From e72981020fffb242482cf8c630eab14f4f40a304 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 10 Jul 2024 05:25:04 +0000 Subject: [PATCH 1/5] fix: deployment/init-db/requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899 --- deployment/init-db/requirements.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/deployment/init-db/requirements.txt b/deployment/init-db/requirements.txt index c63f8dc..4000c41 100644 --- a/deployment/init-db/requirements.txt +++ b/deployment/init-db/requirements.txt @@ -2,3 +2,4 @@ psycopg2-binary==2.9.9 python-dotenv==1.0.0 GDAL==3.2.2 Fiona==1.9.4.post1 +zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability From a1c3077551df4f3548d4df7232f65152a33af896 Mon Sep 17 00:00:00 2001 From: Nikolay Martyanov Date: Thu, 11 Jul 2024 15:14:56 +0200 Subject: [PATCH 2/5] deploy: Update Makefile for environment file check. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Changed the error message in the Makefile to reference .env.development instead of .env. This ensures consistency with the project’s development environment setup. Signed-off-by: Nikolay Martyanov --- deployment/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deployment/Makefile b/deployment/Makefile index 8d00773..75a2944 100644 --- a/deployment/Makefile +++ b/deployment/Makefile @@ -19,7 +19,7 @@ REQUIRED_ENV_VARS = DB_NAME DB_USER DB_PASSWORD GADM_FILE POSTGIS_VERSION # ---- Environment Checks ---- check-env: @if [ ! -f $(ENV_FILE) ]; then \ - echo "Error: .env file is missing. Initialize it from .env.example."; \ + echo "Error: .env.development file is missing. Initialize it from .env.development.example."; \ exit 1; \ fi @for var in $(REQUIRED_ENV_VARS); do \ From 6567d3bdfa3f64ca4052f00e080b9e888d5de95a Mon Sep 17 00:00:00 2001 From: Nikolay Martyanov Date: Thu, 11 Jul 2024 16:24:09 +0200 Subject: [PATCH 3/5] back: Downgrade eslint to ^8.2.0 in package.json. Downgrade eslint version from ^9.0.0 to ^8.2.0 due to incompatibility with eslint-config-airbnb, which does not yet support eslint 9. Signed-off-by: Nikolay Martyanov --- backend/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend/package.json b/backend/package.json index b86a627..5a294de 100644 --- a/backend/package.json +++ b/backend/package.json @@ -4,7 +4,7 @@ "description": "Backend for Track Your Regions", "devDependencies": { "dotenv-cli": "^7.3.0", - "eslint": "^9.0.0", + "eslint": "^8.2.0", "eslint-config-airbnb": "^19.0.4", "eslint-plugin-markdownlint": "^0.6.0", "nodemon": "^3.0.1", From 455597e3c72d8fda8e73bb51cd69b2da18026ba9 Mon Sep 17 00:00:00 2001 From: Nikolay Martyanov Date: Thu, 11 Jul 2024 16:25:03 +0200 Subject: [PATCH 4/5] front: Downgrade eslint to ^8.2.0 in package.json. Downgrade eslint version from ^9.0.0 to ^8.2.0 due to incompatibility with eslint-config-airbnb, which does not yet support eslint 9. Signed-off-by: Nikolay Martyanov --- frontend/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/frontend/package.json b/frontend/package.json index f448eb7..a1d90ac 100644 --- a/frontend/package.json +++ b/frontend/package.json @@ -38,7 +38,7 @@ ] }, "devDependencies": { - "eslint": "^9.0.0", + "eslint": "^8.2.0", "eslint-config-airbnb": "^19.0.4", "eslint-plugin-markdownlint": "^0.6.0", "react-scripts": "^5.0.1" From 17456aeebcd0d420d8f0a86a84a190da236d7d22 Mon Sep 17 00:00:00 2001 From: Nikolay Martyanov Date: Thu, 11 Jul 2024 16:28:05 +0200 Subject: [PATCH 5/5] deploy: Add check-gadm-file dependency to build target in Makefile. Add check-gadm-file as a dependency for the build target to ensure the GADM file is present before initiating the build process. This is necessary because the Docker Compose configuration relies on the GADM file as a volume for the container. Signed-off-by: Nikolay Martyanov --- deployment/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deployment/Makefile b/deployment/Makefile index 75a2944..99d0af6 100644 --- a/deployment/Makefile +++ b/deployment/Makefile @@ -86,7 +86,7 @@ reinit-db: check-gadm-file clean-volume init-db stop: $(DC) stop -build: check-env +build: check-env check-gadm-file $(DC) build run: check-env