Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Security upgrade python from 3.11.8-slim-bookworm to 3.13.0rc1-slim-bookworm #4204

Closed
wants to merge 7,345 commits into from
Closed

[Snyk] Security upgrade python from 3.11.8-slim-bookworm to 3.13.0rc1-slim-bookworm #4204

wants to merge 7,345 commits into from

Conversation

rubenfiszel
Copy link
Contributor

@rubenfiszel rubenfiszel commented Aug 7, 2024
edited by ellipsis-dev bot
Loading

snyk-top-banner

Snyk has created this PR to fix 3 vulnerabilities in the dockerfile dependencies of this project.

Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Snyk changed the following file(s):

  • Dockerfile

We recommend upgrading to python:3.13.0rc1-slim-bookworm, as this image has only 43 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Vulnerabilities that will be fixed with an upgrade:

Issue Score
high severity Allocation of Resources Without Limits or Throttling
SNYK-DEBIAN12-SYSTEMD-6277507		   614  
high severity Allocation of Resources Without Limits or Throttling
SNYK-DEBIAN12-SYSTEMD-6277507		   614  
medium severity Improper Check for Unusual or Exceptional Conditions
SNYK-DEBIAN12-OPENSSL-6048820		   514  
medium severity Improper Check for Unusual or Exceptional Conditions
SNYK-DEBIAN12-OPENSSL-6048820		   514  
medium severity Out-of-bounds Write
SNYK-DEBIAN12-OPENSSL-6148845		   514  

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Allocation of Resources Without Limits or Throttling

🚀 This description was created by Ellipsis for commit a20c8cb

Summary:

Update Dockerfile to use python:3.13.0rc1-slim-bookworm to address security vulnerabilities.

Key points:

  • Update Dockerfile to use python:3.13.0rc1-slim-bookworm instead of python:3.11.8-slim-bookworm.
  • Addresses vulnerabilities: SNYK-DEBIAN12-SYSTEMD-6277507, SNYK-DEBIAN12-OPENSSL-6048820, SNYK-DEBIAN12-OPENSSL-6148845.
  • Ensures the Docker image benefits from the latest security fixes.

Generated with ❤️ by ellipsis.dev

rubenfiszel and others added 30 commits July 9, 2024 17:16
@rubenfiszel
chore(main): release 1.360.1 (#4048)
acc68a9 
* chore(main): release 1.360.1

* Apply automatic changes

---------

Co-authored-by: rubenfiszel <[email protected]>
@fatonramadani
fix(frontend): fix run page ms readability (#4059)
0b932ca
@fatonramadani
feat(frontend): add support for GFM and fix max-width issue (#4057)
133a278 
* feat(frontend): add support for GFM and fix max-width issue

* feat(frontend): enable GFM by default
@fatonramadani
fix(frontend): fix style panel title (#4058)
c853db4
@fatonramadani
feat(frontend): improve table action UX (#4056)
a6eeb68 
* feat(frontend): improve table action UX

* feat(frontend): improve table action UX
@rubenfiszel
fix: improve completed_job index
e450300
@rubenfiszel
sqlx
8fb91d3
@rubenfiszel
fix: improve performance of cancel_all
1d1dde0
@rubenfiszel
improve try migration lock
3b364ec
@rubenfiszel
specialize soft cancel filter
c7d4e6c
@rubenfiszel
fix: fix migration for instances starting from scratch
b4f0b32
@rubenfiszel
chore(main): release 1.361.0 (#4060)
299e0ee 
* chore(main): release 1.361.0

* Apply automatic changes

---------

Co-authored-by: rubenfiszel <[email protected]>
@rubenfiszel
fix: improve filter jobs query
583190f
@rubenfiszel
chore(main): release 1.361.1 (#4062)
90ce42b 
* chore(main): release 1.361.1

* Apply automatic changes

---------

Co-authored-by: rubenfiszel <[email protected]>
@rubenfiszel
remove env_id default value
88b6148
@wendrul
feat: Full-text search on runs using tantivy and command palette for …
7ea554a 
…quick actions (#4046)

* Add indexer crate and files

* POC searcher

incomplete schema
only indexes at startup

* POC search component frontend

* Demo of the frontend element

* add Results and Args as text

* minimal functionality

* Make jump to scripts by name

also flows and apps

* Add button on sidebar to open search

* Update lock on indexer after merge

* Make arrow key navigation compatible with scrol

* Show empty result screen and log as a coming feat

* Add summary to script searchable items

* Catch `parts is undefined` error (uFuzzy)

