From 26f0f24d90045df536bc0460e56b27061223187b Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Mon, 19 Sep 2022 11:02:57 -0400 Subject: [PATCH 01/18] Bump python from 3.10.5 to 3.10.7 Also switch to hardcoding the Python version in image tags instead of taking it as a build argument. --- Dockerfile | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index 7ee7cb1..66d540f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,4 @@ -ARG PY_VERSION=3.10.5 - -FROM python:${PY_VERSION}-bullseye AS compile-stage +FROM python:3.10.7-bullseye AS compile-stage # For a list of pre-defined annotation keys and value types see: # https://github.com/opencontainers/image-spec/blob/master/annotations.md @@ -36,7 +34,7 @@ RUN PIPENV_VENV_IN_PROJECT=1 pipenv sync # as a last step. RUN python -m pip uninstall --yes pipenv -FROM python:${PY_VERSION}-slim-bullseye AS build-stage +FROM python:3.10.7-slim-bullseye AS build-stage RUN apt-get update \ && apt-get install -y --allow-downgrades --no-install-recommends \ From 88d14aaa638c291d39bd587cf60c7c2b40d67801 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Mon, 19 Sep 2022 11:39:08 -0400 Subject: [PATCH 02/18] Update apt package versions Update the versions of apt packages installed to the latest available. --- Dockerfile | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index 66d540f..6ef1167 100644 --- a/Dockerfile +++ b/Dockerfile @@ -9,7 +9,7 @@ LABEL org.opencontainers.image.vendor="Cybersecurity and Infrastructure Security RUN apt-get update \ && apt-get install -y --allow-downgrades --no-install-recommends \ libxml2-dev=2.9.10+dfsg-6.7+deb11u2 \ - libxslt1-dev=1.1.34-4 + libxslt1-dev=1.1.34-4+deb11u1 ENV PY_VENV=/.venv @@ -39,10 +39,10 @@ FROM python:3.10.7-slim-bullseye AS build-stage RUN apt-get update \ && apt-get install -y --allow-downgrades --no-install-recommends \ ca-certificates=20210119 \ - chromium=102.0.5005.115-1~deb11u1 \ - chromium-common=102.0.5005.115-1~deb11u1 \ + chromium=104.0.5112.79-1~deb11u1 \ + chromium-common=104.0.5112.79-1~deb11u1 \ libxml2-dev=2.9.10+dfsg-6.7+deb11u2 \ - libxslt1-dev=1.1.34-4 \ + libxslt1-dev=1.1.34-4+deb11u1 \ && apt-get clean \ && rm -rf /var/lib/apt/lists/* From dcef8323d25ac9fb79bc395e9dc729e5a89ef569 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Mon, 19 Sep 2022 11:50:27 -0400 Subject: [PATCH 03/18] Update Python dependencies This includes updating the version of Python configured in the Pipfile to match the version of Python used in the Docker image. --- Dockerfile | 6 +- src/Pipfile | 2 +- src/Pipfile.lock | 199 ++++++++++++++++++++++++----------------------- 3 files changed, 107 insertions(+), 100 deletions(-) diff --git a/Dockerfile b/Dockerfile index 6ef1167..f11a492 100644 --- a/Dockerfile +++ b/Dockerfile @@ -19,9 +19,9 @@ ENV PATH="${PY_VENV}/bin:$PATH" # Install core Python dependencies RUN python -m pip install --no-cache-dir \ - pip==22.1.2 \ - pipenv==2022.6.7 \ - setuptools==62.4.0 \ + pip==22.2.2 \ + pipenv==2022.9.8 \ + setuptools==65.3.0 \ wheel==0.37.1 # Install vdp_scanner.py requirements diff --git a/src/Pipfile b/src/Pipfile index f3fc252..4f0c178 100644 --- a/src/Pipfile +++ b/src/Pipfile @@ -10,4 +10,4 @@ requests = "*" urllib3 = "*" [requires] -python_version = "3.10.5" +python_full_version = "3.10.7" diff --git a/src/Pipfile.lock b/src/Pipfile.lock index 7b3822c..f323ffc 100644 --- a/src/Pipfile.lock +++ b/src/Pipfile.lock @@ -1,11 +1,11 @@ { "_meta": { "hash": { - "sha256": "e8ae42f580e83354859bddd9998c6f7bc11829b106e9085cc8c1ece2834a4e1d" + "sha256": "5421461f8604ed88c4adcf7ba39dadbb3262137f2cb50f4c2db64890dcd64196" }, "pipfile-spec": 6, "requires": { - "python_version": "3.10.5" + "python_full_version": "3.10.7" }, "sources": [ { @@ -33,19 +33,19 @@ }, "certifi": { "hashes": [ - "sha256:84c85a9078b11105f04f3036a9482ae10e4621616db313fe045dd24743a0820d", - "sha256:fe86415d55e84719d75f8b69414f6438ac3547d2078ab91b67e779ef69378412" + "sha256:36973885b9542e6bd01dea287b2b4b3b21236307c56324fcc3f1160f2d655ed5", + "sha256:e232343de1ab72c2aa521b625c80f699e356830fd0e2c620b465b304b17b0516" ], "markers": "python_version >= '3.6'", - "version": "==2022.6.15" + "version": "==2022.9.14" }, "charset-normalizer": { "hashes": [ - "sha256:2857e29ff0d34db842cd7ca3230549d1a697f96ee6d3fb071cfa6c7393832597", - "sha256:6881edbebdb17b39b4eaaa821b438bf6eddffb4468cf344f09f89def34a8b1df" + "sha256:5a3d016c7c547f69d6f81fb0db9449ce888b418b5b9952cc5e6e66843e9dd845", + "sha256:83e9a75d1911279afd89352c68b45348559d1fc0506b054b346651b5e7fee29f" ], - "markers": "python_full_version >= '3.5.0'", - "version": "==2.0.12" + "markers": "python_version >= '3.6'", + "version": "==2.1.1" }, "contextlib2": { "hashes": [ @@ -71,88 +71,95 @@ }, "idna": { "hashes": [ - "sha256:84d9dd047ffa80596e0f246e2eab0b391788b0503584e8945f2368256d2735ff", - "sha256:9d643ff0a55b762d5cdb124b8eaa99c66322e2157b69160bc32796e824360e6d" + "sha256:814f528e8dead7d329833b91c5faa87d60bf71824cd12a7530b5526063d02cb4", + "sha256:90b77e79eaa3eba6de819a0c442c0b4ceefc341a7a2ab77d7562bf49f425c5c2" ], - "markers": "python_full_version >= '3.5.0'", - "version": "==3.3" + "markers": "python_version >= '3.5'", + "version": "==3.4" }, "importlib-metadata": { "hashes": [ - "sha256:5d26852efe48c0a32b0509ffbc583fda1a2266545a78d104a6f4aff3db17d700", - "sha256:c58c8eb8a762858f49e18436ff552e83914778e50e9d2f1660535ffb364552ec" + "sha256:637245b8bab2b6502fcbc752cc4b7a6f6243bb02b31c5c26156ad103d3d45670", + "sha256:7401a975809ea1fdc658c3aa4f78cc2195a0e019c5cbc4c06122884e9ae80c23" ], "markers": "python_version >= '3.7'", - "version": "==4.11.4" + "version": "==4.12.0" }, "lxml": { "hashes": [ - "sha256:00f3a6f88fd5f4357844dd91a1abac5f466c6799f1b7f1da2df6665253845b11", - "sha256:024684e0c5cfa121c22140d3a0898a3a9b2ea0f0fd2c229b6658af4bdf1155e5", - "sha256:03370ec37fe562238d385e2c53089076dee53aabf8325cab964fdb04a9130fa0", - "sha256:0aa4cce579512c33373ca4c5e23c21e40c1aa1a33533a75e51b654834fd0e4f2", - "sha256:1057356b808d149bc14eb8f37bb89129f237df488661c1e0fc0376ca90e1d2c3", - "sha256:11d62c97ceff9bab94b6b29c010ea5fb6831743459bb759c917f49ba75601cd0", - "sha256:1254a79f8a67a3908de725caf59eae62d86738f6387b0a34b32e02abd6ae73db", - "sha256:1bfb791a8fcdbf55d1d41b8be940393687bec0e9b12733f0796668086d1a23ff", - "sha256:28cf04a1a38e961d4a764d2940af9b941b66263ed5584392ef875ee9c1e360a3", - "sha256:2b9c2341d96926b0d0e132e5c49ef85eb53fa92ae1c3a70f9072f3db0d32bc07", - "sha256:2d10659e6e5c53298e6d718fd126e793285bff904bb71d7239a17218f6a197b7", - "sha256:3af00ee88376022589ceeb8170eb67dacf5f7cd625ea59fa0977d719777d4ae8", - "sha256:3cf816aed8125cfc9e6e5c6c31ff94278320d591bd7970c4a0233bee0d1c8790", - "sha256:4becd16750ca5c2a1b1588269322b2cebd10c07738f336c922b658dbab96a61c", - "sha256:4cd69bca464e892ea4ed544ba6a7850aaff6f8d792f8055a10638db60acbac18", - "sha256:4e97c8fc761ad63909198acc892f34c20f37f3baa2c50a62d5ec5d7f1efc68a1", - "sha256:520461c36727268a989790aef08884347cd41f2d8ae855489ccf40b50321d8d7", - "sha256:53b0410b220766321759f7f9066da67b1d0d4a7f6636a477984cbb1d98483955", - "sha256:56e19fb6e4b8bd07fb20028d03d3bc67bcc0621347fbde64f248e44839771756", - "sha256:5a49ad78543925e1a4196e20c9c54492afa4f1502c2a563f73097e2044c75190", - "sha256:5d52e1173f52020392f593f87a6af2d4055dd800574a5cb0af4ea3878801d307", - "sha256:607224ffae9a0cf0a2f6e14f5f6bce43e83a6fbdaa647891729c103bdd6a5593", - "sha256:612ef8f2795a89ba3a1d4c8c1af84d8453fd53ee611aa5ad460fdd2cab426fc2", - "sha256:615886ee84b6f42f1bdf1852a9669b5fe3b96b6ff27f1a7a330b67ad9911200a", - "sha256:63419db39df8dc5564f6f103102c4665f7e4d9cb64030e98cf7a74eae5d5760d", - "sha256:6467626fa74f96f4d80fc6ec2555799e97fff8f36e0bfc7f67769f83e59cff40", - "sha256:65b3b5f12c6fb5611e79157214f3cd533083f9b058bf2fc8a1c5cc5ee40fdc5a", - "sha256:686565ac77ff94a8965c11829af253d9e2ce3bf0d9225b1d2eb5c4d4666d0dca", - "sha256:6af7f51a6010748fc1bb71917318d953c9673e4ae3f6d285aaf93ef5b2eb11c1", - "sha256:70a198030d26f5e569367f0f04509b63256faa76a22886280eea69a4f535dd40", - "sha256:754a1dd04bff8a509a31146bd8f3a5dc8191a8694d582dd5fb71ff09f0722c22", - "sha256:75da29a0752c8f2395df0115ac1681cefbdd4418676015be8178b733704cbff2", - "sha256:81c29c8741fa07ecec8ec7417c3d8d1e2f18cf5a10a280f4e1c3f8c3590228b2", - "sha256:9093a359a86650a3dbd6532c3e4d21a6f58ba2cb60d0e72db0848115d24c10ba", - "sha256:915ecf7d486df17cc65aeefdb680d5ad4390cc8c857cf8db3fe241ed234f856a", - "sha256:94b181dd2777890139e49a5336bf3a9a3378ce66132c665fe8db4e8b7683cde2", - "sha256:94f2e45b054dd759bed137b6e14ae8625495f7d90ddd23cf62c7a68f72b62656", - "sha256:9af19eb789d674b59a9bee5005779757aab857c40bf9cc313cb01eafac55ce55", - "sha256:9cae837b988f44925d14d048fa6a8c54f197c8b1223fd9ee9c27084f84606143", - "sha256:aa7447bf7c1a15ef24e2b86a277b585dd3f055e8890ac7f97374d170187daa97", - "sha256:b1e22f3ee4d75ca261b6bffbf64f6f178cb194b1be3191065a09f8d98828daa9", - "sha256:b5031d151d6147eac53366d6ec87da84cd4d8c5e80b1d9948a667a7164116e39", - "sha256:b62d1431b4c40cda43cc986f19b8c86b1d2ae8918cfc00f4776fdf070b65c0c4", - "sha256:b71c52d69b91af7d18c13aef1b0cc3baee36b78607c711eb14a52bf3aa7c815e", - "sha256:b7679344f2270840dc5babc9ccbedbc04f7473c1f66d4676bb01680c0db85bcc", - "sha256:bb7c1b029e54e26e01b1d1d912fc21abb65650d16ea9a191d026def4ed0859ed", - "sha256:c2a57755e366e0ac7ebdb3e9207f159c3bf1afed02392ab18453ce81f5ee92ee", - "sha256:cf9ec915857d260511399ab87e1e70fa13d6b2972258f8e620a3959468edfc32", - "sha256:d0d03b9636f1326772e6854459728676354d4c7731dae9902b180e2065ba3da6", - "sha256:d1690c4d37674a5f0cdafbc5ed7e360800afcf06928c2a024c779c046891bf09", - "sha256:d76da27f5e3e9bc40eba6ed7a9e985f57547e98cf20521d91215707f2fb57e0f", - "sha256:d882c2f3345261e898b9f604be76b61c901fbfa4ac32e3f51d5dc1edc89da3cb", - "sha256:d8e5021e770b0a3084c30dda5901d5fce6d4474feaf0ced8f8e5a82702502fbb", - "sha256:dd00d28d1ab5fa7627f5abc957f29a6338a7395b724571a8cbff8fbed83aaa82", - "sha256:e35a298691b9e10e5a5631f8f0ba605b30ebe19208dc8f58b670462f53753641", - "sha256:e4d020ecf3740b7312bacab2cb966bb720fd4d3490562d373b4ad91dd1857c0d", - "sha256:e564d5a771b4015f34166a05ea2165b7e283635c41b1347696117f780084b46d", - "sha256:ea3f2e9eb41f973f73619e88bf7bd950b16b4c2ce73d15f24a11800ce1eaf276", - "sha256:eabdbe04ee0a7e760fa6cd9e799d2b020d098c580ba99107d52e1e5e538b1ecb", - "sha256:f17b9df97c5ecdfb56c5e85b3c9df9831246df698f8581c6e111ac664c7c656e", - "sha256:f386def57742aacc3d864169dfce644a8c396f95aa35b41b69df53f558d56dd0", - "sha256:f6d23a01921b741774f35e924d418a43cf03eca1444f3fdfd7978d35a5aaab8b", - "sha256:fcdf70191f0d1761d190a436db06a46f05af60e1410e1507935f0332280c9268" + "sha256:04da965dfebb5dac2619cb90fcf93efdb35b3c6994fea58a157a834f2f94b318", + "sha256:0538747a9d7827ce3e16a8fdd201a99e661c7dee3c96c885d8ecba3c35d1032c", + "sha256:0645e934e940107e2fdbe7c5b6fb8ec6232444260752598bc4d09511bd056c0b", + "sha256:079b68f197c796e42aa80b1f739f058dcee796dc725cc9a1be0cdb08fc45b000", + "sha256:0f3f0059891d3254c7b5fb935330d6db38d6519ecd238ca4fce93c234b4a0f73", + "sha256:10d2017f9150248563bb579cd0d07c61c58da85c922b780060dcc9a3aa9f432d", + "sha256:1355755b62c28950f9ce123c7a41460ed9743c699905cbe664a5bcc5c9c7c7fb", + "sha256:13c90064b224e10c14dcdf8086688d3f0e612db53766e7478d7754703295c7c8", + "sha256:1423631e3d51008871299525b541413c9b6c6423593e89f9c4cfbe8460afc0a2", + "sha256:1436cf0063bba7888e43f1ba8d58824f085410ea2025befe81150aceb123e345", + "sha256:1a7c59c6ffd6ef5db362b798f350e24ab2cfa5700d53ac6681918f314a4d3b94", + "sha256:1e1cf47774373777936c5aabad489fef7b1c087dcd1f426b621fda9dcc12994e", + "sha256:206a51077773c6c5d2ce1991327cda719063a47adc02bd703c56a662cdb6c58b", + "sha256:21fb3d24ab430fc538a96e9fbb9b150029914805d551deeac7d7822f64631dfc", + "sha256:27e590352c76156f50f538dbcebd1925317a0f70540f7dc8c97d2931c595783a", + "sha256:287605bede6bd36e930577c5925fcea17cb30453d96a7b4c63c14a257118dbb9", + "sha256:2aaf6a0a6465d39b5ca69688fce82d20088c1838534982996ec46633dc7ad6cc", + "sha256:32a73c53783becdb7eaf75a2a1525ea8e49379fb7248c3eeefb9412123536387", + "sha256:41fb58868b816c202e8881fd0f179a4644ce6e7cbbb248ef0283a34b73ec73bb", + "sha256:4780677767dd52b99f0af1f123bc2c22873d30b474aa0e2fc3fe5e02217687c7", + "sha256:4878e667ebabe9b65e785ac8da4d48886fe81193a84bbe49f12acff8f7a383a4", + "sha256:487c8e61d7acc50b8be82bda8c8d21d20e133c3cbf41bd8ad7eb1aaeb3f07c97", + "sha256:4beea0f31491bc086991b97517b9683e5cfb369205dac0148ef685ac12a20a67", + "sha256:4cfbe42c686f33944e12f45a27d25a492cc0e43e1dc1da5d6a87cbcaf2e95627", + "sha256:4d5bae0a37af799207140652a700f21a85946f107a199bcb06720b13a4f1f0b7", + "sha256:4e285b5f2bf321fc0857b491b5028c5f276ec0c873b985d58d7748ece1d770dd", + "sha256:57e4d637258703d14171b54203fd6822fda218c6c2658a7d30816b10995f29f3", + "sha256:5974895115737a74a00b321e339b9c3f45c20275d226398ae79ac008d908bff7", + "sha256:5ef87fca280fb15342726bd5f980f6faf8b84a5287fcc2d4962ea8af88b35130", + "sha256:603a464c2e67d8a546ddaa206d98e3246e5db05594b97db844c2f0a1af37cf5b", + "sha256:6653071f4f9bac46fbc30f3c7838b0e9063ee335908c5d61fb7a4a86c8fd2036", + "sha256:6ca2264f341dd81e41f3fffecec6e446aa2121e0b8d026fb5130e02de1402785", + "sha256:6d279033bf614953c3fc4a0aa9ac33a21e8044ca72d4fa8b9273fe75359d5cca", + "sha256:6d949f53ad4fc7cf02c44d6678e7ff05ec5f5552b235b9e136bd52e9bf730b91", + "sha256:6daa662aba22ef3258934105be2dd9afa5bb45748f4f702a3b39a5bf53a1f4dc", + "sha256:6eafc048ea3f1b3c136c71a86db393be36b5b3d9c87b1c25204e7d397cee9536", + "sha256:830c88747dce8a3e7525defa68afd742b4580df6aa2fdd6f0855481e3994d391", + "sha256:86e92728ef3fc842c50a5cb1d5ba2bc66db7da08a7af53fb3da79e202d1b2cd3", + "sha256:8caf4d16b31961e964c62194ea3e26a0e9561cdf72eecb1781458b67ec83423d", + "sha256:8d1a92d8e90b286d491e5626af53afef2ba04da33e82e30744795c71880eaa21", + "sha256:8f0a4d179c9a941eb80c3a63cdb495e539e064f8054230844dcf2fcb812b71d3", + "sha256:9232b09f5efee6a495a99ae6824881940d6447debe272ea400c02e3b68aad85d", + "sha256:927a9dd016d6033bc12e0bf5dee1dde140235fc8d0d51099353c76081c03dc29", + "sha256:93e414e3206779ef41e5ff2448067213febf260ba747fc65389a3ddaa3fb8715", + "sha256:98cafc618614d72b02185ac583c6f7796202062c41d2eeecdf07820bad3295ed", + "sha256:9c3a88d20e4fe4a2a4a84bf439a5ac9c9aba400b85244c63a1ab7088f85d9d25", + "sha256:9f36de4cd0c262dd9927886cc2305aa3f2210db437aa4fed3fb4940b8bf4592c", + "sha256:a60f90bba4c37962cbf210f0188ecca87daafdf60271f4c6948606e4dabf8785", + "sha256:a614e4afed58c14254e67862456d212c4dcceebab2eaa44d627c2ca04bf86837", + "sha256:ae06c1e4bc60ee076292e582a7512f304abdf6c70db59b56745cca1684f875a4", + "sha256:b122a188cd292c4d2fcd78d04f863b789ef43aa129b233d7c9004de08693728b", + "sha256:b570da8cd0012f4af9fa76a5635cd31f707473e65a5a335b186069d5c7121ff2", + "sha256:bcaa1c495ce623966d9fc8a187da80082334236a2a1c7e141763ffaf7a405067", + "sha256:bd34f6d1810d9354dc7e35158aa6cc33456be7706df4420819af6ed966e85448", + "sha256:be9eb06489bc975c38706902cbc6888f39e946b81383abc2838d186f0e8b6a9d", + "sha256:c4b2e0559b68455c085fb0f6178e9752c4be3bba104d6e881eb5573b399d1eb2", + "sha256:c62e8dd9754b7debda0c5ba59d34509c4688f853588d75b53c3791983faa96fc", + "sha256:c852b1530083a620cb0de5f3cd6826f19862bafeaf77586f1aef326e49d95f0c", + "sha256:d9fc0bf3ff86c17348dfc5d322f627d78273eba545db865c3cd14b3f19e57fa5", + "sha256:dad7b164905d3e534883281c050180afcf1e230c3d4a54e8038aa5cfcf312b84", + "sha256:e5f66bdf0976ec667fc4594d2812a00b07ed14d1b44259d19a41ae3fff99f2b8", + "sha256:e8f0c9d65da595cfe91713bc1222af9ecabd37971762cb830dea2fc3b3bb2acf", + "sha256:edffbe3c510d8f4bf8640e02ca019e48a9b72357318383ca60e3330c23aaffc7", + "sha256:eea5d6443b093e1545ad0210e6cf27f920482bfcf5c77cdc8596aec73523bb7e", + "sha256:ef72013e20dd5ba86a8ae1aed7f56f31d3374189aa8b433e7b12ad182c0d2dfb", + "sha256:f05251bbc2145349b8d0b77c0d4e5f3b228418807b1ee27cefb11f69ed3d233b", + "sha256:f1be258c4d3dc609e654a1dc59d37b17d7fef05df912c01fc2e15eb43a9735f3", + "sha256:f9ced82717c7ec65a67667bb05865ffe38af0e835cdd78728f1209c8fffe0cad", + "sha256:fe17d10b97fdf58155f858606bddb4e037b805a60ae023c009f760d8361a4eb8", + "sha256:fe749b052bb7233fe5d072fcb549221a8cb1a16725c47c37e42b0b9cb3ff2c3f" ], "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", - "version": "==4.9.0" + "version": "==4.9.1" }, "pyee": { "hashes": [ @@ -166,16 +173,16 @@ "sha256:11a734d8f02c6b128035aba8faf32748f2016310a6a1cbc6aa5b1e2580742e8f", "sha256:ddb0d15cb644720160d49abb1ad0d97e87a55581febf1b7531be9e983aad7742" ], - "markers": "python_version >= '3.7' and python_version < '4.0'", + "markers": "python_version >= '3.7' and python_version < '4'", "version": "==1.0.2" }, "requests": { "hashes": [ - "sha256:bc7861137fbce630f17b03d3ad02ad0bf978c844f3536d0edda6499dafce2b6f", - "sha256:d568723a7ebd25875d8d1eaf5dfa068cd2fc8194b2e483d7b1f7c81918dbec6b" + "sha256:7c5599b102feddaa661c826c56ab4fee28bfd17f5abca1ebbe3e7f19d7c97983", + "sha256:8fefa2a1a1365bf5520aac41836fbee479da67864514bdb821f31ce07ce65349" ], "index": "pypi", - "version": "==2.28.0" + "version": "==2.28.1" }, "schema": { "hashes": [ @@ -186,11 +193,11 @@ }, "setuptools": { "hashes": [ - "sha256:5a844ad6e190dccc67d6d7411d119c5152ce01f7c76be4d8a1eaa314501bba77", - "sha256:bf8a748ac98b09d32c9a64a995a6b25921c96cc5743c1efa82763ba80ff54e91" + "sha256:2e24e0bec025f035a2e72cdd1961119f557d78ad331bb00ff82efb2ab8da8e82", + "sha256:7732871f4f7fa58fb6bdcaeadb0161b2bd046c85905dbaa066bdcbcc81953b57" ], "markers": "python_version >= '3.7'", - "version": "==62.4.0" + "version": "==65.3.0" }, "soupsieve": { "hashes": [ @@ -202,19 +209,19 @@ }, "tqdm": { "hashes": [ - "sha256:40be55d30e200777a307a7585aee69e4eabb46b4ec6a4b4a5f2d9f11e7d5408d", - "sha256:74a2cdefe14d11442cedf3ba4e21a3b84ff9a2dbdc6cfae2c34addb2a14a5ea6" + "sha256:5f4f682a004951c1b450bc753c710e9280c5746ce6ffedee253ddbcbf54cf1e4", + "sha256:6fee160d6ffcd1b1c68c65f14c829c22832bc401726335ce92c52d395944a6a1" ], "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", - "version": "==4.64.0" + "version": "==4.64.1" }, "urllib3": { "hashes": [ - "sha256:44ece4d53fb1706f667c9bd1c648f5469a2ec925fcf3a776667042d645472c14", - "sha256:aabaf16477806a5e1dd19aa41f8c2b7950dd3c746362d7e3223dbe6de6ac448e" + "sha256:3fa96cf423e6987997fc326ae8df396db2a8b7c667747d47ddd8ecba91f4a74e", + "sha256:b930dd878d5a8afb066a637fbb35144fe7901e3b209d1cd4f524bd0e9deee997" ], "index": "pypi", - "version": "==1.26.9" + "version": "==1.26.12" }, "websockets": { "hashes": [ @@ -272,11 +279,11 @@ }, "zipp": { "hashes": [ - "sha256:56bf8aadb83c24db6c4b577e13de374ccfb67da2078beba1d037c17980bf43ad", - "sha256:c4f6e5bbf48e74f7a38e7cc5b0480ff42b0ae5178957d564d18932525d5cf099" + "sha256:05b45f1ee8f807d0cc928485ca40a07cb491cf092ff587c0df9cb1fd154848d2", + "sha256:47c40d7fe183a6f21403a199b3e4192cca5774656965b0a4988ad2f8feb5f009" ], "markers": "python_version >= '3.7'", - "version": "==3.8.0" + "version": "==3.8.1" } }, "develop": {} From e7c59d0318e433f6a8279b084e091f2ff71bee1a Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Mon, 19 Sep 2022 15:45:52 -0400 Subject: [PATCH 04/18] Do a better job of isolating the Python virtual environment Ensure that the Python virtual environment created only contains packages necessary for functionality. We also do a better job of respecting the system Python environment provided by the base image. While making these edits I also consolidated some COPY statements to clean things up. --- Dockerfile | 48 +++++++++++++++++++++++------------------------- 1 file changed, 23 insertions(+), 25 deletions(-) diff --git a/Dockerfile b/Dockerfile index f11a492..75b32e7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -11,28 +11,27 @@ RUN apt-get update \ libxml2-dev=2.9.10+dfsg-6.7+deb11u2 \ libxslt1-dev=1.1.34-4+deb11u1 -ENV PY_VENV=/.venv - -# Manually set up the virtual environment -RUN python -m venv --system-site-packages ${PY_VENV} -ENV PATH="${PY_VENV}/bin:$PATH" - -# Install core Python dependencies -RUN python -m pip install --no-cache-dir \ - pip==22.2.2 \ - pipenv==2022.9.8 \ - setuptools==65.3.0 \ - wheel==0.37.1 +ENV VIRTUAL_ENV=/task/.venv + +# Install pipenv to manage installing the Python dependencies into a created +# Python virtual environment. This is done separately from the virtual +# environment so that pipenv and its dependencies are not installed in the +# Python virtual environment used in the final image. +RUN python -m pip install --no-cache-dir --upgrade pipenv==2022.9.8 \ + # Manually create Python virtual environment for the final image + && python3 -m venv ${VIRTUAL_ENV} \ + # Ensure the core Python