Universal Anaconda: Update "wheel" due to CVE-2022-40898 (devcontainers#456)

Author: samruddhikhandale

src/anaconda/.devcontainer/Dockerfile

@@ -65,7 +65,9 @@ RUN python3 -m pip install \
     # https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34141
     numpy \
     # https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23491
-    certifi
+    certifi \
+    # https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40898
+    wheel
 
 # Copy environment.yml (if found) to a temp location so we can update the environment. Also
 # copy "noop.txt" so the COPY instruction does not fail if no environment.yml exists.

src/anaconda/manifest.json

@@ -29,7 +29,8 @@
 			"cryptography",
 			"mistune",
 			"numpy",
-			"certifi"
+			"certifi",
+			"wheel"
 		],
 		"other": {
 			"git": {},

src/anaconda/test-project/test.sh

@@ -44,5 +44,8 @@ check-version-ge "mistune-requirement" "${mistune_version}" "2.0.3"
 numpy_version=$(python -c "import numpy; print(numpy.__version__)")
 check-version-ge "numpy-requirement" "${numpy_version}" "1.22"
 
+wheel_version=$(python -c "import wheel; print(wheel.__version__)")
+check-version-ge "wheel-requirement" "${wheel_version}" "0.38.1"
+
 # Report result
 reportResults

src/universal/manifest.json

@@ -118,7 +118,8 @@
 			"requests",
 			"plotly",
 			"jupyterlab-git",
-			"certifi"
+			"certifi",
+			"wheel"
 		],
 		"other": {
 			"git": {},

src/universal/test-project/test.sh

@@ -181,6 +181,9 @@ check "java-version-on-path-is-12.0.2" java --version | grep 12.0.2
 MAVEN_PATH=$(cd /usr/local/sdkman/candidates/maven/3*/lib/ && pwd)
 check "commons-io-lib" bash -c "ls ${MAVEN_PATH} | grep commons-io-2.11.jar"
 
+wheel_version=$(python -c "import wheel; print(wheel.__version__)")
+check-version-ge "wheel-requirement" "${wheel_version}" "0.38.1"
+
 ls -la /home/codespace
 
 # Report result