Skip to content

Upgrade packages and images #331

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 18 commits into
base: master
Choose a base branch
from
Open

Upgrade packages and images #331

wants to merge 18 commits into from

Conversation

@ahadley1124
Copy link

@ahadley1124 ahadley1124 commented Feb 15, 2023

Upgraded packages to fix multiple high severity images. Upgraded the docker image to a newer version to fix a low risk vulnerability.

snyk-bot and others added 9 commits October 27, 2022 18:52
@snyk-bot
fix: Dockerfile to reduce vulnerabilities
69f2974 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-ALPINE316-EXPAT-3062883
@ahadley1124
Merge pull request #1 from ahadley1124/snyk-fix-57b8baef45dbd57053d31…
685a82c 
…ed25650d800
@snyk-bot
fix: Dockerfile to reduce vulnerabilities
733fbb6 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-ALPINE316-KRB5-3136432
@snyk-bot
fix: requirements.txt to reduce vulnerabilities
531fb97 
The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3172287
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3314966
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3315324
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3315328
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3315331
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3315452
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3315972
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3315975
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3316038
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3316211
@ahadley1124
Merge pull request #3 from ahadley1124/snyk-fix-0aa7fc73c4b8436542f46…
73e25fb 
…7df4644b729

[Snyk] Security upgrade cryptography from 3.3.2 to 39.0.1
@ahadley1124
Merge pull request #2 from ahadley1124/snyk-fix-105255d7ec6b474ae2125…
266518c 
…673c30541a0

[Snyk] Security upgrade python from 3.12.0a1-alpine to 3.12.0a2-alpine
@snyk-bot
fix: Dockerfile to reduce vulnerabilities
7bcceef 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-ALPINE317-E2FSPROGS-3339842
- https://snyk.io/vuln/SNYK-ALPINE317-OPENSSL-3188632
- https://snyk.io/vuln/SNYK-ALPINE317-OPENSSL-3314647
- https://snyk.io/vuln/SNYK-ALPINE317-OPENSSL-3314650
- https://snyk.io/vuln/SNYK-ALPINE317-OPENSSL-3314650
@snyk-bot
fix: Dockerfile to reduce vulnerabilities
d8e5e50 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-ALPINE317-OPENSSL-3188632
- https://snyk.io/vuln/SNYK-ALPINE317-OPENSSL-3314647
- https://snyk.io/vuln/SNYK-ALPINE317-OPENSSL-3314650
- https://snyk.io/vuln/SNYK-ALPINE317-OPENSSL-3314651
- https://snyk.io/vuln/SNYK-ALPINE317-OPENSSL-3314657
@ahadley1124
Merge pull request #7 from ahadley1124/snyk-fix-85df07f51851dfe191755…
540318b 
…6e8264ffed8
@ahadley1124
Copy link
Author

ahadley1124 commented Apr 8, 2023

@huashengdun upgrading the packages used will reduce the number of vulnerabilities. Please make this safer for everyone to use

ahadley1124 and others added 9 commits April 23, 2023 14:46
@ahadley1124
Merge pull request #5 from ahadley1124/snyk-fix-2d7ec89cbc28243c901e9…
6378616 
…2a0080d1e55
@snyk-bot
fix: requirements.txt to reduce vulnerabilities
8249eff 
The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-TORNADO-5537286
@snyk-bot
fix: requirements.txt to reduce vulnerabilities
3164675 
The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-TORNADO-5840803
@snyk-bot
fix: Dockerfile to reduce vulnerabilities
187b2bd 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-ALPINE317-NCURSES-5606599
- https://snyk.io/vuln/SNYK-ALPINE317-NCURSES-5606599
- https://snyk.io/vuln/SNYK-ALPINE317-OPENSSL-5438697
- https://snyk.io/vuln/SNYK-ALPINE317-OPENSSL-5788365
- https://snyk.io/vuln/SNYK-ALPINE317-OPENSSL-5821141
@ahadley1124
Merge pull request #14 from ahadley1124/snyk-fix-6ac7dab6e2b5e2f189ab…
818dbae 
…b5f29271c942
@ahadley1124
Merge pull request #8 from ahadley1124/snyk-fix-b973be670ba89307b0967…
467125b 
…03f2a729a4f
@ahadley1124
Merge pull request #13 from ahadley1124/snyk-fix-076653e7ee26db7729ed…
b321812 
…8e40baafc556
@snyk-bot
fix: Dockerfile to reduce vulnerabilities
ac1f643 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-ALPINE318-EXPAT-7908292
- https://snyk.io/vuln/SNYK-ALPINE318-EXPAT-7908293
- https://snyk.io/vuln/SNYK-ALPINE318-KRB5-8366395
- https://snyk.io/vuln/SNYK-ALPINE318-KRB5-8366393
- https://snyk.io/vuln/SNYK-ALPINE318-OPENSSL-6032386
@ahadley1124
Merge pull request #36 from ahadley1124/snyk-fix-5c751906b678f8d27bfd…
2c2b0fb 
…f01f1286854a

[Snyk] Security upgrade python from 3.12.0rc2-alpine to 3.14.0a3-alpine
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ahadley1124 @snyk-bot