packages are installed in the virtual environment + && ${VIRTUAL_ENV}/bin/python3 -m pip install --no-cache-dir --upgrade \ + pip==22.2.2 \ + setuptools==65.3.0 \ + wheel==0.37.1 # Install vdp_scanner.py requirements -COPY src/Pipfile Pipfile -COPY src/Pipfile.lock Pipfile.lock -# PIPENV_VENV_IN_PROJECT=1 directs pipenv to use the current directory for venvs -RUN PIPENV_VENV_IN_PROJECT=1 pipenv sync - -# We only need pipenv to set up the environment, so we remove it from the venv -# as a last step. -RUN python -m pip uninstall --yes pipenv +WORKDIR /tmp +COPY src/Pipfile src/Pipfile.lock ./ +# pipenv will install packages into the virtual environment specified in the +# VIRTUAL_ENV environment variable if it is set. +RUN pipenv sync --clear --verbose FROM python:3.10.7-slim-bullseye AS build-stage @@ -46,17 +45,16 @@ RUN apt-get update \ && apt-get clean \ && rm -rf /var/lib/apt/lists/* -ENV PY_VENV=/.venv -COPY --from=compile-stage ${PY_VENV} ${PY_VENV} -ENV PATH="${PY_VENV}/bin:$PATH" +ENV VIRTUAL_ENV=/task/.venv +COPY --from=compile-stage ${VIRTUAL_ENV} ${VIRTUAL_ENV}/ +ENV PATH="${VIRTUAL_ENV}/bin:$PATH" ENV TASK_HOME="/task" WORKDIR ${TASK_HOME} RUN mkdir host_mount -COPY src/version.txt version.txt -COPY src/vdp_scanner.py vdp_scanner.py +COPY src/version.txt src/vdp_scanner.py ./ ENTRYPOINT ["python", "vdp_scanner.py"] CMD ["github"] From f37387e6236e39dc309fb97314f32f215acf9761 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Tue, 20 Sep 2022 00:28:41 -0400 Subject: [PATCH 05/18] Switch base image operating system to Alpine Linux 3.16 Change the operating system of the base image from Debian Bullseye to Alpine Linux 3.16. All dependencies and the `vdp_scanner.py` script are updated appropriately. The documentation and GitHub Actions workflow are also updated to support this change. --- .github/workflows/build.yml | 4 +++- Dockerfile | 27 +++++++++++---------------- README.md | 2 +- src/vdp_scanner.py | 2 +- 4 files changed, 16 insertions(+), 19 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index d74b1aa..9626bac 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -29,7 +29,9 @@ env: CURL_CACHE_DIR: ~/.cache/curl IMAGE_NAME: cisagov/vdp-scanner PIP_CACHE_DIR: ~/.cache/pip - PLATFORMS: "linux/amd64,linux/arm/v7,linux/arm64" + # These are the only two platforms that Alpine LInux 3.16 offers the chromium + # package for at this time. + PLATFORMS: "linux/amd64,linux/arm64" PRE_COMMIT_CACHE_DIR: ~/.cache/pre-commit RUN_TMATE: ${{ secrets.RUN_TMATE }} diff --git a/Dockerfile b/Dockerfile index 75b32e7..61a0833 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM python:3.10.7-bullseye AS compile-stage +FROM python:3.10.7-alpine3.16 AS compile-stage # For a list of pre-defined annotation keys and value types see: # https://github.com/opencontainers/image-spec/blob/master/annotations.md @@ -6,10 +6,9 @@ FROM python:3.10.7-bullseye AS compile-stage LABEL org.opencontainers.image.authors="nicholas.mcdonnell@cisa.dhs.gov" LABEL org.opencontainers.image.vendor="Cybersecurity and Infrastructure Security Agency" -RUN apt-get update \ - && apt-get install -y --allow-downgrades --no-install-recommends \ - libxml2-dev=2.9.10+dfsg-6.7+deb11u2 \ - libxslt1-dev=1.1.34-4+deb11u1 +RUN apk --no-cache add \ + libxml2-dev=2.9.14-r1 \ + libxslt-dev=1.1.35-r0 ENV VIRTUAL_ENV=/task/.venv @@ -33,17 +32,13 @@ COPY src/Pipfile src/Pipfile.lock ./ # VIRTUAL_ENV environment variable if it is set. RUN pipenv sync --clear --verbose -FROM python:3.10.7-slim-bullseye AS build-stage - -RUN apt-get update \ - && apt-get install -y --allow-downgrades --no-install-recommends \ - ca-certificates=20210119 \ - chromium=104.0.5112.79-1~deb11u1 \ - chromium-common=104.0.5112.79-1~deb11u1 \ - libxml2-dev=2.9.10+dfsg-6.7+deb11u2 \ - libxslt1-dev=1.1.34-4+deb11u1 \ - && apt-get clean \ - && rm -rf /var/lib/apt/lists/* +FROM python:3.10.7-alpine3.16 AS build-stage + +RUN apk --no-cache add \ + ca-certificates=20220614-r0 \ + chromium=102.0.5005.173-r0 \ + libxml2-dev=2.9.14-r1 \ + libxslt-dev=1.1.35-r0 ENV VIRTUAL_ENV=/task/.venv COPY --from=compile-stage ${VIRTUAL_ENV} ${VIRTUAL_ENV}/ diff --git a/README.md b/README.md index 43d4bff..7ffa02b 100644 --- a/README.md +++ b/README.md @@ -8,7 +8,7 @@ [![Docker Pulls](https://img.shields.io/docker/pulls/cisagov/vdp-scanner)](https://hub.docker.com/r/cisagov/vdp-scanner) [![Docker Image Size (latest by date)](https://img.shields.io/docker/image-size/cisagov/vdp-scanner)](https://hub.docker.com/r/cisagov/vdp-scanner) -[![Platforms](https://img.shields.io/badge/platforms-amd64%20%7C%20arm%2Fv7%20%7C%20arm64-blue)](https://hub.docker.com/r/cisagov/vdp-scanner/tags) +[![Platforms](https://img.shields.io/badge/platforms-amd64%20%7C%20arm64-blue)](https://hub.docker.com/r/cisagov/vdp-scanner/tags) This is a Docker project to scan either the [GSA current Federal .gov domain list](https://github.com/GSA/data/blob/master/dotgov-domains/current-federal.csv) diff --git a/src/vdp_scanner.py b/src/vdp_scanner.py index 0a5e00b..2c2cd8d 100644 --- a/src/vdp_scanner.py +++ b/src/vdp_scanner.py @@ -19,7 +19,7 @@ -a, --agency-csv=AGENCY_CSV Filename to use for agency results. -t, --domain-csv=DOMAIN_CSV Filename to use for domain (TLD) results. -p, --path-to-chromium=PATH Specify the Chromium binary to use. - [default: /usr/bin/chromium] + [default: /usr/bin/chromium-browser] """ # Standard Python Libraries From 8ac0c710c773b71b1910629624ddeef3d4030b1c Mon Sep 17 00:00:00 2001 From: Nick <50747025+mcdonnnj@users.noreply.github.com> Date: Tue, 20 Sep 2022 12:22:19 -0400 Subject: [PATCH 06/18] Fix typo in comment It's Linux, not LInux. Co-authored-by: dav3r --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 9626bac..bda28b0 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -29,7 +29,7 @@ env: CURL_CACHE_DIR: ~/.cache/curl IMAGE_NAME: cisagov/vdp-scanner PIP_CACHE_DIR: ~/.cache/pip - # These are the only two platforms that Alpine LInux 3.16 offers the chromium + # These are the only two platforms that Alpine Linux 3.16 offers the chromium # package for at this time. PLATFORMS: "linux/amd64,linux/arm64" PRE_COMMIT_CACHE_DIR: ~/.cache/pre-commit From d0dcfccfecf0d4d40936de33a8ff6e07d716ac74 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Tue, 20 Sep 2022 12:23:11 -0400 Subject: [PATCH 07/18] Bump version from 0.0.5 to 0.1.0 --- README.md | 16 ++++++++-------- src/version.txt | 2 +- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 7ffa02b..608ab7f 100644 --- a/README.md +++ b/README.md @@ -23,7 +23,7 @@ Python library. Then it will output CSVs with agency and domain level results. To run the `cisagov/vdp-scanner` image via Docker: ```console -docker run cisagov/vdp-scanner:0.0.5 +docker run cisagov/vdp-scanner:0.1.0 ``` ### Running with Docker Compose ### @@ -36,7 +36,7 @@ docker run cisagov/vdp-scanner:0.0.5 services: vdp-scanner: - image: 'cisagov/vdp-scanner:0.0.5' + image: 'cisagov/vdp-scanner:0.1.0' volumes: - .:/task/host_mount ``` @@ -74,7 +74,7 @@ docker run cisagov/vdp-scanner:0.0.5 1. Pull the new image: ```console - docker pull cisagov/vdp-scanner:0.0.5 + docker pull cisagov/vdp-scanner:0.1.0 ``` 1. Recreate and run the container by following the [previous instructions](#running-with-docker). @@ -83,12 +83,12 @@ docker run cisagov/vdp-scanner:0.0.5 The images of this container are tagged with [semantic versions](https://semver.org). It is recommended that most users use -a version tag (e.g. `:0.0.5`). +a version tag (e.g. `:0.1.0`). | Image:tag | Description | |-----------|-------------| -|`cisagov/vdp-scanner:0.0.5`| An exact release version. | -|`cisagov/vdp-scanner:0.0`| The most recent release matching the major and minor version numbers. | +|`cisagov/vdp-scanner:0.1.0`| An exact release version. | +|`cisagov/vdp-scanner:0.1`| The most recent release matching the major and minor version numbers. | |`cisagov/vdp-scanner:0`| The most recent release matching the major version number. | |`cisagov/vdp-scanner:edge` | The most recent image built from a merge into the `develop` branch of this repository. | |`cisagov/vdp-scanner:nightly` | A nightly build of the `develop` branch of this repository. | @@ -153,7 +153,7 @@ Build the image locally using this git repository as the [build context](https:/ ```console docker build \ - --tag cisagov/vdp-scanner:0.0.5 \ + --tag cisagov/vdp-scanner:0.1.0 \ https://github.com/cisagov/vdp-scanner-docker.git#develop ``` @@ -184,7 +184,7 @@ Docker: --file Dockerfile-x \ --platform linux/amd64 \ --output type=docker \ - --tag cisagov/vdp-scanner:0.0.5 . + --tag cisagov/vdp-scanner:0.1.0 . ``` ## Contributing ## diff --git a/src/version.txt b/src/version.txt index b1a19e3..3dc1f76 100644 --- a/src/version.txt +++ b/src/version.txt @@ -1 +1 @@ -__version__ = "0.0.5" +__version__ = "0.1.0" From 317a0b246afbc6bc033c3af62fdf573e311f7543 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Wed, 1 Mar 2023 15:58:01 -0500 Subject: [PATCH 08/18] Bump python from 3.10.7-alpine3.16 to 3.10.10-alpine3.17 Also update all packages installed with apk to the latest version available on Alpine 3.17. --- Dockerfile | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/Dockerfile b/Dockerfile index 61a0833..35ec6d7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM python:3.10.7-alpine3.16 AS compile-stage +FROM python:3.10.10-alpine3.17 AS compile-stage # For a list of pre-defined annotation keys and value types see: # https://github.com/opencontainers/image-spec/blob/master/annotations.md @@ -7,8 +7,8 @@ LABEL org.opencontainers.image.authors="nicholas.mcdonnell@cisa.dhs.gov" LABEL org.opencontainers.image.vendor="Cybersecurity and Infrastructure Security Agency" RUN apk --no-cache add \ - libxml2-dev=2.9.14-r1 \ - libxslt-dev=1.1.35-r0 + libxml2-dev=2.10.3-r1 \ + libxslt-dev=1.1.37-r0 ENV VIRTUAL_ENV=/task/.venv @@ -32,13 +32,13 @@ COPY src/Pipfile src/Pipfile.lock ./ # VIRTUAL_ENV environment variable if it is set. RUN pipenv sync --clear --verbose -FROM python:3.10.7-alpine3.16 AS build-stage +FROM python:3.10.10-alpine3.17 AS build-stage RUN apk --no-cache add \ - ca-certificates=20220614-r0 \ - chromium=102.0.5005.173-r0 \ - libxml2-dev=2.9.14-r1 \ - libxslt-dev=1.1.35-r0 + ca-certificates=20220614-r4 \ + chromium=110.0.5481.177-r0 \ + libxml2-dev=2.10.3-r1 \ + libxslt-dev=1.1.37-r0 ENV VIRTUAL_ENV=/task/.venv COPY --from=compile-stage ${VIRTUAL_ENV} ${VIRTUAL_ENV}/ From fec3594425bccc881e080343d4cbb327ac51a122 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Tue, 28 Feb 2023 16:23:52 -0500 Subject: [PATCH 09/18] Add support for the linux/armv7 platform The latest version of the chromium package on Alpine 3.17 has support for armv7 in addition to amd64 and arm64. Since that package is why we reduced support to just amd64 and arm64 it makes sense to add support for build armv7 images. Due to build dependencies we use the `alpine:3.17` image for the compile-stage instead of a Python Docker image. Additional packages were added to support building the lxml Python package for armv7 since pre-built wheels are not available. --- .github/workflows/build.yml | 4 ++-- Dockerfile | 25 +++++++++++++++++++++++-- README.md | 2 +- 3 files changed, 26 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index bda28b0..e2cc8be 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -29,9 +29,9 @@ env: CURL_CACHE_DIR: ~/.cache/curl IMAGE_NAME: cisagov/vdp-scanner PIP_CACHE_DIR: ~/.cache/pip - # These are the only two platforms that Alpine Linux 3.16 offers the chromium + # These are the only three platforms that Alpine Linux 3.17 offers the chromium # package for at this time. - PLATFORMS: "linux/amd64,linux/arm64" + PLATFORMS: "linux/amd64,linux/arm/v7,linux/arm64" PRE_COMMIT_CACHE_DIR: ~/.cache/pre-commit RUN_TMATE: ${{ secrets.RUN_TMATE }} diff --git a/Dockerfile b/Dockerfile index 35ec6d7..d549fd7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,12 @@ -FROM python:3.10.10-alpine3.17 AS compile-stage +# We use an Alpine base image in the compile-stage because of the build +# requirements for some of the Python requirements. When the python3-dev +# package is installed it will also install the python3 package which leaves us +# with two Python installations if we use a Python Docker image. Instead we use +# Alpine's python3 package here to create the virtual environment we will use +# in the Python Docker image we use for the build-stage. The tag of the Python +# Docker image matches the version of the python3 package available on Alpine +# for consistency. +FROM alpine:3.17 AS compile-stage # For a list of pre-defined annotation keys and value types see: # https://github.com/opencontainers/image-spec/blob/master/annotations.md @@ -7,8 +15,15 @@ LABEL org.opencontainers.image.authors="nicholas.mcdonnell@cisa.dhs.gov" LABEL org.opencontainers.image.vendor="Cybersecurity and Infrastructure Security Agency" RUN apk --no-cache add \ + gcc=12.2.1_git20220924-r4 \ + libc-dev=0.7.2-r3 \ libxml2-dev=2.10.3-r1 \ - libxslt-dev=1.1.37-r0 + libxslt-dev=1.1.37-r0 \ + py3-pip=22.3.1-r1 \ + py3-setuptools=65.6.0-r0 \ + py3-wheel=0.38.4-r0 \ + python3-dev=3.10.10-r0 \ + python3=3.10.10-r0 ENV VIRTUAL_ENV=/task/.venv @@ -32,6 +47,8 @@ COPY src/Pipfile src/Pipfile.lock ./ # VIRTUAL_ENV environment variable if it is set. RUN pipenv sync --clear --verbose +# The version of Python used here should match the version of the Alpine +# python3 package installed in the compile-stage. FROM python:3.10.10-alpine3.17 AS build-stage RUN apk --no-cache add \ @@ -41,7 +58,11 @@ RUN apk --no-cache add \ libxslt-dev=1.1.37-r0 ENV VIRTUAL_ENV=/task/.venv + +# Copy in the Python venv we created in the compile stage and re-symlink +# python3 in the venv to the Python binary in this image COPY --from=compile-stage ${VIRTUAL_ENV} ${VIRTUAL_ENV}/ +RUN ln -sf "$(command -v python3)" "${VIRTUAL_ENV}"/bin/python3 ENV PATH="${VIRTUAL_ENV}/bin:$PATH" ENV TASK_HOME="/task" diff --git a/README.md b/README.md index 608ab7f..8ed31bb 100644 --- a/README.md +++ b/README.md @@ -8,7 +8,7 @@ [![Docker Pulls](https://img.shields.io/docker/pulls/cisagov/vdp-scanner)](https://hub.docker.com/r/cisagov/vdp-scanner) [![Docker Image Size (latest by date)](https://img.shields.io/docker/image-size/cisagov/vdp-scanner)](https://hub.docker.com/r/cisagov/vdp-scanner) -[![Platforms](https://img.shields.io/badge/platforms-amd64%20%7C%20arm64-blue)](https://hub.docker.com/r/cisagov/vdp-scanner/tags) +[![Platforms](https://img.shields.io/badge/platforms-amd64%20%7C%20arm%2Fv7%20%7C%20arm64-blue)](https://hub.docker.com/r/cisagov/vdp-scanner/tags) This is a Docker project to scan either the [GSA current Federal .gov domain list](https://github.com/GSA/data/blob/master/dotgov-domains/current-federal.csv) From 0a8ef8e90c2704404c753163e4e4f52a5df8ab71 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Thu, 2 Mar 2023 16:33:02 -0500 Subject: [PATCH 10/18] Move Python package versions to environment variables Move the hard-coded Python package versions to environment values to improve maintainability. --- Dockerfile | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/Dockerfile b/Dockerfile index d549fd7..1cc58a8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -14,6 +14,14 @@ FROM alpine:3.17 AS compile-stage LABEL org.opencontainers.image.authors="nicholas.mcdonnell@cisa.dhs.gov" LABEL org.opencontainers.image.vendor="Cybersecurity and Infrastructure Security Agency" +ENV VIRTUAL_ENV=/task/.venv + +# Versions of the Python packages installed directly +ENV PYTHON_PIP_VERSION=22.2.2 +ENV PYTHON_PIPENV_VERSION=2022.9.8 +ENV PYTHON_SETUPTOOLS_VERSION=65.3.0 +ENV PYTHON_WHEEL_VERSION=0.37.1 + RUN apk --no-cache add \ gcc=12.2.1_git20220924-r4 \ libc-dev=0.7.2-r3 \ @@ -25,20 +33,18 @@ RUN apk --no-cache add \ python3-dev=3.10.10-r0 \ python3=3.10.10-r0 -ENV VIRTUAL_ENV=/task/.venv - # Install pipenv to manage installing the Python dependencies into a created # Python virtual environment. This is done separately from the virtual # environment so that pipenv and its dependencies are not installed in the # Python virtual environment used in the final image. -RUN python -m pip install --no-cache-dir --upgrade pipenv==2022.9.8 \ +RUN python -m pip install --no-cache-dir --upgrade pipenv==${PYTHON_PIPENV_VERSION} \ # Manually create Python virtual environment for the final image && python3 -m venv ${VIRTUAL_ENV} \ # Ensure the core Python packages are installed in the virtual environment && ${VIRTUAL_ENV}/bin/python3 -m pip install --no-cache-dir --upgrade \ - pip==22.2.2 \ - setuptools==65.3.0 \ - wheel==0.37.1 + pip==${PYTHON_PIP_VERSION} \ + setuptools==${PYTHON_SETUPTOOLS_VERSION} \ + wheel==${PYTHON_WHEEL_VERSION} # Install vdp_scanner.py requirements WORKDIR /tmp From b9e8743bcab3bf959dbd8e0feff5395f3dc439b8 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Thu, 2 Mar 2023 16:36:02 -0500 Subject: [PATCH 11/18] Update Python package versions in the Dockerfile Update the versions of the pip, pipenv, setuptools, and wheel packages defined in the Dockerfile. --- Dockerfile | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index 1cc58a8..1834b09 100644 --- a/Dockerfile +++ b/Dockerfile @@ -17,10 +17,10 @@ LABEL org.opencontainers.image.vendor="Cybersecurity and Infrastructure Security ENV VIRTUAL_ENV=/task/.venv # Versions of the Python packages installed directly -ENV PYTHON_PIP_VERSION=22.2.2 -ENV PYTHON_PIPENV_VERSION=2022.9.8 -ENV PYTHON_SETUPTOOLS_VERSION=65.3.0 -ENV PYTHON_WHEEL_VERSION=0.37.1 +ENV PYTHON_PIP_VERSION=23.0.1 +ENV PYTHON_PIPENV_VERSION=2023.2.18 +ENV PYTHON_SETUPTOOLS_VERSION=67.4.0 +ENV PYTHON_WHEEL_VERSION=0.38.4 RUN apk --no-cache add \ gcc=12.2.1_git20220924-r4 \ From 60cf26e1497c14fe3f0557d8b68f8ede79b9bd0e Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Thu, 2 Mar 2023 16:37:50 -0500 Subject: [PATCH 12/18] Update the Pipfile and corresponding lock file Update the full Python version defined in the Pipfile and update all dependencies in the lock file by running `pipenv lock` in the `src/` directory. --- src/Pipfile | 2 +- src/Pipfile.lock | 418 ++++++++++++++++++++++++++++++----------------- 2 files changed, 267 insertions(+), 153 deletions(-) diff --git a/src/Pipfile b/src/Pipfile index 4f0c178..63b187e 100644 --- a/src/Pipfile +++ b/src/Pipfile @@ -10,4 +10,4 @@ requests = "*" urllib3 = "*" [requires] -python_full_version = "3.10.7" +python_full_version = "3.10.10" diff --git a/src/Pipfile.lock b/src/Pipfile.lock index f323ffc..dc0b374 100644 --- a/src/Pipfile.lock +++ b/src/Pipfile.lock @@ -1,11 +1,11 @@ { "_meta": { "hash": { - "sha256": "5421461f8604ed88c4adcf7ba39dadbb3262137f2cb50f4c2db64890dcd64196" + "sha256": "710d172a4798a0cd2193805fdfd93d70d6d1366fa1cd7040d70ee35952a72f1a" }, "pipfile-spec": 6, "requires": { - "python_full_version": "3.10.7" + "python_full_version": "3.10.10" }, "sources": [ { @@ -25,27 +25,113 @@ }, "beautifulsoup4": { "hashes": [ - "sha256:58d5c3d29f5a36ffeb94f02f0d786cd53014cf9b3b3951d42e0080d8a9498d30", - "sha256:ad9aa55b65ef2808eb405f46cf74df7fcb7044d5cbc26487f96eb2ef2e436693" + "sha256:0e79446b10b3ecb499c1556f7e228a53e64a2bfcebd455f370d8927cb5b59e39", + "sha256:bc4bdda6717de5a2987436fb8d72f45dc90dd856bdfd512a1314ce90349a0106" ], - "markers": "python_version >= '3.6'", - "version": "==4.11.1" + "markers": "python_full_version >= '3.6.0'", + "version": "==4.11.2" }, "certifi": { "hashes": [ - "sha256:36973885b9542e6bd01dea287b2b4b3b21236307c56324fcc3f1160f2d655ed5", - "sha256:e232343de1ab72c2aa521b625c80f699e356830fd0e2c620b465b304b17b0516" + "sha256:35824b4c3a97115964b408844d64aa14db1cc518f6562e8d7261699d1350a9e3", + "sha256:4ad3232f5e926d6718ec31cfc1fcadfde020920e278684144551c91769c7bc18" ], "markers": "python_version >= '3.6'", - "version": "==2022.9.14" + "version": "==2022.12.7" }, "charset-normalizer": { "hashes": [ - "sha256:5a3d016c7c547f69d6f81fb0db9449ce888b418b5b9952cc5e6e66843e9dd845", - "sha256:83e9a75d1911279afd89352c68b45348559d1fc0506b054b346651b5e7fee29f" + "sha256:00d3ffdaafe92a5dc603cb9bd5111aaa36dfa187c8285c543be562e61b755f6b", + "sha256:024e606be3ed92216e2b6952ed859d86b4cfa52cd5bc5f050e7dc28f9b43ec42", + "sha256:0298eafff88c99982a4cf66ba2efa1128e4ddaca0b05eec4c456bbc7db691d8d", + "sha256:02a51034802cbf38db3f89c66fb5d2ec57e6fe7ef2f4a44d070a593c3688667b", + "sha256:083c8d17153ecb403e5e1eb76a7ef4babfc2c48d58899c98fcaa04833e7a2f9a", + "sha256:0a11e971ed097d24c534c037d298ad32c6ce81a45736d31e0ff0ad37ab437d59", + "sha256:0bf2dae5291758b6f84cf923bfaa285632816007db0330002fa1de38bfcb7154", + "sha256:0c0a590235ccd933d9892c627dec5bc7511ce6ad6c1011fdf5b11363022746c1", + "sha256:0f438ae3532723fb6ead77e7c604be7c8374094ef4ee2c5e03a3a17f1fca256c", + "sha256:109487860ef6a328f3eec66f2bf78b0b72400280d8f8ea05f69c51644ba6521a", + "sha256:11b53acf2411c3b09e6af37e4b9005cba376c872503c8f28218c7243582df45d", + "sha256:12db3b2c533c23ab812c2b25934f60383361f8a376ae272665f8e48b88e8e1c6", + "sha256:14e76c0f23218b8f46c4d87018ca2e441535aed3632ca134b10239dfb6dadd6b", + "sha256:16a8663d6e281208d78806dbe14ee9903715361cf81f6d4309944e4d1e59ac5b", + "sha256:292d5e8ba896bbfd6334b096e34bffb56161c81408d6d036a7dfa6929cff8783", + "sha256:2c03cc56021a4bd59be889c2b9257dae13bf55041a3372d3295416f86b295fb5", + "sha256:2e396d70bc4ef5325b72b593a72c8979999aa52fb8bcf03f701c1b03e1166918", + "sha256:2edb64ee7bf1ed524a1da60cdcd2e1f6e2b4f66ef7c077680739f1641f62f555", + "sha256:31a9ddf4718d10ae04d9b18801bd776693487cbb57d74cc3458a7673f6f34639", + "sha256:356541bf4381fa35856dafa6a965916e54bed415ad8a24ee6de6e37deccf2786", + "sha256:358a7c4cb8ba9b46c453b1dd8d9e431452d5249072e4f56cfda3149f6ab1405e", + "sha256:37f8febc8ec50c14f3ec9637505f28e58d4f66752207ea177c1d67df25da5aed", + "sha256:39049da0ffb96c8cbb65cbf5c5f3ca3168990adf3551bd1dee10c48fce8ae820", + "sha256:39cf9ed17fe3b1bc81f33c9ceb6ce67683ee7526e65fde1447c772afc54a1bb8", + "sha256:3ae1de54a77dc0d6d5fcf623290af4266412a7c4be0b1ff7444394f03f5c54e3", + "sha256:3b590df687e3c5ee0deef9fc8c547d81986d9a1b56073d82de008744452d6541", + "sha256:3e45867f1f2ab0711d60c6c71746ac53537f1684baa699f4f668d4c6f6ce8e14", + "sha256:3fc1c4a2ffd64890aebdb3f97e1278b0cc72579a08ca4de8cd2c04799a3a22be", + "sha256:4457ea6774b5611f4bed5eaa5df55f70abde42364d498c5134b7ef4c6958e20e", + "sha256:44ba614de5361b3e5278e1241fda3dc1838deed864b50a10d7ce92983797fa76", + "sha256:4a8fcf28c05c1f6d7e177a9a46a1c52798bfe2ad80681d275b10dcf317deaf0b", + "sha256:4b0d02d7102dd0f997580b51edc4cebcf2ab6397a7edf89f1c73b586c614272c", + "sha256:502218f52498a36d6bf5ea77081844017bf7982cdbe521ad85e64cabee1b608b", + "sha256:503e65837c71b875ecdd733877d852adbc465bd82c768a067badd953bf1bc5a3", + "sha256:5995f0164fa7df59db4746112fec3f49c461dd6b31b841873443bdb077c13cfc", + "sha256:59e5686dd847347e55dffcc191a96622f016bc0ad89105e24c14e0d6305acbc6", + "sha256:601f36512f9e28f029d9481bdaf8e89e5148ac5d89cffd3b05cd533eeb423b59", + "sha256:608862a7bf6957f2333fc54ab4399e405baad0163dc9f8d99cb236816db169d4", + "sha256:62595ab75873d50d57323a91dd03e6966eb79c41fa834b7a1661ed043b2d404d", + "sha256:70990b9c51340e4044cfc394a81f614f3f90d41397104d226f21e66de668730d", + "sha256:71140351489970dfe5e60fc621ada3e0f41104a5eddaca47a7acb3c1b851d6d3", + "sha256:72966d1b297c741541ca8cf1223ff262a6febe52481af742036a0b296e35fa5a", + "sha256:74292fc76c905c0ef095fe11e188a32ebd03bc38f3f3e9bcb85e4e6db177b7ea", + "sha256:761e8904c07ad053d285670f36dd94e1b6ab7f16ce62b9805c475b7aa1cffde6", + "sha256:772b87914ff1152b92a197ef4ea40efe27a378606c39446ded52c8f80f79702e", + "sha256:79909e27e8e4fcc9db4addea88aa63f6423ebb171db091fb4373e3312cb6d603", + "sha256:7e189e2e1d3ed2f4aebabd2d5b0f931e883676e51c7624826e0a4e5fe8a0bf24", + "sha256:7eb33a30d75562222b64f569c642ff3dc6689e09adda43a082208397f016c39a", + "sha256:81d6741ab457d14fdedc215516665050f3822d3e56508921cc7239f8c8e66a58", + "sha256:8499ca8f4502af841f68135133d8258f7b32a53a1d594aa98cc52013fff55678", + "sha256:84c3990934bae40ea69a82034912ffe5a62c60bbf6ec5bc9691419641d7d5c9a", + "sha256:87701167f2a5c930b403e9756fab1d31d4d4da52856143b609e30a1ce7160f3c", + "sha256:88600c72ef7587fe1708fd242b385b6ed4b8904976d5da0893e31df8b3480cb6", + "sha256:8ac7b6a045b814cf0c47f3623d21ebd88b3e8cf216a14790b455ea7ff0135d18", + "sha256:8b8af03d2e37866d023ad0ddea594edefc31e827fee64f8de5611a1dbc373174", + "sha256:8c7fe7afa480e3e82eed58e0ca89f751cd14d767638e2550c77a92a9e749c317", + "sha256:8eade758719add78ec36dc13201483f8e9b5d940329285edcd5f70c0a9edbd7f", + "sha256:911d8a40b2bef5b8bbae2e36a0b103f142ac53557ab421dc16ac4aafee6f53dc", + "sha256:93ad6d87ac18e2a90b0fe89df7c65263b9a99a0eb98f0a3d2e079f12a0735837", + "sha256:95dea361dd73757c6f1c0a1480ac499952c16ac83f7f5f4f84f0658a01b8ef41", + "sha256:9ab77acb98eba3fd2a85cd160851816bfce6871d944d885febf012713f06659c", + "sha256:9cb3032517f1627cc012dbc80a8ec976ae76d93ea2b5feaa9d2a5b8882597579", + "sha256:9cf4e8ad252f7c38dd1f676b46514f92dc0ebeb0db5552f5f403509705e24753", + "sha256:9d9153257a3f70d5f69edf2325357251ed20f772b12e593f3b3377b5f78e7ef8", + "sha256:a152f5f33d64a6be73f1d30c9cc82dfc73cec6477ec268e7c6e4c7d23c2d2291", + "sha256:a16418ecf1329f71df119e8a65f3aa68004a3f9383821edcb20f0702934d8087", + "sha256:a60332922359f920193b1d4826953c507a877b523b2395ad7bc716ddd386d866", + "sha256:a8d0fc946c784ff7f7c3742310cc8a57c5c6dc31631269876a88b809dbeff3d3", + "sha256:ab5de034a886f616a5668aa5d098af2b5385ed70142090e2a31bcbd0af0fdb3d", + "sha256:c22d3fe05ce11d3671297dc8973267daa0f938b93ec716e12e0f6dee81591dc1", + "sha256:c2ac1b08635a8cd4e0cbeaf6f5e922085908d48eb05d44c5ae9eabab148512ca", + "sha256:c512accbd6ff0270939b9ac214b84fb5ada5f0409c44298361b2f5e13f9aed9e", + "sha256:c75ffc45f25324e68ab238cb4b5c0a38cd1c3d7f1fb1f72b5541de469e2247db", + "sha256:c95a03c79bbe30eec3ec2b7f076074f4281526724c8685a42872974ef4d36b72", + "sha256:cadaeaba78750d58d3cc6ac4d1fd867da6fc73c88156b7a3212a3cd4819d679d", + "sha256:cd6056167405314a4dc3c173943f11249fa0f1b204f8b51ed4bde1a9cd1834dc", + "sha256:db72b07027db150f468fbada4d85b3b2729a3db39178abf5c543b784c1254539", + "sha256:df2c707231459e8a4028eabcd3cfc827befd635b3ef72eada84ab13b52e1574d", + "sha256:e62164b50f84e20601c1ff8eb55620d2ad25fb81b59e3cd776a1902527a788af", + "sha256:e696f0dd336161fca9adbb846875d40752e6eba585843c768935ba5c9960722b", + "sha256:eaa379fcd227ca235d04152ca6704c7cb55564116f8bc52545ff357628e10602", + "sha256:ebea339af930f8ca5d7a699b921106c6e29c617fe9606fa7baa043c1cdae326f", + "sha256:f4c39b0e3eac288fedc2b43055cfc2ca7a60362d0e5e87a637beac5d801ef478", + "sha256:f5057856d21e7586765171eac8b9fc3f7d44ef39425f85dbcccb13b3ebea806c", + "sha256:f6f45710b4459401609ebebdbcfb34515da4fc2aa886f95107f556ac69a9147e", + "sha256:f97e83fa6c25693c7a35de154681fcc257c1c41b38beb0304b9c4d2d9e164479", + "sha256:f9d0c5c045a3ca9bedfc35dca8526798eb91a07aa7a2c0fee134c6c6f321cbd7", + "sha256:ff6f3db31555657f3163b15a6b7c6938d08df7adbfc9dd13d9d19edad678f1e8" ], "markers": "python_version >= '3.6'", - "version": "==2.1.1" + "version": "==3.0.1" }, "contextlib2": { "hashes": [ @@ -79,87 +165,94 @@ }, "importlib-metadata": { "hashes": [ - "sha256:637245b8bab2b6502fcbc752cc4b7a6f6243bb02b31c5c26156ad103d3d45670", - "sha256:7401a975809ea1fdc658c3aa4f78cc2195a0e019c5cbc4c06122884e9ae80c23" + "sha256:7efb448ec9a5e313a57655d35aa54cd3e01b7e1fbcf72dce1bf06119420f5bad", + "sha256:e354bedeb60efa6affdcc8ae121b73544a7aa74156d047311948f6d711cd378d" ], "markers": "python_version >= '3.7'", - "version": "==4.12.0" + "version": "==6.0.0" }, "lxml": { "hashes": [ - "sha256:04da965dfebb5dac2619cb90fcf93efdb35b3c6994fea58a157a834f2f94b318", - "sha256:0538747a9d7827ce3e16a8fdd201a99e661c7dee3c96c885d8ecba3c35d1032c", - "sha256:0645e934e940107e2fdbe7c5b6fb8ec6232444260752598bc4d09511bd056c0b", - "sha256:079b68f197c796e42aa80b1f739f058dcee796dc725cc9a1be0cdb08fc45b000", - "sha256:0f3f0059891d3254c7b5fb935330d6db38d6519ecd238ca4fce93c234b4a0f73", - "sha256:10d2017f9150248563bb579cd0d07c61c58da85c922b780060dcc9a3aa9f432d", - "sha256:1355755b62c28950f9ce123c7a41460ed9743c699905cbe664a5bcc5c9c7c7fb", - "sha256:13c90064b224e10c14dcdf8086688d3f0e612db53766e7478d7754703295c7c8", - "sha256:1423631e3d51008871299525b541413c9b6c6423593e89f9c4cfbe8460afc0a2", - "sha256:1436cf0063bba7888e43f1ba8d58824f085410ea2025befe81150aceb123e345", - "sha256:1a7c59c6ffd6ef5db362b798f350e24ab2cfa5700d53ac6681918f314a4d3b94", - "sha256:1e1cf47774373777936c5aabad489fef7b1c087dcd1f426b621fda9dcc12994e", - "sha256:206a51077773c6c5d2ce1991327cda719063a47adc02bd703c56a662cdb6c58b", - "sha256:21fb3d24ab430fc538a96e9fbb9b150029914805d551deeac7d7822f64631dfc", - "sha256:27e590352c76156f50f538dbcebd1925317a0f70540f7dc8c97d2931c595783a", - "sha256:287605bede6bd36e930577c5925fcea17cb30453d96a7b4c63c14a257118dbb9", - "sha256:2aaf6a0a6465d39b5ca69688fce82d20088c1838534982996ec46633dc7ad6cc", - "sha256:32a73c53783becdb7eaf75a2a1525ea8e49379fb7248c3eeefb9412123536387", - "sha256:41fb58868b816c202e8881fd0f179a4644ce6e7cbbb248ef0283a34b73ec73bb", - "sha256:4780677767dd52b99f0af1f123bc2c22873d30b474aa0e2fc3fe5e02217687c7", - "sha256:4878e667ebabe9b65e785ac8da4d48886fe81193a84bbe49f12acff8f7a383a4", - "sha256:487c8e61d7acc50b8be82bda8c8d21d20e133c3cbf41bd8ad7eb1aaeb3f07c97", - "sha256:4beea0f31491bc086991b97517b9683e5cfb369205dac0148ef685ac12a20a67", - "sha256:4cfbe42c686f33944e12f45a27d25a492cc0e43e1dc1da5d6a87cbcaf2e95627", - "sha256:4d5bae0a37af799207140652a700f21a85946f107a199bcb06720b13a4f1f0b7", - "sha256:4e285b5f2bf321fc0857b491b5028c5f276ec0c873b985d58d7748ece1d770dd", - "sha256:57e4d637258703d14171b54203fd6822fda218c6c2658a7d30816b10995f29f3", - "sha256:5974895115737a74a00b321e339b9c3f45c20275d226398ae79ac008d908bff7", - "sha256:5ef87fca280fb15342726bd5f980f6faf8b84a5287fcc2d4962ea8af88b35130", - "sha256:603a464c2e67d8a546ddaa206d98e3246e5db05594b97db844c2f0a1af37cf5b", - "sha256:6653071f4f9bac46fbc30f3c7838b0e9063ee335908c5d61fb7a4a86c8fd2036", - "sha256:6ca2264f341dd81e41f3fffecec6e446aa2121e0b8d026fb5130e02de1402785", - "sha256:6d279033bf614953c3fc4a0aa9ac33a21e8044ca72d4fa8b9273fe75359d5cca", - "sha256:6d949f53ad4fc7cf02c44d6678e7ff05ec5f5552b235b9e136bd52e9bf730b91", - "sha256:6daa662aba22ef3258934105be2dd9afa5bb45748f4f702a3b39a5bf53a1f4dc", - "sha256:6eafc048ea3f1b3c136c71a86db393be36b5b3d9c87b1c25204e7d397cee9536", - "sha256:830c88747dce8a3e7525defa68afd742b4580df6aa2fdd6f0855481e3994d391", - "sha256:86e92728ef3fc842c50a5cb1d5ba2bc66db7da08a7af53fb3da79e202d1b2cd3", - "sha256:8caf4d16b31961e964c62194ea3e26a0e9561cdf72eecb1781458b67ec83423d", - "sha256:8d1a92d8e90b286d