chore(agent): upgrade Debian base from bookworm to trixie

[scottschreckengaust]

Summary

Upgrade the agent container base image from Debian bookworm (12, now oldstable) to trixie (13, current stable since Aug 2025).

Related: #104 (toolchain monitoring RFC), #105 (Python 3.14 upgrade)

Risk Assessment: LOW (one known breakage point)

Component	Risk	Notes
NodeSource setup script	HIGH	May not recognize "trixie" codename. Test or switch to tarball install.
python:3.13-slim-trixie base image	LOW	Tag exists; no Python version change needed
golang:*-trixie builder	NONE	Builder output is static binary; builder base doesn't matter
build-essential (GCC 14 vs 12)	LOW	Forward compatible for target repos
System packages (git, curl, gnupg, ca-certificates)	NONE	Identical behavior
Copied binaries (mise, gh, uv)	NONE	All statically linked; no glibc dependency
Python wheels (cedarpy, cffi, claude-agent-sdk)	NONE	All manylinux_2_17; trixie has glibc 2.38+
Hardcoded paths	NONE	All application-defined
Shell-out binaries (git, du, which)	NONE	Stable interfaces

Primary Concern: NodeSource

The curl -fsSL https://deb.nodesource.com/setup_24.x | bash - script reads /etc/os-release to determine the distribution codename. If it doesn't recognize "trixie", it will fail.

Alternatives if NodeSource fails:

1. Force codename in the NodeSource script
2. Download Node.js tarball directly from nodejs.org
3. Use Debian's packaged Node.js if trixie ships >= 20.x

Changes Required

1. agent/Dockerfile: python:3.13-slim → python:3.13-slim-trixie
2. agent/Dockerfile: golang:1.26.3-bookworm → golang:1.26.3-trixie (optional, builder only)
3. Verify NodeSource trixie support or switch Node.js install method

Testing Required

• Docker image builds (especially NodeSource step)
• Image size stays reasonable
• Trivy scan — verify trixie reduces base-image CVEs
• Full agent task execution smoke test

Notes

• Bookworm (Debian 12) became "oldstable" in Aug 2025; still receives security updates but is superseded
• Trixie (Debian 13) is current stable since Aug 9, 2025 (point release 13.4, March 2026)
• Consider doing this separately from Python 3.14 (chore(agent): upgrade Python 3.13 → 3.14 #105) to isolate variables
• The main motivation is reducing base-image CVEs and staying on the supported Debian release

[scottschreckengaust]

Closing as subsumed by #92

The base image python:3.13-slim already resolves to Debian 13.4 trixie (current stable). The bookworm → trixie upgrade proposed here has already happened implicitly.

The remaining CVEs exist because:

1. Some Debian trixie packages have unfixed vulnerabilities (won't fix)
2. The CPython binary itself has CVEs awaiting the next patch release
3. Some packages have patches available but the Docker Hub image hasn't been rebuilt with them

The fix is tracked in #92 with a two-PR plan:

• PR 1: Pin python:3.14-slim-trixie + apt-get upgrade (picks up available Debian security patches)
• PR 2: .grype.yaml suppressions with metadata for won't fix CVEs

CVE lifecycle automation (re-scanning suppressions on a schedule) is tracked as a sub-issue of #104.