Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Fix for 30 vulnerabilities #95

Closed
Closed
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
fix: components/example-notebook-servers/jupyter-tensorflow-full/requ…
…irements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-ANYIO-7361842
- https://snyk.io/vuln/SNYK-PYTHON-AZURESTORAGEBLOB-2949173
- https://snyk.io/vuln/SNYK-PYTHON-IPYTHON-3318382
- https://snyk.io/vuln/SNYK-PYTHON-JUPYTERSERVER-5862881
- https://snyk.io/vuln/SNYK-PYTHON-JUPYTERSERVER-5862882
- https://snyk.io/vuln/SNYK-PYTHON-JUPYTERSERVER-6099119
- https://snyk.io/vuln/SNYK-PYTHON-JUPYTERSERVER-7217832
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321964
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321966
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321970
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-5918878
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6043904
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6182918
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219984
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219986
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6514866
- https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-6928867
- https://snyk.io/vuln/SNYK-PYTHON-SCIKITLEARN-7217830
- https://snyk.io/vuln/SNYK-PYTHON-SCIPY-5756497
- https://snyk.io/vuln/SNYK-PYTHON-SCIPY-5759266
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-7448482
- https://snyk.io/vuln/SNYK-PYTHON-TORNADO-5537286
- https://snyk.io/vuln/SNYK-PYTHON-TORNADO-5840803
- https://snyk.io/vuln/SNYK-PYTHON-TORNADO-6041512
- https://snyk.io/vuln/SNYK-PYTHON-TORNADO-7217828
- https://snyk.io/vuln/SNYK-PYTHON-TORNADO-7217829
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-7267250
- https://snyk.io/vuln/SNYK-PYTHON-WHEEL-3180413
- https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899
snyk-bot committed Jul 29, 2024
commit 870fa8ab36c7f570f0afab628bda86d79bbbb66d
Original file line number Diff line number Diff line change
@@ -13,7 +13,19 @@ jupyterlab-git==0.30.1
matplotlib==3.4.2
pandas==1.2.4
scikit-image==0.18.1
scikit-learn==0.24.2
scipy==1.7.0
scikit-learn==1.5.0
scipy==1.10.0rc1
seaborn==0.11.1
xgboost==1.4.2
anyio>=4.4.0 # not directly required, pinned by Snyk to avoid a vulnerability
azure-storage-blob>=12.13.0 # not directly required, pinned by Snyk to avoid a vulnerability
ipython>=8.10.0 # not directly required, pinned by Snyk to avoid a vulnerability
jupyter-server>=2.14.1 # not directly required, pinned by Snyk to avoid a vulnerability
numpy>=1.22.2 # not directly required, pinned by Snyk to avoid a vulnerability
pillow>=10.3.0 # not directly required, pinned by Snyk to avoid a vulnerability
requests>=2.32.2 # not directly required, pinned by Snyk to avoid a vulnerability
setuptools>=70.0.0 # not directly required, pinned by Snyk to avoid a vulnerability
tornado>=6.4.1 # not directly required, pinned by Snyk to avoid a vulnerability
urllib3>=2.2.2 # not directly required, pinned by Snyk to avoid a vulnerability
wheel>=0.38.0 # not directly required, pinned by Snyk to avoid a vulnerability
zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability

Unchanged files with check annotations Beta

"sigs.k8s.io/controller-runtime/pkg/client"
)
func (tc *testContext) waitForControllerDeployment(name string, replicas int32) error {

Check failure on line 24 in components/odh-notebook-controller/e2e/helper.go

GitHub Actions / govulncheck (components/odh-notebook-controller)

undefined: testContext

Check failure on line 24 in components/odh-notebook-controller/e2e/helper.go

GitHub Actions / govulncheck (components/odh-notebook-controller)

undefined: testContext
err := wait.Poll(tc.resourceRetryInterval, tc.resourceCreationTimeout, func() (done bool, err error) {
controllerDeployment, err := tc.kubeClient.AppsV1().Deployments(tc.testNamespace).Get(tc.ctx, name, metav1.GetOptions{})
return err
}
func (tc *testContext) getNotebookRoute(nbMeta *metav1.ObjectMeta) (*routev1.Route, error) {

Check failure on line 52 in components/odh-notebook-controller/e2e/helper.go

GitHub Actions / govulncheck (components/odh-notebook-controller)

undefined: testContext

Check failure on line 52 in components/odh-notebook-controller/e2e/helper.go

GitHub Actions / govulncheck (components/odh-notebook-controller)

undefined: testContext
nbRouteList := routev1.RouteList{}
opts := []client.ListOption{
client.InNamespace(nbMeta.Namespace),
return &nbRouteList.Items[0], err
}
func (tc *testContext) getNotebookNetworkpolicy(nbMeta *metav1.ObjectMeta, name string) (*netv1.NetworkPolicy, error) {

