[universal] - check toolings - monthly task (#1108)

gauravsaini04 · samruddhikhandale · web-flow · commit bf3230306573 · 2024-07-16T13:36:32.000-07:00
* [universal] - check toolings - monthly task

* remove patches applied for 3.9 and 3.10

* changes for review comments.. update python version for oryx compat.

* remove setuptools check in python 3.9

* Update src/universal/.devcontainer/devcontainer.json

Co-authored-by: Samruddhi Khandale &lt;samruddhikhandale@github.com&gt;

---------

Co-authored-by: Samruddhi Khandale &lt;samruddhikhandale@github.com&gt;
diff --git a/src/universal/.devcontainer/devcontainer.json b/src/universal/.devcontainer/devcontainer.json
@@ -23,8 +23,8 @@
         },
         "./local-features/nvs": "latest",
         "ghcr.io/devcontainers/features/python:1": {
-            "version": "3.10.13",
-            "additionalVersions": "3.9.18",
+            "version": "3.12.1",
+            "additionalVersions": "3.11.9",
             "installJupyterlab": "true",
             "configureJupyterlabAllowOrigin": "*",
             "useOryxIfAvailable": "false"
@@ -39,8 +39,8 @@
             "version": "latest"
         },
         "ghcr.io/devcontainers/features/ruby:1": {
-            "version": "3.2",
-            "additionalVersions": "3.1"
+            "version": "3.3.4",
+            "additionalVersions": "3.3.2"
         },
         "ghcr.io/devcontainers/features/java:1": {
             "version": "21",
diff --git a/src/universal/.devcontainer/local-features/patch-python/install.sh b/src/universal/.devcontainer/local-features/patch-python/install.sh
@@ -38,13 +38,3 @@ update_package() {
     sudo_if "$PYTHON_PATH -m pip install --upgrade --no-cache-dir $PACKAGE==$VERSION"
     sudo_if "$PYTHON_PATH -m pip show --no-python-version-warning $PACKAGE"
 }
-
-# Temporary: Upgrade python packages due to security vulnerabilities
-# They are installed by the base image (python) which does not have the patch.
-
-# https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40897
-update_package /usr/local/python/3.9.*/bin/python setuptools 65.5.1
-update_package /usr/local/python/3.10.*/bin/python setuptools 68.2.2
-
-# https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45803
-update_package /usr/local/python/3.10.*/bin/python urllib3 2.0.7
diff --git a/src/universal/test-project/test.sh b/src/universal/test-project/test.sh
@@ -190,9 +190,6 @@ checkPythonPackageVersion "python" "setuptools" "65.5.1"
 checkPythonPackageVersion "python" "requests" "2.31.0"
 checkPythonPackageVersion "python" "urllib3" "2.0.7"
 
-## Python 3.9
-checkPythonPackageVersion "/usr/local/python/3.9.*/bin/python" "setuptools" "65.5.1"
-
 ## Conda Python
 checkCondaPackageVersion "requests" "2.31.0"
 checkCondaPackageVersion "cryptography" "41.0.4"
