merge main

canonical · Oct 4, 2024 · 9e72bb0 · 9e72bb0
2 parents 73403cb + 1d87e33
commit 9e72bb0
Show file tree

Hide file tree

Showing 8 changed files with 39 additions and 9 deletions.
diff --git a/.github/workflows/security-scan.yaml b/.github/workflows/security-scan.yaml
@@ -0,0 +1,16 @@
+name: Security scan
+on:
+  pull_request:
+  push:
+    branches:
+      - main
+      - hotfix/*
+
+jobs:
+  python-scans:
+    name: Scan Python project
+    uses: canonical/starflow/.github/workflows/scan-python.yaml@main
+    with:
+      packages: python-apt-dev
+      osv-extra-args: '--config=source/osv-scanner.toml'
+      trivy-extra-args: '--severity HIGH,CRITICAL --ignore-unfixed --skip-dirs "tests/spread/**"'
diff --git a/docs/.wordlist.txt b/docs/.wordlist.txt
@@ -10,7 +10,7 @@ cli
 CMake
 cmake
 CMD
-CTRL
+Ctrl
 dataset
 Deadsnakes
 declaratively

diff --git a/docs/tutorial/django.rst b/docs/tutorial/django.rst
@@ -68,7 +68,8 @@ The Django application should respond with
     it difficult to read on a terminal. Visit ``http://localhost:8000`` using a
     browser to see the fully rendered page.
 
-The Django application looks good, so you can stop it for now using ``ctrl + c``.
+The Django application looks good, so let's stop it for now by pressing
+:kbd:`Ctrl` + :kbd:`C`.
 
 Pack the Django application into a rock
 =======================================
@@ -211,7 +212,12 @@ You should expect to see something similar to this:
     2024-08-20T06:34:36.116Z [django] [2024-08-20 06:34:36 +0000] [18] [INFO] Booting worker with pid: 18
 
 You can also choose to follow the logs by using the ``-f`` option with the
+<<<<<<< HEAD
 ``pebble logs`` command above. To stop following the logs, press ``ctrl + c``.
+=======
+``pebble logs`` command above. To stop following the logs, press :kbd:`Ctrl` +
+:kbd:`C`.
+>>>>>>> main
 
 Cleanup
 ~~~~~~~

diff --git a/docs/tutorial/fastapi.rst b/docs/tutorial/fastapi.rst
@@ -65,7 +65,8 @@ endpoint. You may need a new terminal for this, if you are using Multipass use
 
 The FastAPI application should respond with ``{"message":"Hello World"}``.
 
-The FastAPI application looks good, so stop it for now using ``ctrl + c``.
+The Django application looks good, so let's stop it for now by pressing
+:kbd:`Ctrl` + :kbd:`C`.
 
 Pack the FastAPI application into a rock
 ========================================
@@ -209,7 +210,8 @@ You should expect to see something similar to this:
     2024-10-01T06:32:58.214Z [fastapi] INFO:     172.17.0.1:55232 - "GET / HTTP/1.1" 200 OK
 
 You can also choose to follow the logs by using the ``-f`` option with the
-``pebble logs`` command above. To stop following the logs, press ``ctrl + c``.
+``pebble logs`` command above. To stop following the logs, press :kbd:`Ctrl` +
+:kbd:`C`.
 
 Cleanup
 ~~~~~~~

diff --git a/docs/tutorial/flask.rst b/docs/tutorial/flask.rst
@@ -66,7 +66,8 @@ endpoint. You may need a new terminal for this, if you are using Multipass use
 
 The Flask application should respond with ``Hello, world!``.
 
-The Flask application looks good, so stop it for now using ``ctrl + c``.
+The Flask application looks good, so let's stop it for now by pressing
+:kbd:`Ctrl` + :kbd:`C`.
 
 Pack the Flask application into a rock
 ======================================
@@ -206,7 +207,8 @@ You should expect to see something similar to this:
     2024-06-21T03:41:45.078Z [flask] [2024-06-21 03:41:45 +0000] [18] [INFO] Booting worker with pid: 18
 
 You can also choose to follow the logs by using the ``-f`` option with the
-``pebble logs`` command above. To stop following the logs, press ``ctrl + c``.
+``pebble logs`` command above. To stop following the logs, press :kbd:`Ctrl` +
+:kbd:`C`.
 
 Cleanup
 ~~~~~~~

diff --git a/docs/tutorial/node-app.rst b/docs/tutorial/node-app.rst
@@ -135,8 +135,8 @@ open another shell into the VM and access the app with curl:
 
 This should also print "Hello World from inside the rock!" to the terminal.
 
-You can now stop the running container by either interrupting it with CTRL+C or
-by running the following in another terminal:
+You can now stop the running container by either interrupting it with
+:kbd:`Ctrl` + :kbd:`C` or by running the following in another terminal:
 
 .. literalinclude:: code/node-app/task.yaml
     :language: bash

diff --git a/osv-scanner.toml b/osv-scanner.toml
@@ -0,0 +1,4 @@
+[[IgnoredVulns]]
+id = "CVE-2024-35195"
+ignoreUntil = "2025-01-01T00:00:00Z"
+reason = "Needed for requests-unixsocket, which we're replacing with requests-unixsocket2"
diff --git a/requirements-jammy.txt b/requirements-jammy.txt
@@ -1 +1 @@
-https://launchpad.net/ubuntu/+archive/primary/+sourcefiles/python-apt/2.4.0ubuntu2/python-apt_2.4.0ubuntu2.tar.xz ; sys_platform == 'linux'
+python-apt @  https://launchpad.net/ubuntu/+archive/primary/+sourcefiles/python-apt/2.4.0ubuntu2/python-apt_2.4.0ubuntu2.tar.xz ; sys_platform == 'linux'