[anaconda] - scrapy - GHSA-4qqq-9vqf-3h3f patch vulnerablity (#1070)

devcontainers · May 21, 2024 · fb70f76 · fb70f76
1 parent f1addfb
commit fb70f76
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 1 deletion.
diff --git a/src/anaconda/.devcontainer/Dockerfile b/src/anaconda/.devcontainer/Dockerfile
@@ -47,7 +47,9 @@ RUN python3 -m pip install --upgrade \
     # https://github.com/advisories/GHSA-jjg7-2v4v-x38h
     idna==3.7 \ 
     # https://github.com/advisories/GHSA-h75v-3vvj-5mfj
-    jinja2==3.1.4
+    jinja2==3.1.4 \
+    # https://github.com/advisories/GHSA-4qqq-9vqf-3h3f
+    scrapy==2.11.2
 
 # Reset and copy updated files with updated privs to keep image size down
 FROM mcr.microsoft.com/devcontainers/base:1-bullseye

diff --git a/src/anaconda/test-project/test.sh b/src/anaconda/test-project/test.sh
@@ -53,6 +53,7 @@ checkPythonPackageVersion "gitpython" "3.1.41"
 checkPythonPackageVersion "jupyter-lsp" "2.2.2"
 checkPythonPackageVersion "idna" "3.7"
 checkPythonPackageVersion "jinja2" "3.1.4"
+checkPythonPackageVersion "scrapy" "2.11.2"
 
 checkCondaPackageVersion "pyopenssl" "23.2.0"
 checkCondaPackageVersion "requests" "2.31.0"