Universal: Update versions of languages/SDKs (devcontainers#267)

samruddhikhandale · web-flow · commit 0329c1db3336 · 2023-01-13T13:02:29.000-08:00
* Universal: Update versions for languages

* php - add three part

* remove node v14 patches

* revert python changes: not supported by oryx

* fix tests

* Node - 19 &amp; 18
diff --git a/src/universal/.devcontainer/devcontainer.json b/src/universal/.devcontainer/devcontainer.json
@@ -18,8 +18,8 @@
             "version": "latest"
         },
         "ghcr.io/devcontainers/features/node:1": {
-            "version": "16",
-            "additionalVersions": "14"
+            "version": "19",
+            "additionalVersions": "18"
         },
         "./local-features/nvs": "latest",
         "ghcr.io/devcontainers/features/python:1": {
@@ -30,8 +30,8 @@
         },
         "./local-features/machine-learning-packages": "latest",
         "ghcr.io/devcontainers/features/php:1": {
-            "version": "8.1.4",
-            "additionalVersions": "8.0.16",
+            "version": "8.2.1",
+            "additionalVersions": "8.1.14",
             "installComposer": "true"
         },
         "ghcr.io/devcontainers/features/conda:1": {
diff --git a/src/universal/.devcontainer/local-features/setup-user/install.sh b/src/universal/.devcontainer/local-features/setup-user/install.sh
@@ -57,51 +57,6 @@ curl -sSL https://github.com/apache/commons-io/archive/refs/tags/commons-io-2.11
 jar cf ${MAVEN_PATH}/commons-io-2.11.jar /tmp/commons-io-commons-io-2.11.0-RC1
 rm -rf /tmp/commons-io-commons-io-2.11.0-RC1
 
-# Temporary: Upgrade NPM packages due to mentioned CVEs.
-# ansi-regex: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3807
-# decode-uri-component: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38900
-# diff: https://github.com/advisories/GHSA-h6ch-v84p-w6p9
-# got: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33987
-# minimatch: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3517
-# qs: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24999
-NPM_PACKAGES_LIST="ansi-regex
-    decode-uri-component
-    diff
-    got
-    minimatch
-    qs"
-
-cd /usr/local/share/nvm/versions/node/v14*/lib/node_modules/npm
-npm install ${NPM_PACKAGES_LIST}
-
-# Temporary: ajv: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15366
-npm install ajv@8.11.2
-
-cd /usr/local/share/nvm/versions/node/v14*/lib/node_modules/npm/node_modules/eslint
-npm install ajv@8.11.2
-
-# Temporary: marked: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21680
-npm install marked-man@1.3.1
-npm install marked@4.2.5
-
-# Temporary: ansi-regex: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3807
-cd /usr/local/share/nvm/versions/node/v14*/lib/node_modules/npm/node_modules/string-width
-npm install ansi-regex --save
-
-cd /usr/local/share/nvm/versions/node/v14*/lib/node_modules/npm/node_modules/yargs
-npm install ansi-regex --save
-
-# Temporary due to minimist: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44906 & https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7598
-cd /usr/local/share/nvm/versions/node/v14*/lib/node_modules/npm/node_modules/tacks
-npm update mkdirp
-
-# Temporary due to diff: https://github.com/advisories/GHSA-h6ch-v84p-w6p9
-npm install diff
-
-# Temporary: got: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-33987
-cd /usr/local/share/nvm/versions/node/v14*/lib/node_modules/npm/node_modules/package-json/
-npm install got@12.5.3
-
 # Temporary: Due to https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0536 & https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0155
 rm -rf /usr/local/nvs/deps/node_modules/follow-redirects/*
 curl -sSL https://github.com/follow-redirects/follow-redirects/archive/refs/tags/v1.15.2.tar.gz | tar -xzC /tmp 2>&1
diff --git a/src/universal/test-project/test.sh b/src/universal/test-project/test.sh
@@ -129,7 +129,7 @@ check "run-puppeteer" node puppeteer.js
 check "oryx" oryx --version
 
