From 7d17d47dce853eb9111fe9075c2fd0f6e63c93a9 Mon Sep 17 00:00:00 2001
From: Gaurav Saini <147703805+gauravsaini04@users.noreply.github.com>
Date: Fri, 24 May 2024 03:53:31 +0530
Subject: [PATCH] [Anaconda] - remove pinned packages as availabe versions from
 upstream greater than pinned (#1073)

* [Anaconda] - remove useless pinned packages - availabe versions from upstream greater than pinned

* reverting test file changes - review comment
---
 src/anaconda/.devcontainer/Dockerfile | 16 ----------------
 1 file changed, 16 deletions(-)

diff --git a/src/anaconda/.devcontainer/Dockerfile b/src/anaconda/.devcontainer/Dockerfile
index 869f68254..126bfc669 100644
--- a/src/anaconda/.devcontainer/Dockerfile
+++ b/src/anaconda/.devcontainer/Dockerfile
@@ -6,36 +6,20 @@ RUN . /etc/os-release && if [ "${VERSION_CODENAME}" != "bullseye" ]; then exit 1
 # Temporary: Upgrade python packages due to mentioned CVEs
 # They are installed by the base image (continuumio/anaconda3) which does not have the patch.
 RUN conda install \
-    # https://github.com/advisories/GHSA-v845-jxx5-vc9f
-    urllib3==1.26.18 \
     # https://github.com/advisories/GHSA-mr82-8j83-vxmv
     pydantic==2.5.3
 
 RUN python3 -m pip install --upgrade \
     # https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21797
     joblib==1.3.1 \
-    # https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24065
-    cookiecutter==2.2.3 \
     # https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34749
     mistune==3.0.1 \
-    # https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34141
-    numpy==1.25.2 \
     # https://github.com/advisories/GHSA-2g68-c3qc-8985
     werkzeug==3.0.3 \
-    # https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32862
-    nbconvert==7.7.3 \
-    # https://github.com/advisories/GHSA-qppv-j76h-2rpx
-    tornado==6.3.3 \
-    # https://github.com/advisories/GHSA-r726-vmfq-j9j3 
-    jupyter_server==2.7.2 \
-    # https://github.com/advisories/GHSA-5wvp-7f3h-6wmm
-    pyarrow==14.0.1 \
     # https://github.com/advisories/GHSA-v68g-wm8c-6x7j
     transformers==4.36.0 \
     # https://github.com/advisories/GHSA-44wm-f244-xhp3
     pillow==10.3.0 \
-    # https://github.com/advisories/GHSA-44cc-43rp-5947
-    jupyterlab==4.0.11 \
     # https://github.com/advisories/GHSA-5h86-8mv2-jq9f
     aiohttp==3.9.4 \
     # https://github.com/advisories/GHSA-6vqw-3v5j-54x4