Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Updated dependencies to fix vulnerabilities #126

Merged
merged 2 commits into from
Nov 28, 2024
Merged

Updated dependencies to fix vulnerabilities #126

merged 2 commits into from
Nov 28, 2024

Conversation

AkhilReddyS-NR
Copy link
Contributor

@AkhilReddyS-NR AkhilReddyS-NR commented Nov 26, 2024
edited
Loading

Updated dependencies to fix vulnerabilities that are found in Trivy scan. This is the doc that lists all the vulnerabilities that are handled.
Jira ticket : https://new-relic.atlassian.net/browse/NR-338866

maya-jha
maya-jha reviewed Nov 26, 2024
View reviewed changes
Copy link

@maya-jha maya-jha left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Have you tested this by deploying to an AWS account?

src/requirements.txt
multidict==6.0.5 ; python_version >= "3.11" and python_version < "4.0"
yarl==1.9.4 ; python_version >= "3.11" and python_version < "4.0"
yarl>=1.12.0,<2.0 ; python_version >= "3.11" and python_version < "4.0"
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this syntax correct? How did you determine which version to use?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah we can use this syntax
Screenshot 2024-11-26 at 12 12 25 PM

@AkhilReddyS-NR
Copy link
Contributor Author

Have you tested this by deploying to an AWS account?

Yes, tested this and it is working fine

@AkhilReddyS-NR
Copy link
Contributor Author

Trivy scan report without any vulnerabilities:
Screenshot 2024-11-26 at 12 16 20 PM

@AkhilReddyS-NR AkhilReddyS-NR merged commit dbc56ba into newrelic:master Nov 28, 2024
6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@maya-jha maya-jha maya-jha approved these changes

@sanathramesh sanathramesh Awaiting requested review from sanathramesh

@hrai-nr hrai-nr Awaiting requested review from hrai-nr

@nr-rkallempudi nr-rkallempudi Awaiting requested review from nr-rkallempudi

@ahegdeNR ahegdeNR Awaiting requested review from ahegdeNR

@voorepreethi voorepreethi Awaiting requested review from voorepreethi

@rohit-bandlamudi-nr rohit-bandlamudi-nr Awaiting requested review from rohit-bandlamudi-nr

@gunnalahema gunnalahema Awaiting requested review from gunnalahema

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@AkhilReddyS-NR @maya-jha