Skip to content

Commit

Permalink
[anaconda] - streamlit - GHSA-rxff-vr5r-8cj5 (#1177)
Browse files Browse the repository at this point in the history
  • Loading branch information
gauravsaini04 authored Aug 27, 2024
1 parent 80cbf84 commit d5fad24
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 1 deletion.
6 changes: 5 additions & 1 deletion src/anaconda/.devcontainer/apply_security_patches.sh
Original file line number Diff line number Diff line change
@@ -1,7 +1,11 @@
#!/bin/bash

# vulnerabilities:
# streamlit - [GHSA-rxff-vr5r-8cj5]

vulnerable_packages=( "pydantic=2.5.3" "joblib=1.3.1" "mistune=3.0.1" "werkzeug=3.0.3" "transformers=4.36.0" "pillow=10.3.0" "aiohttp=3.10.2" \
"cryptography=42.0.4" "gitpython=3.1.41" "jupyter-lsp=2.2.2" "idna=3.7" "jinja2=3.1.4" "scrapy=2.11.2" "black=24.4.2" "requests=2.32.2" "jupyter_server=2.14.1" "tornado=6.4.1" "tqdm=4.66.4" "urllib3=2.2.2" "scikit-learn=1.5.0" "zipp=3.19.1" )
"cryptography=42.0.4" "gitpython=3.1.41" "jupyter-lsp=2.2.2" "idna=3.7" "jinja2=3.1.4" "scrapy=2.11.2" "black=24.4.2" "requests=2.32.2" \
"jupyter_server=2.14.1" "tornado=6.4.1" "tqdm=4.66.4" "urllib3=2.2.2" "scikit-learn=1.5.0" "zipp=3.19.1" "streamlit=1.37.0" )

# Define the number of rows (based on the length of vulnerable_packages)
rows=${#vulnerable_packages[@]}
Expand Down
1 change: 1 addition & 0 deletions src/anaconda/test-project/test.sh
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,7 @@ checkCondaPackageVersion "pyarrow" "14.0.1"
checkCondaPackageVersion "pydantic" "2.5.3"
checkCondaPackageVersion "tqdm" "4.66.4"
checkCondaPackageVersion "black" "24.4.2"
checkCondaPackageVersion "streamlit" "1.37.0"

check "conda-update-conda" bash -c "conda update -y conda"
check "conda-install-tensorflow" bash -c "conda create --name test-env -c conda-forge --yes tensorflow"
Expand Down

0 comments on commit d5fad24

Please sign in to comment.