[Anaconda] - Jupyterlab - Patch security vulnerability GHSA-44cc-43rp-5947 (#939)

gauravsaini04 · samruddhikhandale · bhupendra-vaishnav · web-flow · commit f3cfc7e7c7eb · 2024-02-01T13:08:55.000-08:00
* [Anaconda] - Pillow - Patch security vulnerability GHSA-3f63-hfp8-52jq * [Anaconda] - Jupyterlab - Patch security vulnerability GHSA-44cc-43rp-5947 * [Anaconda] - Jupyterlab - Patch security vulnerability GHSA-44cc-43rp-5947 * Changes as suggested by Samruddhi * Changes according to comments --------- Co-authored-by: Samruddhi Khandale <skhandale@microsoft.com> Co-authored-by: bhupendra-vaishnav <148317470+bhupendra-vaishnav@users.noreply.github.com>
diff --git a/src/anaconda/.devcontainer/Dockerfile b/src/anaconda/.devcontainer/Dockerfile
@@ -35,7 +35,9 @@ RUN python3 -m pip install --upgrade \
     # https://github.com/advisories/GHSA-v68g-wm8c-6x7j
     transformers==4.36.0 \
     # https://github.com/advisories/GHSA-3f63-hfp8-52jq
-    pillow==10.2.0
+    pillow==10.2.0 \
+    # https://github.com/advisories/GHSA-44cc-43rp-5947
+    jupyterlab==4.0.11
 
 # Reset and copy updated files with updated privs to keep image size down
 FROM mcr.microsoft.com/devcontainers/base:1-bullseye
diff --git a/src/anaconda/test-project/test.sh b/src/anaconda/test-project/test.sh
@@ -48,6 +48,7 @@ checkPythonPackageVersion "jupyter_server" "2.7.2"
 checkPythonPackageVersion "tornado" "6.3.3"
 checkPythonPackageVersion "pyarrow" "14.0.1"
 checkPythonPackageVersion "pillow" "10.2.0"
+checkPythonPackageVersion "jupyterlab" "4.0.11"
 
 checkCondaPackageVersion "pyopenssl" "23.2.0"
 checkCondaPackageVersion "cryptography" "41.0.7"