* Index refreshing using tokio interval

* Fix JobLoader workspace being wrongly defined

* Fix click outside

* Add debouncing for completed run search

* Binary mode working + job index tracker

* Warning for no license + fix height scrollbars on content search

* Make it compile without EE files

* remove panic to use errors

* Move global search

* Cleanup UI, no more tab switcher but clear placeholders and actions

* Add tantivy feature flag for windmill-api

* Rework indexer mode

* Mac compatibility for shortcut

* Update test for new run_server

* Prepare sqlx

* Mac compatibility

* Fix openapi yaml

* Fix frontend

* Frontend api fix

* Update docker-compose.yml and caddyfile

With the (by default deactivated) container and reverse proxy to use the
windmill indexer

* fix feature flag for tests

* fix feature falg for running tests

* fix feature flag for running tests

* Make content search use search modal instead

* Add tantivy feature to ee build steps

* Remove old Content search

* change volume location for indexer

* Update dependencies

* Prepare sqlx

* Uncomment line on docker compose

* Add line between input and results

* Update ee repo ref
@fatonramadani
fix(frontend): app editor improvements (#4052)
fd4fe15 
* fix(frontend): wip

* fix(frontend): fix dataflow to error handler module

* fix(frontend): add missing flow_input and result properties

* fix(frontend): fix build

* fix(frontend): improve code
@hcourdent
Smaller and better positioned Add branch message (#4061)
c67170e
@fatonramadani
feat(frontend): date select component (#4064)
3b4a376 
* feat(frontend): add date select component

* feat(frontend): add date select component

* feat(frontend): add missing tooltip

* feat(frontend): add support for locale

* feat(frontend): correct number of days depending on month and year + fix output format

* feat(frontend): Fix display

* feat(frontend): Fix initial dimension

* feat(frontend): Fix outputs

* feat(frontend): clear and set the outputs depending on what field is enabled

* feat(frontend): improve code
@rubenfiszel
feat: improve cancel all for non started jobs (#4065)
2747e1b 
* update version

* improve cancelAll

* improve error

* update sqlx
@rubenfiszel
extend frontend es6 with es2017 methods
b0e3c2b
@rubenfiszel
fix sqlx
f06b53e
@HugoCasa
staging image CI (#4070)
3c09025
@wendrul
Make indexer mode not spawn the server specific behaviour (#4072)
88ae5e8 
* Make indexer mode not spawn the server specific behaviour

* Add ee repo ref
@wendrul
Add indexer case to avoid 0 max_database_connection (#4073)
0a886e0
@rubenfiszel
nit indexer logs
52aaec6
@rubenfiszel
nit indexer logs
eef0230
@rubenfiszel
feat: improve flow status viewer (show branch chosen + all iterations…
b498664 
… in for loop) (#4074)

* all

* all

* all

* all

* all
@rubenfiszel
nit light mode flow style
2905161
@rubenfiszel
nit light mode flow style
c1d9784
@rubenfiszel rubenfiszel force-pushed the main branch 3 times, most recently from 413dad5 to ad69876 Compare August 14, 2024 12:46
@rubenfiszel rubenfiszel force-pushed the main branch 3 times, most recently from 9a08368 to 779a788 Compare September 10, 2024 18:31
@rubenfiszel rubenfiszel force-pushed the main branch 7 times, most recently from e80f43d to 9c506a8 Compare September 21, 2024 20:54
@rubenfiszel rubenfiszel force-pushed the main branch 3 times, most recently from ec6b974 to 8e0eb3d Compare September 26, 2024 12:31
@rubenfiszel rubenfiszel force-pushed the main branch 7 times, most recently from c858c24 to 3cd30d2 Compare October 19, 2024 10:30
@rubenfiszel rubenfiszel force-pushed the main branch 4 times, most recently from 8756adb to 41acd56 Compare November 2, 2024 17:41
@rubenfiszel rubenfiszel closed this Nov 2, 2024
@github-actions github-actions bot locked and limited conversation to collaborators Nov 2, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@ellipsis-dev ellipsis-dev[bot] ellipsis-dev[bot] left review comments

@fatonramadani fatonramadani Awaiting requested review from fatonramadani

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
10 participants
@rubenfiszel @fatonramadani @wendrul @hcourdent @HugoCasa @dommyrock @marcelklehr @LewisJEllis @freimer @snyk-bot