File tree Expand file tree Collapse file tree 3 files changed +8
-2
lines changed
javascript-node/.devcontainer/library-scripts
.devcontainer/local-features/setup-user Expand file tree Collapse file tree 3 files changed +8
-2
lines changed Original file line number Diff line number Diff line change @@ -5,6 +5,7 @@ IMAGE_VARIANT=$1
55# Temporary: These packages are installed by the base image (node) for `node:14` which does not have the patch.
66# Upgrade 'decode-uri-component' due to https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38900
77# Upgrade 'ansi-regex ' due to https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3807
8+ # Upgrade 'minimatch' due to https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3517
89if [[ " ${IMAGE_VARIANT} " =~ " 14" ]] ; then
910 cd /usr/local/lib/node_modules/npm
1011 npm update --save
Original file line number Diff line number Diff line change @@ -23,8 +23,10 @@ export DEBIAN_FRONTEND=noninteractive
2323# Temporary: Upgrade NPM packages due to mentioned CVEs.
2424# decode-uri-component: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38900
2525# ansi-regex: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3807
26+ # minimatch: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3517
2627NPM_PACKAGES_LIST=" decode-uri-component
27- ansi-regex"
28+ ansi-regex
29+ minimatch"
2830
2931cd /usr/local/share/nvm/versions/node/v14* /lib/node_modules/npm
3032npm install ${NPM_PACKAGES_LIST}
Original file line number Diff line number Diff line change @@ -170,13 +170,16 @@ check "oryx-install-java-12.0.2" oryx prep --skip-detection --platforms-and-vers
170170check " java-12.0.2-installed-by-oryx" ls /opt/java/ | grep 12.0.2
171171check " java-version-on-path-is-12.0.2" java --version | grep 12.0.2
172172
173- cd /usr/local/share/nvm/versions/node/v14.21.1 /lib/node_modules/npm
173+ cd /usr/local/share/nvm/versions/node/v14* /lib/node_modules/npm
174174decodeVersion=$( npm ls --depth 1 --json | jq -r ' .dependencies."decode-uri-component".version' )
175175check-version-ge " decode-uri-component" " ${decodeVersion} " " 0.2.1"
176176
177177ansiVersion=$( npm ls --depth 1 --json | jq -r ' .dependencies."ansi-regex".version' )
178178check-version-ge " ansi-regex" " ${ansiVersion} " " 6.0.0"
179179
180+ minimatchVersion=$( npm ls --depth 1 --json | jq -r ' .dependencies.minimatch.version' )
181+ check-version-ge " minimatch" " ${minimatchVersion} " " 3.0.5"
182+
180183ls -la /home/codespace
181184
182185# Report result
You can’t perform that action at this time.
0 commit comments