• Any other relevant evidence of the implementation (if applicable)
• Verify if API specs need to be regenerated.
• Check if version updates are required (e.g., specs, Poetry, etc.).
• Ensure new entries are added to CHANGELOG.md, if applicable.

License

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

[github-actions]

✅ All necessary CHANGELOG.md files have been updated.

[github-actions]

✅ Conflict Markers Resolved

All conflict markers have been successfully resolved in this pull request.

[Copilot]

Pull request overview

Updates the API project’s test dependency (pytest) to a patched version intended to address CVE-2025-71176, and regenerates the Poetry lockfile accordingly.

Changes:

• Bump pytest in api/pyproject.toml from 8.2.2 to 9.0.3.
• Regenerate api/poetry.lock to reflect the updated dependency resolution.
• Add an unreleased changelog entry describing the security bump.

Reviewed changes

Copilot reviewed 2 out of 3 changed files in this pull request and generated 1 comment.

File	Description
api/pyproject.toml	Updates the pytest dev dependency version to 9.0.3.
api/poetry.lock	Lockfile regeneration reflecting the new pytest version (and updated lock metadata).
api/CHANGELOG.md	Adds an “UNRELEASED” security note for the pytest CVE fix.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[github-actions]

🔒 Container Security Scan

Image: prowler-api:93113c9
Last scan: 2026-04-14 11:54:49 UTC

📊 Vulnerability Summary

Severity	Count
🔴 Critical	5
Total	5

4 package(s) affected

⚠️ Action Required

Critical severity vulnerabilities detected. These should be addressed before merging:

• Review the detailed scan results
• Update affected packages to patched versions
• Consider using a different base image if updates are unavailable

---

📋 Resources:

• Download full report (see artifacts)
• View in Security tab
• Scanned with Trivy

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 93.61%. Comparing base (bc3fd79) to head (4358791).
⚠️ Report is 4 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff             @@
##           master   #10678      +/-   ##
==========================================
+ Coverage   88.07%   93.61%   +5.53%     
==========================================
  Files         125      227     +102     
  Lines        5251    31923   +26672     
==========================================
+ Hits         4625    29884   +25259     
- Misses        626     2039    +1413     

Flag	Coverage Δ
api	93.61% <ø> (?)
prowler-py3.10-m365	?
prowler-py3.11-m365	?
prowler-py3.12-m365	?

Flags with carried forward coverage won't be shown. Click here to find out more.

Components	Coverage Δ
prowler	∅ <ø> (∅)
api	93.61% <ø> (∅)

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.