From 487a9f3f8308f6c66b2bc9f7104aca0d942aaafe Mon Sep 17 00:00:00 2001 From: DawidDlubek-TomTom <78544608+DawidDlubek-TomTom@users.noreply.github.com> Date: Wed, 28 Sep 2022 15:31:34 +0200 Subject: [PATCH] Updates 23092022 (#83) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Package updates 23-09-2022 * Bump version: 1.1.11 → 1.1.12 * Update the python image A vulnerability has been detected in the current image, therefore updating the image to the latest one in hope that it would fix this. * Update the vulnerabilities exceptions list The image update did not fix the issue, the vulnerability applies to XML so does not affect us, adding it to the exception list. * Update dependencies 28/09/2022 --- .bumpversion.cfg | 2 +- .github/containerscan/allowedlist.yaml | 3 +-- .github/workflows/release.yml | 2 +- Dockerfile | 4 ++-- poetry.lock | 25 +++++++++++-------------- pyproject.toml | 2 +- 6 files changed, 17 insertions(+), 21 deletions(-) diff --git a/.bumpversion.cfg b/.bumpversion.cfg index 2fda18b..d44b727 100644 --- a/.bumpversion.cfg +++ b/.bumpversion.cfg @@ -1,5 +1,5 @@ [bumpversion] -current_version = 1.1.11 +current_version = 1.1.12 commit = True tag = False message = Bump version: {current_version} → {new_version} diff --git a/.github/containerscan/allowedlist.yaml b/.github/containerscan/allowedlist.yaml index 3ea57e0..c309043 100644 --- a/.github/containerscan/allowedlist.yaml +++ b/.github/containerscan/allowedlist.yaml @@ -1,4 +1,3 @@ general: vulnerabilities: - - CVE-2022-37434 - - CVE-2021-46828 \ No newline at end of file + - CVE-2022-40674 \ No newline at end of file diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 67bdf87..530f9f3 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -6,7 +6,7 @@ on: workflow_dispatch: env: - VERSION: 1.1.11 + VERSION: 1.1.12 jobs: release: diff --git a/Dockerfile b/Dockerfile index 3bd5212..07fee41 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM python:3.10.6-alpine3.16 as builder +FROM python:3.10.7-alpine3.16 as builder COPY . /build @@ -6,7 +6,7 @@ WORKDIR /build RUN python -m venv /venv && /venv/bin/pip --no-cache-dir install . -FROM python:3.10.5-alpine3.16 +FROM python:3.10.7-alpine3.16 RUN addgroup exporter && adduser --system --no-create-home --shell /bin/false --ingroup exporter exporter USER exporter diff --git a/poetry.lock b/poetry.lock index 92ab647..a4259ef 100644 --- a/poetry.lock +++ b/poetry.lock @@ -1,6 +1,6 @@ [[package]] name = "astroid" -version = "2.12.9" +version = "2.12.10" description = "An abstract syntax tree for Python with inference support." category = "dev" optional = false @@ -87,7 +87,7 @@ python-versions = ">=2.7" [[package]] name = "certifi" -version = "2022.6.15.1" +version = "2022.9.24" description = "Python package for providing Mozilla's CA Bundle." category = "main" optional = false @@ -187,7 +187,7 @@ parser = ["pyhcl (>=0.3.10)"] [[package]] name = "idna" -version = "3.3" +version = "3.4" description = "Internationalized Domain Names in Applications (IDNA)" category = "main" optional = false @@ -342,14 +342,14 @@ python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*" [[package]] name = "pylint" -version = "2.15.2" +version = "2.15.3" description = "python code static checker" category = "dev" optional = false python-versions = ">=3.7.2" [package.dependencies] -astroid = ">=2.12.9,<=2.14.0-dev0" +astroid = ">=2.12.10,<=2.14.0-dev0" colorama = {version = ">=0.4.5", markers = "sys_platform == \"win32\""} dill = ">=0.2" isort = ">=4.2.5,<6" @@ -411,7 +411,7 @@ testing = ["fields", "hunter", "process-tests", "six", "pytest-xdist", "virtuale [[package]] name = "pytest-mock" -version = "3.8.2" +version = "3.9.0" description = "Thin-wrapper around the mock package for easier use with pytest" category = "dev" optional = false @@ -486,7 +486,7 @@ python-versions = ">=3.7" [[package]] name = "tomlkit" -version = "0.11.4" +version = "0.11.5" description = "Style preserving TOML library" category = "dev" optional = false @@ -494,7 +494,7 @@ python-versions = ">=3.6,<4.0" [[package]] name = "types-pyyaml" -version = "6.0.11" +version = "6.0.12" description = "Typing stubs for PyYAML" category = "dev" optional = false @@ -502,7 +502,7 @@ python-versions = "*" [[package]] name = "types-requests" -version = "2.28.10" +version = "2.28.11" description = "Typing stubs for requests" category = "dev" optional = false @@ -513,7 +513,7 @@ types-urllib3 = "<1.27" [[package]] name = "types-urllib3" -version = "1.26.24" +version = "1.26.25" description = "Typing stubs for urllib3" category = "dev" optional = false @@ -592,10 +592,7 @@ hvac = [ {file = "hvac-0.11.2-py2.py3-none-any.whl", hash = "sha256:3e8a34804b1e20954a2b4991cc13ed9c09b32e50dadd9d3438224481150f6568"}, {file = "hvac-0.11.2.tar.gz", hash = "sha256:f905c59d32d88d3f67571fe5a8a78de4659e04798ad809de439f667247d13626"}, ] -idna = [ - {file = "idna-3.3-py3-none-any.whl", hash = "sha256:84d9dd047ffa80596e0f246e2eab0b391788b0503584e8945f2368256d2735ff"}, - {file = "idna-3.3.tar.gz", hash = "sha256:9d643ff0a55b762d5cdb124b8eaa99c66322e2157b69160bc32796e824360e6d"}, -] +idna = [] iniconfig = [ {file = "iniconfig-1.1.1-py2.py3-none-any.whl", hash = "sha256:011e24c64b7f47f6ebd835bb12a743f2fbe9a26d4cecaa7f53bc4f35ee9da8b3"}, {file = "iniconfig-1.1.1.tar.gz", hash = "sha256:bc3af051d7d14b2ee5ef9969666def0cd1a000e121eaea580d4a313df4b37f32"}, diff --git a/pyproject.toml b/pyproject.toml index 20e4f6b..8434c61 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "vault-assessment-prometheus-exporter" -version = "1.1.11" +version = "1.1.12" description = "Prometheus exporter to monitor custom metadata for KV2 secrets for (self-imposed) expiration." authors = ["Eugene Davis "] readme = "README.md"