Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SCANCLI-139 Remove Python from installed libraries #217

Merged
merged 1 commit into from
Apr 16, 2024
Merged

SCANCLI-139 Remove Python from installed libraries #217

merged 1 commit into from
Apr 16, 2024

Conversation

csaba-feher-sonarsource
Copy link
Contributor

No description provided.

@pierre-guillot-gh
Copy link
Contributor

pierre-guillot-gh commented Apr 15, 2024
edited

I'm waiting for:

  • Confirmation from the analysis council that no analyzer requires Python at Runtime
  • Confirmation from ex-purple squad that we are not missing anything while removing this

@csaba-feher-sonarsource csaba-feher-sonarsource force-pushed the task/cfeher/SONAR-22089-remove-python-vulnerabilities branch from 458a52c to c7cc852 Compare April 15, 2024 14:54
@pierre-guillot-gh pierre-guillot-gh force-pushed the task/cfeher/SONAR-22089-remove-python-vulnerabilities branch from c7cc852 to bea59c6 Compare April 15, 2024 14:54
@pierre-guillot-gh pierre-guillot-gh enabled auto-merge (rebase) April 15, 2024 14:59
@csaba-feher-sonarsource csaba-feher-sonarsource changed the title SONAR-22089 Remove Python from installed libraries SCANCLI-139 Remove Python from installed libraries Apr 15, 2024
@pierre-guillot-gh pierre-guillot-gh enabled auto-merge (rebase) April 15, 2024 15:04
@csaba-feher-sonarsource csaba-feher-sonarsource force-pushed the task/cfeher/SONAR-22089-remove-python-vulnerabilities branch from bea59c6 to ed9f75f Compare April 16, 2024 08:10
@sonarqube-next SonarQube-Next
Copy link

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarQube

@pierre-guillot-gh pierre-guillot-gh merged commit 12704bd into master Apr 16, 2024
8 checks passed
@pierre-guillot-gh pierre-guillot-gh deleted the task/cfeher/SONAR-22089-remove-python-vulnerabilities branch April 16, 2024 08:18
gaiazov
gaiazov reviewed Apr 16, 2024
View reviewed changes
5/Dockerfile
@@ -20,7 +20,7 @@ RUN set -eux; \
addgroup -S -g 1000 scanner-cli; \
adduser -S -D -u 1000 -G scanner-cli scanner-cli; \
apk add --no-cache --virtual build-dependencies wget unzip gnupg; \
apk add --no-cache git python3 py3-pip py3-pylint bash shellcheck "nodejs>=18" openjdk17-jre curl musl-locales musl-locales-lang; \
apk add --no-cache git bash shellcheck "nodejs>=18" openjdk17-jre musl-locales musl-locales-lang; \
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Did y'all mean to remove curl from the image? Wondering if we need to update our pipelines to install curl now, or this was unintentional

@csaba-feher-sonarsource
Copy link
Contributor Author

Hi All,

We will reevaluate whether we would like to keep those libraries. For now, what I can ensure is that if we change any of those, it will happen after proper versioning and proper communication. Sorry for the disruption.

There was an error in the release process, mitigated by reverting the changes.
Please see more details: https://community.sonarsource.com/t/outage-sonarscanner-cli-docker-sonarqube-sonarcloud-github-actions/113548/27

Thanks
Csaba

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gaiazov gaiazov gaiazov left review comments

@pierre-guillot-gh pierre-guillot-gh pierre-guillot-gh approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
3 participants
@csaba-feher-sonarsource @pierre-guillot-gh @gaiazov