[anaconda] - remove patches when similar or higher versions are avail…

…able from upstream (#1228)
devcontainers · Nov 22, 2024 · f8d046c · f8d046c
1 parent 4c7acf3
commit f8d046c
Showing 1 changed file with 3 additions and 7 deletions.
diff --git a/src/anaconda/.devcontainer/apply_security_patches.sh b/src/anaconda/.devcontainer/apply_security_patches.sh
@@ -1,14 +1,10 @@
 #!/bin/bash
 
 # vulnerabilities:
-# streamlit - [GHSA-rxff-vr5r-8cj5]
-# notebook, jupyterlab - [GHSA-9q39-rmj3-p4r2]
-# cryptography, pyopenssl - [GHSA-h4gh-qq45-vh27]
-# nltk - [GHSA-cgvx-9447-vcch]
+# werkzeug - [GHSA-f9vj-2wh5-fj8j]
 
-vulnerable_packages=( "pydantic=2.5.3" "joblib=1.3.1" "mistune=3.0.1" "werkzeug=3.0.3" "transformers=4.36.0" "pillow=10.3.0" "aiohttp=3.10.2" "pyopenssl=24.2.1" \
-          "cryptography=43.0.1" "gitpython=3.1.41"  "jupyter-lsp=2.2.2" "idna=3.7" "jinja2=3.1.4" "scrapy=2.11.2" "black=24.4.2" "requests=2.32.2" \
-          "jupyter_server=2.14.1" "tornado=6.4.1" "tqdm=4.66.4" "urllib3=2.2.2" "scikit-learn=1.5.0" "zipp=3.19.1" "streamlit=1.37.0" "notebook=7.2.2" "nltk=3.9" "imagecodecs=2023.9.18" "setuptools=70.0.0" )
+vulnerable_packages=( "mistune=3.0.1" "werkzeug=3.0.6" "transformers=4.36.0" "cryptography=43.0.1" "jupyter-lsp=2.2.2" "scrapy=2.11.2" \
+                      "zipp=3.19.1" "imagecodecs=2023.9.18" )
 
 # Define the number of rows (based on the length of vulnerable_packages)
 rows=${#vulnerable_packages[@]}