From 46b9295099486b4360dfc8aa352d3162595b5967 Mon Sep 17 00:00:00 2001 From: Gaurav Saini <147703805+gauravsaini04@users.noreply.github.com> Date: Fri, 13 Dec 2024 03:22:21 +0530 Subject: [PATCH] [python] - setuptools - GHSA-cx63-2mw6-8hw5 - v69.0.3 to v70.0.0 (#1219) * [python] - setuptools - GHSA-cx63-2mw6-8hw5 - v69.0.3 to v70.0.0 * Updating the python setuptools version to the latest one 75.6.0 as needed for PR #1219 --------- Co-authored-by: Kaniska244 --- src/python/.devcontainer/Dockerfile | 2 +- src/python/test-project/test.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/python/.devcontainer/Dockerfile b/src/python/.devcontainer/Dockerfile index 80fb0a91a..ef0c51880 100644 --- a/src/python/.devcontainer/Dockerfile +++ b/src/python/.devcontainer/Dockerfile @@ -9,7 +9,7 @@ RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \ # Temporary: Upgrade python packages due to https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40897 and https://github.com/advisories/GHSA-2mqj-m65w-jghx # They are installed by the base image (python) which does not have the patch. RUN python3 -m pip install --upgrade \ - setuptools==69.0.3 \ + setuptools==75.6.0 \ gitpython==3.1.41 # [Optional] If your pip requirements rarely change, uncomment this section to add them to the image. diff --git a/src/python/test-project/test.sh b/src/python/test-project/test.sh index 7a309bdca..b30c6046f 100755 --- a/src/python/test-project/test.sh +++ b/src/python/test-project/test.sh @@ -40,7 +40,7 @@ check "gitconfig-contains-name" sh -c "cat /etc/gitconfig | grep 'name = devcont check "usr-local-etc-config-does-not-exist" test ! -f "/usr/local/etc/gitconfig" setuptools_version=$(python -c "import setuptools; print(setuptools.__version__)") -check-version-ge "setuptools-requirement" "${setuptools_version}" "65.5.1" +check-version-ge "setuptools-requirement" "${setuptools_version}" "75.6.0" # https://github.com/advisories/GHSA-2mqj-m65w-jghx gitpython_version=$(python -c "import git; print(git.__version__)")