Skip to content

Update packages to fix vulnerabilities#140

Merged
khaledk2 merged 1 commit intoome:mainfrom
khaledk2:update_dep_packages
Mar 25, 2026
Merged

Update packages to fix vulnerabilities#140
khaledk2 merged 1 commit intoome:mainfrom
khaledk2:update_dep_packages

Conversation

@khaledk2
Copy link
Copy Markdown
Collaborator

@khaledk2 khaledk2 commented Mar 24, 2026
edited
Loading

This PR updates packages to address known vulnerabilities in dependency packages, i.e.
https://github.com/ome/omero_search_engine/security/dependabot

I believe it’s important to include these changes in the next tag and release.
It has been deployed on the ide-testing

cc @pwalczysko @jburel

@khaledk2 khaledk2 requested a review from pwalczysko March 24, 2026 12:42
@jburel
Copy link
Copy Markdown
Member

jburel commented Mar 24, 2026

Apart from urllib3 the other packages are point releases.
This will need to be tested before we do anything

@khaledk2
Copy link
Copy Markdown
Collaborator Author

khaledk2 commented Mar 24, 2026

Understood.
I’ve carried out some initial testing and haven’t encountered any issues so far.
I’ll complete further checks to confirm we’re good to proceed.

@pwalczysko
Copy link
Copy Markdown
Member

pwalczysko commented Mar 24, 2026
edited
Loading

@khaledk2 Do you have the docker image similarly to #127 and ome/ansible-role-omero-searchengine#16 (comment) ? If yes, I could start testing using the ansible role.

@khaledk2
Copy link
Copy Markdown
Collaborator Author

khaledk2 commented Mar 24, 2026

@khaledk2 Do you have the docker image similarly to #127 and ome/ansible-role-omero-searchengine#16 (comment) ? If yes, I could start testing using the ansible role.

@pwalczysko, I have updated the Docker image khaledk2/searchengine:lat to include this PR.

You should run the following command to use the updated Docker image

docker pull khaledk2/searchengine:lat

@khaledk2
Copy link
Copy Markdown
Collaborator Author

khaledk2 commented Mar 25, 2026

I have carried out the following tests on idr-testing:

  • Deleting a container (idr0173-breiter-alphasynuclein/experimentA), indexing it again, and then building the cache using these commands.

    • sudo docker run -v /data/searchengine/searchengine/:/etc/searchengine/ -v /data/searchengine/searchengine/logs/:/opt/app-root/src/logs/ --network searchengine-net khaledk2/searchengine:lat delete_containers -i 3203 -r project -u true -s idr

    • sudo docker run -v /data/searchengine/searchengine/:/etc/searchengine/ -v /data/searchengine/searchengine/logs/:/opt/app-root/src/logs/ --network searchengine-net khaledk2/searchengine:lat index_container_from_database -i 3203 -d idr -r project

    • sudo docker run -v /data/searchengine/searchengine/:/etc/searchengine/ -v /data/searchengine/searchengine/logs/:/opt/app-root/src/logs/ --network searchengine-net khaledk2/searchengine:lat update_data_source_cache -d idr

  • Generates the containers' BBF files.

  • In addition, I’ve tested both the asynchronous queries and the standard ones.

All the tests passed, and everything worked as expected.

@pwalczysko
Copy link
Copy Markdown
Member

pwalczysko commented Mar 25, 2026
edited
Loading

Tested via the ansible-role-omero-searchengine on RHEL 9 VM. Used the docker pull... cmd as per #140 (comment).

The basic tests as per https://github.com/ome/ansible-role-omero-searchengine?tab=readme-ov-file#idr-searcher are passing

@khaledk2 khaledk2 merged commit ac46fa8 into ome:main Mar 25, 2026
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@pwalczysko pwalczysko pwalczysko approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@khaledk2 @jburel @pwalczysko