Skip to content

Commit

Permalink
Updating packages with vulnerabilities (cvat-ai#7713)
Browse files Browse the repository at this point in the history
  • Loading branch information
novda authored Apr 12, 2024
1 parent f1d308e commit fbc2610
Show file tree
Hide file tree
Showing 10 changed files with 16 additions and 14 deletions.
8 changes: 5 additions & 3 deletions .github/workflows/schedule.yml
Original file line number Diff line number Diff line change
Expand Up @@ -153,9 +153,11 @@ jobs:
- name: OPA tests
run: |
curl -L -o opa https://openpolicyagent.org/downloads/v0.45.0/opa_linux_amd64_static
chmod +x ./opa
./opa test cvat/apps/iam/rules
python cvat/apps/iam/rules/tests/generate_tests.py \
--output-dir cvat/apps/iam/rules/
docker compose run --rm -v "$PWD/cvat/apps/iam/rules/:/mnt/rules" \
cvat_opa test /mnt/rules
- name: REST API and SDK tests
run: |
Expand Down
2 changes: 1 addition & 1 deletion cvat-cli/requirements/base.txt
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
cvat-sdk~=2.12.0
Pillow>=10.1.0
Pillow>=10.3.0
setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability
2 changes: 1 addition & 1 deletion cvat-sdk/requirements/base.txt
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

attrs >= 21.4.0
packaging >= 21.3
Pillow >= 10.1.0
Pillow >= 10.3.0
platformdirs >= 2.1.0
tqdm >= 4.64.0
tuspy == 0.2.5 # have it pinned, because SDK has lots of patched TUS code
Expand Down
4 changes: 2 additions & 2 deletions cvat/requirements/base.in
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ django-filter==2.4.0
django-health-check>=3.18.1,<4
django-rq==2.8.1
django-sendfile2==0.7.0
Django~=4.2.1
Django~=4.2.7
djangorestframework~=3.14.0
drf-spectacular==0.26.2
furl==2.1.0
Expand All @@ -36,7 +36,7 @@ opencv-python-headless~=4.8
patool==1.12

pdf2image==1.14.0
Pillow>=10.1.0
Pillow>=10.3.0
psutil==5.9.4
psycopg2-binary==2.9.5
python-ldap==3.4.3
Expand Down
2 changes: 1 addition & 1 deletion docker-compose.yml
Original file line number Diff line number Diff line change
Expand Up @@ -274,7 +274,7 @@ services:

cvat_opa:
container_name: cvat_opa
image: openpolicyagent/opa:0.45.0-rootless
image: openpolicyagent/opa:0.63.0
restart: always
networks:
cvat:
Expand Down
2 changes: 1 addition & 1 deletion helm-chart/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -180,7 +180,7 @@ cvat:
opa:
replicas: 1
image: openpolicyagent/opa
tag: 0.45.0-rootless
tag: 0.63.0
imagePullPolicy: IfNotPresent
labels: {}
# test: test
Expand Down
4 changes: 2 additions & 2 deletions site/content/en/docs/contributing/running-tests.md
Original file line number Diff line number Diff line change
Expand Up @@ -213,13 +213,13 @@ python cvat/apps/iam/rules/tests/generate_tests.py \
- In a Docker container
```bash
docker run --rm -v ${PWD}/cvat/apps/iam/rules:/rules \
openpolicyagent/opa:0.45.0-rootless \
openpolicyagent/opa:0.63.0 \
test /rules -v
```

- or execute OPA directly
```bash
curl -L -o opa https://openpolicyagent.org/downloads/v0.45.0/opa_linux_amd64_static
curl -L -o opa https://openpolicyagent.org/downloads/v0.63.0/opa_linux_amd64_static
chmod +x ./opa
./opa test cvat/apps/iam/rules
```
Expand Down
2 changes: 1 addition & 1 deletion tests/python/requirements.txt
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ pytest-cov==4.1.0
requests==2.31.0
deepdiff==5.6.0
boto3==1.17.61
Pillow==10.2.0
Pillow==10.3.0
python-dateutil==2.8.2
pyyaml==6.0.0
numpy==1.22.0
2 changes: 1 addition & 1 deletion utils/dataset_manifest/requirements.in
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
av==9.2.0 # Pinned for the whole CVAT
natsort>=8.0.0
opencv-python-headless>=4.4.0.42
Pillow>=10.1.0
Pillow>=10.3.0
tqdm>=4.58.0
2 changes: 1 addition & 1 deletion utils/dicom_converter/requirements.txt
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
numpy==1.22.0
Pillow==10.2.0
Pillow==10.3.0
pydicom==2.1.2
tqdm==4.60.0

0 comments on commit fbc2610

Please sign in to comment.