 # Ensures nvm works in a Node Project
-check "default-node-version" bash -c "node --version | grep 16."
+check "default-node-version" bash -c "node --version | grep 19."
 check "default-node-location" bash -c "which node | grep /home/codespace/nvm/current/bin"
 check "oryx-build-node-projectr" bash -c "oryx build ./sample/node"
 check "oryx-configured-current-node-version" bash -c "ls -la /home/codespace/nvm/current | grep /opt/nodejs"
@@ -180,58 +180,6 @@ check "testng-plugin" bash -c "ls ${GRADLE_PATH} | grep testng-7.7.0.jar"
 MAVEN_PATH=$(cd /usr/local/sdkman/candidates/maven/3*/lib/ && pwd)
 check "commons-io-lib" bash -c "ls ${MAVEN_PATH} | grep commons-io-2.11.jar"
 
-cd /usr/local/share/nvm/versions/node/v14*/lib/node_modules/npm
-
-decodeVersion=$(npm ls --depth 1 --json | jq -r '.dependencies."decode-uri-component".version')
-check-version-ge "decode-uri-component" "${decodeVersion}" "0.2.1"
-
-ansiVersion=$(npm ls --depth 1 --json | jq -r '.dependencies."ansi-regex".version')
-check-version-ge "ansi-regex" "${ansiVersion}" "6.0.1"
-
-minimatchVersion=$(npm ls --depth 1 --json | jq -r '.dependencies.minimatch.version')
-check-version-ge "minimatch" "${minimatchVersion}" "3.0.5"
-
-gotVersion=$(npm ls --depth 1 --json | jq -r '.dependencies.got.version')
-check-version-ge "got" "${gotVersion}" "12.1.0"
-
-ajvVersion=$(npm ls --depth 1 --json | jq -r '.dependencies.ajv.version')
-check-version-ge "ajv" "${ajvVersion}" "6.12.3"
-
-markedVersion=$(npm ls --depth 1 --json | jq -r '.dependencies.marked.version')
-check-version-ge "marked" "${markedVersion}" "4.0.10"
-
-qsVersion=$(npm ls --depth 1 --json | jq -r '.dependencies.qs.version')
-check-version-ge "qs" "${qsVersion}" "6.10"
-
-diffVersion=$(npm ls --depth 1 --json | jq -r '.dependencies.diff.version')
-check-version-ge "diff" "${diffVersion}" "3.5"
-
-cd /usr/local/share/nvm/versions/node/v14*/lib/node_modules/npm/node_modules/package-json/
-
-gotVersion=$(npm ls --depth 1 --json | jq -r '.dependencies.got.version')
-check-version-ge "got" "${gotVersion}" "12.1.0"
-
-cd /usr/local/share/nvm/versions/node/v14*/lib/node_modules/npm/node_modules/string-width
-
-ansiVersion=$(npm ls --depth 1 --json | jq -r '.dependencies."ansi-regex".version')
-check-version-ge "ansi-regex-2" "${ansiVersion}" "6.0.1"
-
-cd /usr/local/share/nvm/versions/node/v14*/lib/node_modules/npm/node_modules/tacks
-
-minimistVersion=$(npm ls --depth 1 --json | jq -r '.dependencies.mkdirp.dependencies.minimist.version')
-check-version-ge "minimist" "${minimistVersion}" "1.2.6"
-
-diffVersion=$(npm ls --depth 1 --json | jq -r '.dependencies.diff.version')
-check-version-ge "diff-2" "${diffVersion}" "3.5"
-
-cd /usr/local/share/nvm/versions/node/v14*/lib/node_modules/npm/node_modules/eslint
-
-ajvVersion=$(npm ls --depth 1 --json | jq -r '.dependencies.ajv.version')
-check-version-ge "ajv-2" "${ajvVersion}" "6.12.3"
-
-cd /usr/local/share/nvm/versions/node/v14*/lib/node_modules/npm/node_modules/yargs
-ansiVersion=$(npm ls --depth 1 --json | jq -r '.dependencies."ansi-regex".version')
-check-version-ge "ansi-regex-3" "${ansiVersion}" "6.0.1"
 
 ls -la /home/codespace
 