Check failure on line 74 in components/odh-notebook-controller/e2e/helper.go

GitHub Actions / govulncheck (components/odh-notebook-controller)

undefined: testContext

Check failure on line 74 in components/odh-notebook-controller/e2e/helper.go

GitHub Actions / govulncheck (components/odh-notebook-controller)

undefined: testContext
nbNetworkPolicy := &netv1.NetworkPolicy{}
err := wait.Poll(tc.resourceRetryInterval, tc.resourceCreationTimeout, func() (done bool, err error) {
np, npErr := tc.kubeClient.NetworkingV1().NetworkPolicies(nbMeta.Namespace).Get(tc.ctx, name, metav1.GetOptions{})
return nbNetworkPolicy, err
}
func (tc *testContext) curlNotebookEndpoint(nbMeta metav1.ObjectMeta) (*http.Response, error) {

Check failure on line 90 in components/odh-notebook-controller/e2e/helper.go

GitHub Actions / govulncheck (components/odh-notebook-controller)

undefined: testContext

Check failure on line 90 in components/odh-notebook-controller/e2e/helper.go

GitHub Actions / govulncheck (components/odh-notebook-controller)

undefined: testContext
nbRoute, err := tc.getNotebookRoute(&nbMeta)
if err != nil {
return nil, err
return client.Do(req)
}
func (tc *testContext) rolloutDeployment(depMeta metav1.ObjectMeta) error {

Check failure on line 112 in components/odh-notebook-controller/e2e/helper.go

GitHub Actions / govulncheck (components/odh-notebook-controller)

undefined: testContext

Check failure on line 112 in components/odh-notebook-controller/e2e/helper.go

GitHub Actions / govulncheck (components/odh-notebook-controller)

undefined: testContext
// Scale deployment to 0
err := tc.scaleDeployment(depMeta, int32(0))
return nil
}
func (tc *testContext) revertCullingConfiguration(cmMeta metav1.ObjectMeta, depMeta metav1.ObjectMeta) {

Check failure on line 130 in components/odh-notebook-controller/e2e/helper.go

GitHub Actions / govulncheck (components/odh-notebook-controller)

undefined: testContext

Check failure on line 130 in components/odh-notebook-controller/e2e/helper.go

GitHub Actions / govulncheck (components/odh-notebook-controller)

undefined: testContext
// Delete the culling configuration Configmap once the test is completed
err := tc.kubeClient.CoreV1().ConfigMaps(tc.testNamespace).Delete(tc.ctx,
cmMeta.Name, metav1.DeleteOptions{})
}
}
func (tc *testContext) scaleDeployment(depMeta metav1.ObjectMeta, desiredReplicas int32) error {

Check failure on line 144 in components/odh-notebook-controller/e2e/helper.go

GitHub Actions / govulncheck (components/odh-notebook-controller)

undefined: testContext

Check failure on line 144 in components/odh-notebook-controller/e2e/helper.go

GitHub Actions / govulncheck (components/odh-notebook-controller)

undefined: testContext
// Get latest version of the deployment to avoid updating a stale object.
deployment, err := tc.kubeClient.AppsV1().Deployments(depMeta.Namespace).Get(tc.ctx,
depMeta.Name, metav1.GetOptions{})
}
// Add spec and metadata for Notebook objects
func setupThothMinimalOAuthNotebook() notebookContext {

Check failure on line 159 in components/odh-notebook-controller/e2e/helper.go

GitHub Actions / govulncheck (components/odh-notebook-controller)

undefined: notebookContext

Check failure on line 159 in components/odh-notebook-controller/e2e/helper.go

GitHub Actions / govulncheck (components/odh-notebook-controller)

undefined: notebookContext
testNotebookName := "thoth-minimal-oauth-notebook"
testNotebook := &nbv1.Notebook{
// Setting func async to the upstream branch v1.7-branch,
// as servicemesh changes have not been moved stable branch
func notebooksForScenario(notebooks []notebookContext, mode DeploymentMode) []notebookContext {

Check failure on line 235 in components/odh-notebook-controller/e2e/helper.go

GitHub Actions / govulncheck (components/odh-notebook-controller)

undefined: notebookContext

Check failure on line 235 in components/odh-notebook-controller/e2e/helper.go

GitHub Actions / govulncheck (components/odh-notebook-controller)

undefined: DeploymentMode

Check failure on line 235 in components/odh-notebook-controller/e2e/helper.go

GitHub Actions / govulncheck (components/odh-notebook-controller)

undefined: notebookContext

Check failure on line 235 in components/odh-notebook-controller/e2e/helper.go

GitHub Actions / govulncheck (components/odh-notebook-controller)

undefined: DeploymentMode
var filtered []notebookContext
for _, notebook := range notebooks {
if notebook.deploymentMode == mode {