491e5626af53afef2ba04da33e82e30744795c71880eaa21", - "sha256:8f0a4d179c9a941eb80c3a63cdb495e539e064f8054230844dcf2fcb812b71d3", - "sha256:9232b09f5efee6a495a99ae6824881940d6447debe272ea400c02e3b68aad85d", - "sha256:927a9dd016d6033bc12e0bf5dee1dde140235fc8d0d51099353c76081c03dc29", - "sha256:93e414e3206779ef41e5ff2448067213febf260ba747fc65389a3ddaa3fb8715", - "sha256:98cafc618614d72b02185ac583c6f7796202062c41d2eeecdf07820bad3295ed", - "sha256:9c3a88d20e4fe4a2a4a84bf439a5ac9c9aba400b85244c63a1ab7088f85d9d25", - "sha256:9f36de4cd0c262dd9927886cc2305aa3f2210db437aa4fed3fb4940b8bf4592c", - "sha256:a60f90bba4c37962cbf210f0188ecca87daafdf60271f4c6948606e4dabf8785", - "sha256:a614e4afed58c14254e67862456d212c4dcceebab2eaa44d627c2ca04bf86837", - "sha256:ae06c1e4bc60ee076292e582a7512f304abdf6c70db59b56745cca1684f875a4", - "sha256:b122a188cd292c4d2fcd78d04f863b789ef43aa129b233d7c9004de08693728b", - "sha256:b570da8cd0012f4af9fa76a5635cd31f707473e65a5a335b186069d5c7121ff2", - "sha256:bcaa1c495ce623966d9fc8a187da80082334236a2a1c7e141763ffaf7a405067", - "sha256:bd34f6d1810d9354dc7e35158aa6cc33456be7706df4420819af6ed966e85448", - "sha256:be9eb06489bc975c38706902cbc6888f39e946b81383abc2838d186f0e8b6a9d", - "sha256:c4b2e0559b68455c085fb0f6178e9752c4be3bba104d6e881eb5573b399d1eb2", - "sha256:c62e8dd9754b7debda0c5ba59d34509c4688f853588d75b53c3791983faa96fc", - "sha256:c852b1530083a620cb0de5f3cd6826f19862bafeaf77586f1aef326e49d95f0c", - "sha256:d9fc0bf3ff86c17348dfc5d322f627d78273eba545db865c3cd14b3f19e57fa5", - "sha256:dad7b164905d3e534883281c050180afcf1e230c3d4a54e8038aa5cfcf312b84", - "sha256:e5f66bdf0976ec667fc4594d2812a00b07ed14d1b44259d19a41ae3fff99f2b8", - "sha256:e8f0c9d65da595cfe91713bc1222af9ecabd37971762cb830dea2fc3b3bb2acf", - "sha256:edffbe3c510d8f4bf8640e02ca019e48a9b72357318383ca60e3330c23aaffc7", - "sha256:eea5d6443b093e1545ad0210e6cf27f920482bfcf5c77cdc8596aec73523bb7e", - "sha256:ef72013e20dd5ba86a8ae1aed7f56f31d3374189aa8b433e7b12ad182c0d2dfb", - "sha256:f05251bbc2145349b8d0b77c0d4e5f3b228418807b1ee27cefb11f69ed3d233b", - "sha256:f1be258c4d3dc609e654a1dc59d37b17d7fef05df912c01fc2e15eb43a9735f3", - "sha256:f9ced82717c7ec65a67667bb05865ffe38af0e835cdd78728f1209c8fffe0cad", - "sha256:fe17d10b97fdf58155f858606bddb4e037b805a60ae023c009f760d8361a4eb8", - "sha256:fe749b052bb7233fe5d072fcb549221a8cb1a16725c47c37e42b0b9cb3ff2c3f" + "sha256:01d36c05f4afb8f7c20fd9ed5badca32a2029b93b1750f571ccc0b142531caf7", + "sha256:04876580c050a8c5341d706dd464ff04fd597095cc8c023252566a8826505726", + "sha256:05ca3f6abf5cf78fe053da9b1166e062ade3fa5d4f92b4ed688127ea7d7b1d03", + "sha256:090c6543d3696cbe15b4ac6e175e576bcc3f1ccfbba970061b7300b0c15a2140", + "sha256:0dc313ef231edf866912e9d8f5a042ddab56c752619e92dfd3a2c277e6a7299a", + "sha256:0f2b1e0d79180f344ff9f321327b005ca043a50ece8713de61d1cb383fb8ac05", + "sha256:13598ecfbd2e86ea7ae45ec28a2a54fb87ee9b9fdb0f6d343297d8e548392c03", + "sha256:16efd54337136e8cd72fb9485c368d91d77a47ee2d42b057564aae201257d419", + "sha256:1ab8f1f932e8f82355e75dda5413a57612c6ea448069d4fb2e217e9a4bed13d4", + "sha256:223f4232855ade399bd409331e6ca70fb5578efef22cf4069a6090acc0f53c0e", + "sha256:2455cfaeb7ac70338b3257f41e21f0724f4b5b0c0e7702da67ee6c3640835b67", + "sha256:2899456259589aa38bfb018c364d6ae7b53c5c22d8e27d0ec7609c2a1ff78b50", + "sha256:2a29ba94d065945944016b6b74e538bdb1751a1db6ffb80c9d3c2e40d6fa9894", + "sha256:2a87fa548561d2f4643c99cd13131acb607ddabb70682dcf1dff5f71f781a4bf", + "sha256:2e430cd2824f05f2d4f687701144556646bae8f249fd60aa1e4c768ba7018947", + "sha256:36c3c175d34652a35475a73762b545f4527aec044910a651d2bf50de9c3352b1", + "sha256:3818b8e2c4b5148567e1b09ce739006acfaa44ce3156f8cbbc11062994b8e8dd", + "sha256:3ab9fa9d6dc2a7f29d7affdf3edebf6ece6fb28a6d80b14c3b2fb9d39b9322c3", + "sha256:3efea981d956a6f7173b4659849f55081867cf897e719f57383698af6f618a92", + "sha256:4c8f293f14abc8fd3e8e01c5bd86e6ed0b6ef71936ded5bf10fe7a5efefbaca3", + "sha256:5344a43228767f53a9df6e5b253f8cdca7dfc7b7aeae52551958192f56d98457", + "sha256:58bfa3aa19ca4c0f28c5dde0ff56c520fbac6f0daf4fac66ed4c8d2fb7f22e74", + "sha256:5b4545b8a40478183ac06c073e81a5ce4cf01bf1734962577cf2bb569a5b3bbf", + "sha256:5f50a1c177e2fa3ee0667a5ab79fdc6b23086bc8b589d90b93b4bd17eb0e64d1", + "sha256:63da2ccc0857c311d764e7d3d90f429c252e83b52d1f8f1d1fe55be26827d1f4", + "sha256:6749649eecd6a9871cae297bffa4ee76f90b4504a2a2ab528d9ebe912b101975", + "sha256:6804daeb7ef69e7b36f76caddb85cccd63d0c56dedb47555d2fc969e2af6a1a5", + "sha256:689bb688a1db722485e4610a503e3e9210dcc20c520b45ac8f7533c837be76fe", + "sha256:699a9af7dffaf67deeae27b2112aa06b41c370d5e7633e0ee0aea2e0b6c211f7", + "sha256:6b418afe5df18233fc6b6093deb82a32895b6bb0b1155c2cdb05203f583053f1", + "sha256:76cf573e5a365e790396a5cc2b909812633409306c6531a6877c59061e42c4f2", + "sha256:7b515674acfdcadb0eb5d00d8a709868173acece5cb0be3dd165950cbfdf5409", + "sha256:7b770ed79542ed52c519119473898198761d78beb24b107acf3ad65deae61f1f", + "sha256:7d2278d59425777cfcb19735018d897ca8303abe67cc735f9f97177ceff8027f", + "sha256:7e91ee82f4199af8c43d8158024cbdff3d931df350252288f0d4ce656df7f3b5", + "sha256:821b7f59b99551c69c85a6039c65b75f5683bdc63270fec660f75da67469ca24", + "sha256:822068f85e12a6e292803e112ab876bc03ed1f03dddb80154c395f891ca6b31e", + "sha256:8340225bd5e7a701c0fa98284c849c9b9fc9238abf53a0ebd90900f25d39a4e4", + "sha256:85cabf64adec449132e55616e7ca3e1000ab449d1d0f9d7f83146ed5bdcb6d8a", + "sha256:880bbbcbe2fca64e2f4d8e04db47bcdf504936fa2b33933efd945e1b429bea8c", + "sha256:8d0b4612b66ff5d62d03bcaa043bb018f74dfea51184e53f067e6fdcba4bd8de", + "sha256:8e20cb5a47247e383cf4ff523205060991021233ebd6f924bca927fcf25cf86f", + "sha256:925073b2fe14ab9b87e73f9a5fde6ce6392da430f3004d8b72cc86f746f5163b", + "sha256:998c7c41910666d2976928c38ea96a70d1aa43be6fe502f21a651e17483a43c5", + "sha256:9b22c5c66f67ae00c0199f6055705bc3eb3fcb08d03d2ec4059a2b1b25ed48d7", + "sha256:9f102706d0ca011de571de32c3247c6476b55bb6bc65a20f682f000b07a4852a", + "sha256:a08cff61517ee26cb56f1e949cca38caabe9ea9fbb4b1e10a805dc39844b7d5c", + "sha256:a0a336d6d3e8b234a3aae3c674873d8f0e720b76bc1d9416866c41cd9500ffb9", + "sha256:a35f8b7fa99f90dd2f5dc5a9fa12332642f087a7641289ca6c40d6e1a2637d8e", + "sha256:a38486985ca49cfa574a507e7a2215c0c780fd1778bb6290c21193b7211702ab", + "sha256:a5da296eb617d18e497bcf0a5c528f5d3b18dadb3619fbdadf4ed2356ef8d941", + "sha256:a6e441a86553c310258aca15d1c05903aaf4965b23f3bc2d55f200804e005ee5", + "sha256:a82d05da00a58b8e4c0008edbc8a4b6ec5a4bc1e2ee0fb6ed157cf634ed7fa45", + "sha256:ab323679b8b3030000f2be63e22cdeea5b47ee0abd2d6a1dc0c8103ddaa56cd7", + "sha256:b1f42b6921d0e81b1bcb5e395bc091a70f41c4d4e55ba99c6da2b31626c44892", + "sha256:b23e19989c355ca854276178a0463951a653309fb8e57ce674497f2d9f208746", + "sha256:b264171e3143d842ded311b7dccd46ff9ef34247129ff5bf5066123c55c2431c", + "sha256:b26a29f0b7fc6f0897f043ca366142d2b609dc60756ee6e4e90b5f762c6adc53", + "sha256:b64d891da92e232c36976c80ed7ebb383e3f148489796d8d31a5b6a677825efe", + "sha256:b9cc34af337a97d470040f99ba4282f6e6bac88407d021688a5d585e44a23184", + "sha256:bc718cd47b765e790eecb74d044cc8d37d58562f6c314ee9484df26276d36a38", + "sha256:be7292c55101e22f2a3d4d8913944cbea71eea90792bf914add27454a13905df", + "sha256:c83203addf554215463b59f6399835201999b5e48019dc17f182ed5ad87205c9", + "sha256:c9ec3eaf616d67db0764b3bb983962b4f385a1f08304fd30c7283954e6a7869b", + "sha256:ca34efc80a29351897e18888c71c6aca4a359247c87e0b1c7ada14f0ab0c0fb2", + "sha256:ca989b91cf3a3ba28930a9fc1e9aeafc2a395448641df1f387a2d394638943b0", + "sha256:d02a5399126a53492415d4906ab0ad0375a5456cc05c3fc0fc4ca11771745cda", + "sha256:d17bc7c2ccf49c478c5bdd447594e82692c74222698cfc9b5daae7ae7e90743b", + "sha256:d5bf6545cd27aaa8a13033ce56354ed9e25ab0e4ac3b5392b763d8d04b08e0c5", + "sha256:d6b430a9938a5a5d85fc107d852262ddcd48602c120e3dbb02137c83d212b380", + "sha256:da248f93f0418a9e9d94b0080d7ebc407a9a5e6d0b57bb30db9b5cc28de1ad33", + "sha256:da4dd7c9c50c059aba52b3524f84d7de956f7fef88f0bafcf4ad7dde94a064e8", + "sha256:df0623dcf9668ad0445e0558a21211d4e9a149ea8f5666917c8eeec515f0a6d1", + "sha256:e5168986b90a8d1f2f9dc1b841467c74221bd752537b99761a93d2d981e04889", + "sha256:efa29c2fe6b4fdd32e8ef81c1528506895eca86e1d8c4657fda04c9b3786ddf9", + "sha256:f1496ea22ca2c830cbcbd473de8f114a320da308438ae65abad6bab7867fe38f", + "sha256:f49e52d174375a7def9915c9f06ec4e569d235ad428f70751765f48d5926678c" ], "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'", - "version": "==4.9.1" + "version": "==4.9.2" }, "pyee": { "hashes": [ @@ -173,16 +266,16 @@ "sha256:11a734d8f02c6b128035aba8faf32748f2016310a6a1cbc6aa5b1e2580742e8f", "sha256:ddb0d15cb644720160d49abb1ad0d97e87a55581febf1b7531be9e983aad7742" ], - "markers": "python_version >= '3.7' and python_version < '4'", + "markers": "python_version >= '3.7' and python_version < '4.0'", "version": "==1.0.2" }, "requests": { "hashes": [ - "sha256:7c5599b102feddaa661c826c56ab4fee28bfd17f5abca1ebbe3e7f19d7c97983", - "sha256:8fefa2a1a1365bf5520aac41836fbee479da67864514bdb821f31ce07ce65349" + "sha256:64299f4909223da747622c030b781c0d7811e359c37124b4bd368fb8c6518baa", + "sha256:98b1b2782e3c6c4904938b84c0eb932721069dfdb9134313beff7c83c2df24bf" ], "index": "pypi", - "version": "==2.28.1" + "version": "==2.28.2" }, "schema": { "hashes": [ @@ -193,19 +286,19 @@ }, "setuptools": { "hashes": [ - "sha256:2e24e0bec025f035a2e72cdd1961119f557d78ad331bb00ff82efb2ab8da8e82", - "sha256:7732871f4f7fa58fb6bdcaeadb0161b2bd046c85905dbaa066bdcbcc81953b57" + "sha256:e5fd0a713141a4a105412233c63dc4e17ba0090c8e8334594ac790ec97792330", + "sha256:f106dee1b506dee5102cc3f3e9e68137bbad6d47b616be7991714b0c62204251" ], "markers": "python_version >= '3.7'", - "version": "==65.3.0" + "version": "==67.4.0" }, "soupsieve": { "hashes": [ - "sha256:3b2503d3c7084a42b1ebd08116e5f81aadfaea95863628c80a3b774a11b7c759", - "sha256:fc53893b3da2c33de295667a0e19f078c14bf86544af307354de5fcf12a3f30d" + "sha256:49e5368c2cda80ee7e84da9dbe3e110b70a4575f196efb74e51b94549d921955", + "sha256:e28dba9ca6c7c00173e34e4ba57448f0688bb681b7c5e8bf4971daafc093d69a" ], - "markers": "python_version >= '3.6'", - "version": "==2.3.2.post1" + "markers": "python_version >= '3.7'", + "version": "==2.4" }, "tqdm": { "hashes": [ @@ -217,73 +310,94 @@ }, "urllib3": { "hashes": [ - "sha256:3fa96cf423e6987997fc326ae8df396db2a8b7c667747d47ddd8ecba91f4a74e", - "sha256:b930dd878d5a8afb066a637fbb35144fe7901e3b209d1cd4f524bd0e9deee997" + "sha256:076907bf8fd355cde77728471316625a4d2f7e713c125f51953bb5b3eecf4f72", + "sha256:75edcdc2f7d85b137124a6c3c9fc3933cdeaa12ecb9a6a959f22797a0feca7e1" ], "index": "pypi", - "version": "==1.26.12" + "version": "==1.26.14" }, "websockets": { "hashes": [ - "sha256:07cdc0a5b2549bcfbadb585ad8471ebdc7bdf91e32e34ae3889001c1c106a6af", - "sha256:210aad7fdd381c52e58777560860c7e6110b6174488ef1d4b681c08b68bf7f8c", - "sha256:28dd20b938a57c3124028680dc1600c197294da5db4292c76a0b48efb3ed7f76", - "sha256:2f94fa3ae454a63ea3a19f73b95deeebc9f02ba2d5617ca16f0bbdae375cda47", - "sha256:31564a67c3e4005f27815634343df688b25705cccb22bc1db621c781ddc64c69", - "sha256:347974105bbd4ea068106ec65e8e8ebd86f28c19e529d115d89bd8cc5cda3079", - "sha256:379e03422178436af4f3abe0aa8f401aa77ae2487843738542a75faf44a31f0c", - "sha256:3eda1cb7e9da1b22588cefff09f0951771d6ee9fa8dbe66f5ae04cc5f26b2b55", - "sha256:51695d3b199cd03098ae5b42833006a0f43dc5418d3102972addc593a783bc02", - "sha256:54c000abeaff6d8771a4e2cef40900919908ea7b6b6a30eae72752607c6db559", - "sha256:5b936bf552e4f6357f5727579072ff1e1324717902127ffe60c92d29b67b7be3", - "sha256:6075fd24df23133c1b078e08a9b04a3bc40b31a8def4ee0b9f2c8865acce913e", - "sha256:661f641b44ed315556a2fa630239adfd77bd1b11cb0b9d96ed8ad90b0b1e4978", - "sha256:6ea6b300a6bdd782e49922d690e11c3669828fe36fc2471408c58b93b5535a98", - "sha256:6ed1d6f791eabfd9808afea1e068f5e59418e55721db8b7f3bfc39dc831c42ae", - "sha256:7934e055fd5cd9dee60f11d16c8d79c4567315824bacb1246d0208a47eca9755", - "sha256:7ab36e17af592eec5747c68ef2722a74c1a4a70f3772bc661079baf4ae30e40d", - "sha256:7f6d96fdb0975044fdd7953b35d003b03f9e2bcf85f2d2cf86285ece53e9f991", - "sha256:83e5ca0d5b743cde3d29fda74ccab37bdd0911f25bd4cdf09ff8b51b7b4f2fa1", - "sha256:85506b3328a9e083cc0a0fb3ba27e33c8db78341b3eb12eb72e8afd166c36680", - "sha256:8af75085b4bc0b5c40c4a3c0e113fa95e84c60f4ed6786cbb675aeb1ee128247", - "sha256:8b1359aba0ff810d5830d5ab8e2c4a02bebf98a60aa0124fb29aa78cfdb8031f", - "sha256:8fbd7d77f8aba46d43245e86dd91a8970eac4fb74c473f8e30e9c07581f852b2", - "sha256:907e8247480f287aa9bbc9391bd6de23c906d48af54c8c421df84655eef66af7", - "sha256:93d5ea0b5da8d66d868b32c614d2b52d14304444e39e13a59566d4acb8d6e2e4", - "sha256:97bc9d41e69a7521a358f9b8e44871f6cdeb42af31815c17aed36372d4eec667", - "sha256:994cdb1942a7a4c2e10098d9162948c9e7b235df755de91ca33f6e0481366fdb", - "sha256:a141de3d5a92188234afa61653ed0bbd2dde46ad47b15c3042ffb89548e77094", - "sha256:a1e15b230c3613e8ea82c9fc6941b2093e8eb939dd794c02754d33980ba81e36", - "sha256:aad5e300ab32036eb3fdc350ad30877210e2f51bceaca83fb7fef4d2b6c72b79", - "sha256:b529fdfa881b69fe563dbd98acce84f3e5a67df13de415e143ef053ff006d500", - "sha256:b9c77f0d1436ea4b4dc089ed8335fa141e6a251a92f75f675056dac4ab47a71e", - "sha256:bb621ec2dbbbe8df78a27dbd9dd7919f9b7d32a73fafcb4d9252fc4637343582", - "sha256:c7250848ce69559756ad0086a37b82c986cd33c2d344ab87fea596c5ac6d9442", - "sha256:c8d1d14aa0f600b5be363077b621b1b4d1eb3fbf90af83f9281cda668e6ff7fd", - "sha256:d1655a6fc7aecd333b079d00fb3c8132d18988e47f19740c69303bf02e9883c6", - "sha256:d6353ba89cfc657a3f5beabb3b69be226adbb5c6c7a66398e17809b0ce3c4731", - "sha256:da4377904a3379f0c1b75a965fff23b28315bcd516d27f99a803720dfebd94d4", - "sha256:e49ea4c1a9543d2bd8a747ff24411509c29e4bdcde05b5b0895e2120cb1a761d", - "sha256:e4e08305bfd76ba8edab08dcc6496f40674f44eb9d5e23153efa0a35750337e8", - "sha256:e6fa05a680e35d0fcc1470cb070b10e6fe247af54768f488ed93542e71339d6f", - "sha256:e7e6f2d6fd48422071cc8a6f8542016f350b79cc782752de531577d35e9bd677", - "sha256:e904c0381c014b914136c492c8fa711ca4cced4e9b3d110e5e7d436d0fc289e8", - "sha256:ec2b0ab7edc8cd4b0eb428b38ed89079bdc20c6bdb5f889d353011038caac2f9", - "sha256:ef5ce841e102278c1c2e98f043db99d6755b1c58bde475516aef3a008ed7f28e", - "sha256:f351c7d7d92f67c0609329ab2735eee0426a03022771b00102816a72715bb00b", - "sha256:fab7c640815812ed5f10fbee7abbf58788d602046b7bb3af9b1ac753a6d5e916", - "sha256:fc06cc8073c8e87072138ba1e431300e2d408f054b27047d047b549455066ff4" + "sha256:00213676a2e46b6ebf6045bc11d0f529d9120baa6f58d122b4021ad92adabd41", + "sha256:00c870522cdb69cd625b93f002961ffb0c095394f06ba8c48f17eef7c1541f96", + "sha256:0154f7691e4fe6c2b2bc275b5701e8b158dae92a1ab229e2b940efe11905dff4", + "sha256:05a7233089f8bd355e8cbe127c2e8ca0b4ea55467861906b80d2ebc7db4d6b72", + "sha256:09a1814bb15eff7069e51fed0826df0bc0702652b5cb8f87697d469d79c23576", + "sha256:0cff816f51fb33c26d6e2b16b5c7d48eaa31dae5488ace6aae468b361f422b63", + "sha256:185929b4808b36a79c65b7865783b87b6841e852ef5407a2fb0c03381092fa3b", + "sha256:2fc8709c00704194213d45e455adc106ff9e87658297f72d544220e32029cd3d", + "sha256:33d69ca7612f0ddff3316b0c7b33ca180d464ecac2d115805c044bf0a3b0d032", + "sha256:389f8dbb5c489e305fb113ca1b6bdcdaa130923f77485db5b189de343a179393", + "sha256:38ea7b82bfcae927eeffc55d2ffa31665dc7fec7b8dc654506b8e5a518eb4d50", + "sha256:3d3cac3e32b2c8414f4f87c1b2ab686fa6284a980ba283617404377cd448f631", + "sha256:40e826de3085721dabc7cf9bfd41682dadc02286d8cf149b3ad05bff89311e4f", + "sha256:4239b6027e3d66a89446908ff3027d2737afc1a375f8fd3eea630a4842ec9a0c", + "sha256:45ec8e75b7dbc9539cbfafa570742fe4f676eb8b0d3694b67dabe2f2ceed8aa6", + "sha256:47a2964021f2110116cc1125b3e6d87ab5ad16dea161949e7244ec583b905bb4", + "sha256:48c08473563323f9c9debac781ecf66f94ad5a3680a38fe84dee5388cf5acaf6", + "sha256:4c6d2264f485f0b53adf22697ac11e261ce84805c232ed5dbe6b1bcb84b00ff0", + "sha256:4f72e5cd0f18f262f5da20efa9e241699e0cf3a766317a17392550c9ad7b37d8", + "sha256:56029457f219ade1f2fc12a6504ea61e14ee227a815531f9738e41203a429112", + "sha256:5c1289596042fad2cdceb05e1ebf7aadf9995c928e0da2b7a4e99494953b1b94", + "sha256:62e627f6b6d4aed919a2052efc408da7a545c606268d5ab5bfab4432734b82b4", + "sha256:74de2b894b47f1d21cbd0b37a5e2b2392ad95d17ae983e64727e18eb281fe7cb", + "sha256:7c584f366f46ba667cfa66020344886cf47088e79c9b9d39c84ce9ea98aaa331", + "sha256:7d27a7e34c313b3a7f91adcd05134315002aaf8540d7b4f90336beafaea6217c", + "sha256:7d3f0b61c45c3fa9a349cf484962c559a8a1d80dae6977276df8fd1fa5e3cb8c", + "sha256:82ff5e1cae4e855147fd57a2863376ed7454134c2bf49ec604dfe71e446e2193", + "sha256:84bc2a7d075f32f6ed98652db3a680a17a4edb21ca7f80fe42e38753a58ee02b", + "sha256:884be66c76a444c59f801ac13f40c76f176f1bfa815ef5b8ed44321e74f1600b", + "sha256:8a5cc00546e0a701da4639aa0bbcb0ae2bb678c87f46da01ac2d789e1f2d2038", + "sha256:8dc96f64ae43dde92530775e9cb169979f414dcf5cff670455d81a6823b42089", + "sha256:8f38706e0b15d3c20ef6259fd4bc1700cd133b06c3c1bb108ffe3f8947be15fa", + "sha256:90fcf8929836d4a0e964d799a58823547df5a5e9afa83081761630553be731f9", + "sha256:931c039af54fc195fe6ad536fde4b0de04da9d5916e78e55405436348cfb0e56", + "sha256:932af322458da7e4e35df32f050389e13d3d96b09d274b22a7aa1808f292fee4", + "sha256:942de28af58f352a6f588bc72490ae0f4ccd6dfc2bd3de5945b882a078e4e179", + "sha256:9bc42e8402dc5e9905fb8b9649f57efcb2056693b7e88faa8fb029256ba9c68c", + "sha256:a7a240d7a74bf8d5cb3bfe6be7f21697a28ec4b1a437607bae08ac7acf5b4882", + "sha256:a9f9a735deaf9a0cadc2d8c50d1a5bcdbae8b6e539c6e08237bc4082d7c13f28", + "sha256:ae5e95cfb53ab1da62185e23b3130e11d64431179debac6dc3c6acf08760e9b1", + "sha256:b029fb2032ae4724d8ae8d4f6b363f2cc39e4c7b12454df8df7f0f563ed3e61a", + "sha256:b0d15c968ea7a65211e084f523151dbf8ae44634de03c801b8bd070b74e85033", + "sha256:b343f521b047493dc4022dd338fc6db9d9282658862756b4f6fd0e996c1380e1", + "sha256:b627c266f295de9dea86bd1112ed3d5fafb69a348af30a2422e16590a8ecba13", + "sha256:b9968694c5f467bf67ef97ae7ad4d56d14be2751000c1207d31bf3bb8860bae8", + "sha256:ba089c499e1f4155d2a3c2a05d2878a3428cf321c848f2b5a45ce55f0d7d310c", + "sha256:bbccd847aa0c3a69b5f691a84d2341a4f8a629c6922558f2a70611305f902d74", + "sha256:bc0b82d728fe21a0d03e65f81980abbbcb13b5387f733a1a870672c5be26edab", + "sha256:c57e4c1349fbe0e446c9fa7b19ed2f8a4417233b6984277cce392819123142d3", + "sha256:c94ae4faf2d09f7c81847c63843f84fe47bf6253c9d60b20f25edfd30fb12588", + "sha256:c9b27d6c1c6cd53dc93614967e9ce00ae7f864a2d9f99fe5ed86706e1ecbf485", + "sha256:d210abe51b5da0ffdbf7b43eed0cfdff8a55a1ab17abbec4301c9ff077dd0342", + "sha256:d58804e996d7d2307173d56c297cf7bc132c52df27a3efaac5e8d43e36c21c48", + "sha256:d6a4162139374a49eb18ef5b2f4da1dd95c994588f5033d64e0bbfda4b6b6fcf", + "sha256:da39dd03d130162deb63da51f6e66ed73032ae62e74aaccc4236e30edccddbb0", + "sha256:db3c336f9eda2532ec0fd8ea49fef7a8df8f6c804cdf4f39e5c5c0d4a4ad9a7a", + "sha256:dd500e0a5e11969cdd3320935ca2ff1e936f2358f9c2e61f100a1660933320ea", + "sha256:dd9becd5fe29773d140d68d607d66a38f60e31b86df75332703757ee645b6faf", + "sha256:e0cb5cc6ece6ffa75baccfd5c02cffe776f3f5c8bf486811f9d3ea3453676ce8", + "sha256:e23173580d740bf8822fd0379e4bf30aa1d5a92a4f252d34e893070c081050df", + "sha256:e3a686ecb4aa0d64ae60c9c9f1a7d5d46cab9bfb5d91a2d303d00e2cd4c4c5cc", + "sha256:e789376b52c295c4946403bd0efecf27ab98f05319df4583d3c48e43c7342c2f", + "sha256:edc344de4dac1d89300a053ac973299e82d3db56330f3494905643bb68801269", + "sha256:eef610b23933c54d5d921c92578ae5f89813438fded840c2e9809d378dc765d3", + "sha256:f2c38d588887a609191d30e902df2a32711f708abfd85d318ca9b367258cfd0c", + "sha256:f55b5905705725af31ccef50e55391621532cd64fbf0bc6f4bac935f0fccec46", + "sha256:f5fc088b7a32f244c519a048c170f14cf2251b849ef0e20cbbb0fdf0fdaf556f", + "sha256:fe10ddc59b304cb19a1bdf5bd0a7719cbbc9fbdd57ac80ed436b709fcf889106", + "sha256:ff64a1d38d156d429404aaa84b27305e957fd10c30e5880d1765c9480bea490f" ], "markers": "python_version >= '3.7'", - "version": "==10.3" + "version": "==10.4" }, "zipp": { "hashes": [ - "sha256:05b45f1ee8f807d0cc928485ca40a07cb491cf092ff587c0df9cb1fd154848d2", - "sha256:47c40d7fe183a6f21403a199b3e4192cca5774656965b0a4988ad2f8feb5f009" + "sha256:112929ad649da941c23de50f356a2b5570c954b65150642bccdd66bf194d224b", + "sha256:48904fc76a60e542af151aded95726c1a5c34ed43ab4134b597665c86d7ad556" ], "markers": "python_version >= '3.7'", - "version": "==3.8.1" + "version": "==3.15.0" } }, "develop": {} From 21205cb231a805328200dcf4cde04371ab48b525 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Sat, 4 Mar 2023 20:05:17 -0500 Subject: [PATCH 13/18] Use an unprivileged user in the Docker image Create and use an unprivileged user in the Docker configuration with our standard configuration. --- Dockerfile | 28 +++++++++++++++++++++------- 1 file changed, 21 insertions(+), 7 deletions(-) diff --git a/Dockerfile b/Dockerfile index 1834b09..6e488d6 100644 --- a/Dockerfile +++ b/Dockerfile @@ -14,7 +14,10 @@ FROM alpine:3.17 AS compile-stage LABEL org.opencontainers.image.authors="nicholas.mcdonnell@cisa.dhs.gov" LABEL org.opencontainers.image.vendor="Cybersecurity and Infrastructure Security Agency" -ENV VIRTUAL_ENV=/task/.venv +# Unprivileged user information necessary for the Python virtual environment +ARG CISA_USER="cisa" +ENV CISA_HOME="/home/${CISA_USER}" +ENV VIRTUAL_ENV="${CISA_HOME}/.venv" # Versions of the Python packages installed directly ENV PYTHON_PIP_VERSION=23.0.1 @@ -57,26 +60,37 @@ RUN pipenv sync --clear --verbose # python3 package installed in the compile-stage. FROM python:3.10.10-alpine3.17 AS build-stage +# Unprivileged user information +ARG CISA_UID=2048 +ARG CISA_GID=${CISA_UID} +ARG CISA_USER="cisa" +ENV CISA_GROUP=${CISA_USER} +ENV CISA_HOME="/home/${CISA_USER}" +ENV VIRTUAL_ENV="${CISA_HOME}/.venv" + RUN apk --no-cache add \ ca-certificates=20220614-r4 \ chromium=110.0.5481.177-r0 \ libxml2-dev=2.10.3-r1 \ libxslt-dev=1.1.37-r0 -ENV VIRTUAL_ENV=/task/.venv +# Create unprivileged user +RUN addgroup --system --gid ${CISA_GID} ${CISA_GROUP} \ + && adduser --system --uid ${CISA_UID} --ingroup ${CISA_GROUP} ${CISA_USER} # Copy in the Python venv we created in the compile stage and re-symlink # python3 in the venv to the Python binary in this image -COPY --from=compile-stage ${VIRTUAL_ENV} ${VIRTUAL_ENV}/ +COPY --from=compile-stage --chown=${CISA_USER}:${CISA_GROUP} ${VIRTUAL_ENV} ${VIRTUAL_ENV}/ RUN ln -sf "$(command -v python3)" "${VIRTUAL_ENV}"/bin/python3 ENV PATH="${VIRTUAL_ENV}/bin:$PATH" -ENV TASK_HOME="/task" - -WORKDIR ${TASK_HOME} +WORKDIR ${CISA_HOME} RUN mkdir host_mount -COPY src/version.txt src/vdp_scanner.py ./ +# Copy in the necessary files +COPY --chown=${CISA_USER}:${CISA_GROUP} src/version.txt src/vdp_scanner.py ./ +# Prepare to run +USER ${CISA_USER}:${CISA_GROUP} ENTRYPOINT ["python", "vdp_scanner.py"] CMD ["github"] From 75f8fde3cffa8310ca9da007235323b21a6311ac Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Sat, 4 Mar 2023 20:08:57 -0500 Subject: [PATCH 14/18] Consistently use `python3` instead of `python` Make sure that all RUN instructions use `python3` instead of `python`. --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 6e488d6..93f9260 100644 --- a/Dockerfile +++ b/Dockerfile @@ -40,7 +40,7 @@ RUN apk --no-cache add \ # Python virtual environment. This is done separately from the virtual # environment so that pipenv and its dependencies are not installed in the # Python virtual environment used in the final image. -RUN python -m pip install --no-cache-dir --upgrade pipenv==${PYTHON_PIPENV_VERSION} \ +RUN python3 -m pip install --no-cache-dir --upgrade pipenv==${PYTHON_PIPENV_VERSION} \ # Manually create Python virtual environment for the final image && python3 -m venv ${VIRTUAL_ENV} \ # Ensure the core Python packages are installed in the virtual environment @@ -92,5 +92,5 @@ COPY --chown=${CISA_USER}:${CISA_GROUP} src/version.txt src/vdp_scanner.py ./ # Prepare to run USER ${CISA_USER}:${CISA_GROUP} -ENTRYPOINT ["python", "vdp_scanner.py"] +ENTRYPOINT ["python3", "vdp_scanner.py"] CMD ["github"] From f37ad2b77b0392186900fd23a99dbfdb2ba17b67 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Mon, 6 Mar 2023 15:04:07 -0500 Subject: [PATCH 15/18] Bump version from 0.1.0 to 0.1.0-rc.1 --- README.md | 14 +++++++------- src/version.txt | 2 +- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index 8ed31bb..5b047ad 100644 --- a/README.md +++ b/README.md @@ -23,7 +23,7 @@ Python library. Then it will output CSVs with agency and domain level results. To run the `cisagov/vdp-scanner` image via Docker: ```console -docker run cisagov/vdp-scanner:0.1.0 +docker run cisagov/vdp-scanner:0.1.0-rc.1 ``` ### Running with Docker Compose ### @@ -36,7 +36,7 @@ docker run cisagov/vdp-scanner:0.1.0 services: vdp-scanner: - image: 'cisagov/vdp-scanner:0.1.0' + image: 'cisagov/vdp-scanner:0.1.0-rc.1' volumes: - .:/task/host_mount ``` @@ -74,7 +74,7 @@ docker run cisagov/vdp-scanner:0.1.0 1. Pull the new image: ```console - docker pull cisagov/vdp-scanner:0.1.0 + docker pull cisagov/vdp-scanner:0.1.0-rc.1 ``` 1. Recreate and run the container by following the [previous instructions](#running-with-docker). @@ -83,11 +83,11 @@ docker run cisagov/vdp-scanner:0.1.0 The images of this container are tagged with [semantic versions](https://semver.org). It is recommended that most users use -a version tag (e.g. `:0.1.0`). +a version tag (e.g. `:0.1.0-rc.1`). | Image:tag | Description | |-----------|-------------| -|`cisagov/vdp-scanner:0.1.0`| An exact release version. | +|`cisagov/vdp-scanner:0.1.0-rc.1`| An exact release version. | |`cisagov/vdp-scanner:0.1`| The most recent release matching the major and minor version numbers. | |`cisagov/vdp-scanner:0`| The most recent release matching the major version number. | |`cisagov/vdp-scanner:edge` | The most recent image built from a merge into the `develop` branch of this repository. | @@ -153,7 +153,7 @@ Build the image locally using this git repository as the [build context](https:/ ```console docker build \ - --tag cisagov/vdp-scanner:0.1.0 \ + --tag cisagov/vdp-scanner:0.1.0-rc.1 \ https://github.com/cisagov/vdp-scanner-docker.git#develop ``` @@ -184,7 +184,7 @@ Docker: --file Dockerfile-x \ --platform linux/amd64 \ --output type=docker \ - --tag cisagov/vdp-scanner:0.1.0 . + --tag cisagov/vdp-scanner:0.1.0-rc.1 . ``` ## Contributing ## diff --git a/src/version.txt b/src/version.txt index 3dc1f76..39bfdd9 100644 --- a/src/version.txt +++ b/src/version.txt @@ -1 +1 @@ -__version__ = "0.1.0" +__version__ = "0.1.0-rc.1" From 0e147d9712765d79d3cb68de2c06c41ac5deac46 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Tue, 14 Mar 2023 12:09:54 -0400 Subject: [PATCH 16/18] Bump libxslt-dev from 1.1.37-r0 to 1.1.37-r1 --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 93f9260..35de051 100644 --- a/Dockerfile +++ b/Dockerfile @@ -29,7 +29,7 @@ RUN apk --no-cache add \ gcc=12.2.1_git20220924-r4 \ libc-dev=0.7.2-r3 \ libxml2-dev=2.10.3-r1 \ - libxslt-dev=1.1.37-r0 \ + libxslt-dev=1.1.37-r1 \ py3-pip=22.3.1-r1 \ py3-setuptools=65.6.0-r0 \ py3-wheel=0.38.4-r0 \ @@ -72,7 +72,7 @@ RUN apk --no-cache add \ ca-certificates=20220614-r4 \ chromium=110.0.5481.177-r0 \ libxml2-dev=2.10.3-r1 \ - libxslt-dev=1.1.37-r0 + libxslt-dev=1.1.37-r1 # Create unprivileged user RUN addgroup --system --gid ${CISA_GID} ${CISA_GROUP} \ From bdb4e28f405bfd7302d07d3f16471ddbc1470231 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Tue, 14 Mar 2023 12:10:52 -0400 Subject: [PATCH 17/18] Use regular packages isntead of `-dev` packages In the build-image stage we do not need the development headers and related items for the libxml3 and libxslt packages. We can therefore install the regular packages instead of the `-dev` versions of these packages. --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 35de051..76acc15 100644 --- a/Dockerfile +++ b/Dockerfile @@ -71,8 +71,8 @@ ENV VIRTUAL_ENV="${CISA_HOME}/.venv" RUN apk --no-cache add \ ca-certificates=20220614-r4 \ chromium=110.0.5481.177-r0 \ - libxml2-dev=2.10.3-r1 \ - libxslt-dev=1.1.37-r1 + libxml2=2.10.3-r1 \ + libxslt=1.1.37-r1 # Create unprivileged user RUN addgroup --system --gid ${CISA_GID} ${CISA_GROUP} \ From d453f3506503eac5ccbcb427ca9d5dd615d8e6e3 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Tue, 14 Mar 2023 14:28:55 -0400 Subject: [PATCH 18/18] Finalize version from 0.1.0-rc.1 to 0.1.0 --- README.md | 14 +++++++------- src/version.txt | 2 +- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index 5b047ad..8ed31bb 100644 --- a/README.md +++ b/README.md @@ -23,7 +23,7 @@ Python library. Then it will output CSVs with agency and domain level results. To run the `cisagov/vdp-scanner` image via Docker: ```console -docker run cisagov/vdp-scanner:0.1.0-rc.1 +docker run cisagov/vdp-scanner:0.1.0 ``` ### Running with Docker Compose ### @@ -36,7 +36,7 @@ docker run cisagov/vdp-scanner:0.1.0-rc.1 services: vdp-scanner: - image: 'cisagov/vdp-scanner:0.1.0-rc.1' + image: 'cisagov/vdp-scanner:0.1.0' volumes: - .:/task/host_mount ``` @@ -74,7 +74,7 @@ docker run cisagov/vdp-scanner:0.1.0-rc.1 1. Pull the new image: ```console - docker pull cisagov/vdp-scanner:0.1.0-rc.1 + docker pull cisagov/vdp-scanner:0.1.0 ``` 1. Recreate and run the container by following the [previous instructions](#running-with-docker). @@ -83,11 +83,11 @@ docker run cisagov/vdp-scanner:0.1.0-rc.1 The images of this container are tagged with [semantic versions](https://semver.org). It is recommended that most users use -a version tag (e.g. `:0.1.0-rc.1`). +a version tag (e.g. `:0.1.0`). | Image:tag | Description | |-----------|-------------| -|`cisagov/vdp-scanner:0.1.0-rc.1`| An exact release version. | +|`cisagov/vdp-scanner:0.1.0`| An exact release version. | |`cisagov/vdp-scanner:0.1`| The most recent release matching the major and minor version numbers. | |`cisagov/vdp-scanner:0`| The most recent release matching the major version number. | |`cisagov/vdp-scanner:edge` | The most recent image built from a merge into the `develop` branch of this repository. | @@ -153,7 +153,7 @@ Build the image locally using this git repository as the [build context](https:/ ```console docker build \ - --tag cisagov/vdp-scanner:0.1.0-rc.1 \ + --tag cisagov/vdp-scanner:0.1.0 \ https://github.com/cisagov/vdp-scanner-docker.git#develop ``` @@ -184,7 +184,7 @@ Docker: --file Dockerfile-x \ --platform linux/amd64 \ --output type=docker \ - --tag cisagov/vdp-scanner:0.1.0-rc.1 . + --tag cisagov/vdp-scanner:0.1.0 . ``` ## Contributing ## diff --git a/src/version.txt b/src/version.txt index 39bfdd9..3dc1f76 100644 --- a/src/version.txt +++ b/src/version.txt @@ -1 +1 @@ -__version__ = "0.1.0-rc.1" +__version__ = "0.1.0"