Merge branch 'devcontainers:main' into main

Kaniska244 · Feb 11, 2025 · 56ac50d · 56ac50d
2 parents aab496b + 586c983
commit 56ac50d
Show file tree

Hide file tree

Showing 4 changed files with 49 additions and 76 deletions.
diff --git a/src/dotnet/README.md b/src/dotnet/README.md
@@ -9,7 +9,7 @@
 | *Categories* | Core, Languages |
 | *Image type* | Dockerfile |
 | *Published images* | mcr.microsoft.com/devcontainers/dotnet |
-| *Available image variants* | 9.0 /9.0-bookworm, 8.0 /8.0-bookworm, 9.0-noble, 8.0-noble, 8.0-jammy, 6.0 /6.0-bookworm, 6.0-bullseye, 6.0-jammy, 6.0-focal ([full list](https://mcr.microsoft.com/v2/devcontainers/dotnet/tags/list)) |
+| *Available image variants* | 9.0 /9.0-bookworm, 8.0 /8.0-bookworm, 9.0-noble, 8.0-noble, 8.0-jammy ([full list](https://mcr.microsoft.com/v2/devcontainers/dotnet/tags/list)) |
 | *Published image architecture(s)* | x86-64, arm64/aarch64 for `bookworm`, `bullseye`, `noble`, `jammy` variants |
 | *Container host OS support* | Linux, macOS, Windows |
 | *Container OS* | Ubuntu (`-focal`, `-jammy`, `-noble`), Debian (`-bullseye`, `-bookworm`) |
@@ -24,7 +24,6 @@ You can directly reference pre-built versions of `Dockerfile` by using the `imag
 - `mcr.microsoft.com/devcontainers/dotnet` (latest)
 - `mcr.microsoft.com/devcontainers/dotnet:9.0` (or `9.0-bookworm`, `9.0-noble` to pin to an OS version)
 - `mcr.microsoft.com/devcontainers/dotnet:8.0` (or `8.0-bookworm`, `8.0-noble`, `8.0-jammy` to pin to an OS version)
-- `mcr.microsoft.com/devcontainers/dotnet:6.0` (or `6.0-bookworm`, `6.0-bullseye`, `6.0-jammy`, `6.0-focal` to pin to an OS version)
 
 
 Refer to [this guide](https://containers.dev/guide/dockerfile) for more details.

diff --git a/src/dotnet/manifest.json b/src/dotnet/manifest.json
@@ -5,11 +5,7 @@
 		"9.0-noble",
 		"8.0-bookworm-slim",
 		"8.0-noble",
-		"8.0-jammy",
-		"6.0-bookworm-slim",
-		"6.0-bullseye-slim",
-		"6.0-jammy",
-		"6.0-focal"
+		"8.0-jammy"
 	],
 	"build": {
 		"latest": "9.0-bookworm-slim",
@@ -37,21 +33,6 @@
 			"8.0-jammy": [
 				"linux/amd64",
 				"linux/arm64"
-			],
-			"6.0-bookworm-slim": [
-				"linux/amd64",
-				"linux/arm64"
-			],
-			"6.0-bullseye-slim": [
-				"linux/amd64",
-				"linux/arm64"
-			],
-			"6.0-jammy": [
-				"linux/amd64",
-				"linux/arm64"
-			],
-			"6.0-focal": [
-				"linux/amd64"
 			]
 		},
 		"variantTags": {
@@ -62,13 +43,6 @@
 			"8.0-bookworm-slim": [
 				"dotnet:${VERSION}-8.0",
 				"dotnet:${VERSION}-8.0-bookworm"
-			],
-			"6.0-bookworm-slim": [
-				"dotnet:${VERSION}-6.0",
-				"dotnet:${VERSION}-6.0-bookworm"
-			],
-			"6.0-bullseye-slim": [
-				"dotnet:${VERSION}-6.0-bullseye"
 			]
 		}
 	},

diff --git a/src/jekyll/.devcontainer/Dockerfile b/src/jekyll/.devcontainer/Dockerfile
@@ -16,6 +16,7 @@ RUN gem update --system
 
 # https://github.com/ntkme/sass-embedded-host-ruby/issues/130
 RUN gem install sass-embedded -v 1.62.1
+RUN gem install jekyll-sass-converter -v 3.0.0
 RUN gem install bundler jekyll github-pages
 
 RUN chown -R "vscode:rvm" "/usr/local/rvm/" \

diff --git a/src/miniconda/.devcontainer/apply_security_patches.sh b/src/miniconda/.devcontainer/apply_security_patches.sh
@@ -5,55 +5,54 @@
 
 # define array of packages for pinning to the patched versions
 # vulnerable_packages=( "package1=version1" "package2=version2" "package3=version3" )
-vulnerable_packages=( "cryptography=43.0.1" )
+vulnerable_packages=()
 
 # Define the number of rows (based on the length of vulnerable_packages)
 rows=${#vulnerable_packages[@]}
 
-# Define the number of columns
-cols=2
-
-# Define the 2D array
-declare -A packages_array
-
-# Fill the 2D array
-for ((i=0; i<rows; i++)); do
-    # Split each element of vulnerable_packages by the '=' sign
-    IFS='=' read -ra parts <<< "${vulnerable_packages[$i]}"
-    # Assign the parts to the 2D array
-    packages_array[$i,0]=${parts[0]}
-    packages_array[$i,1]=${parts[1]}
-done
-
-for ((i=0; i<rows; i++)); do
-    CURRENT_VERSION=$(pip show "${packages_array[$i,0]}" --disable-pip-version-check | grep '^Version:' | awk '{print $2}')
-    REQUIRED_VERSION="${packages_array[$i,1]}"
-    GREATER_VERSION_A=$((echo ${REQUIRED_VERSION}; echo ${CURRENT_VERSION}) | sort -V | tail -1)
-    # Check if the required_version is greater than current_version
-    if [[ $CURRENT_VERSION != $GREATER_VERSION_A ]]; then
-        echo "${packages_array[$i,0]} version v${CURRENT_VERSION} installed by the base image is not greater or equal to the required: v${REQUIRED_VERSION}"
-        # Check whether conda channel has a greater or equal version available, so install from conda, otherwise use pip package manager
-        channel_name="anaconda"
-        CONDA_VERSION=$(conda search "${packages_array[$i,0]}" -c "$channel_name" | \
-            grep -E '^[[:alnum:]]' | \
-            awk '{print $2}' | \
-            sort -V | \
-            uniq | \
-            tail -n 2 | \
-            head -n 1)
-        if [[ -z "$CONDA_VERSION" ]]; then
-            echo "No version for ${packages_array[$i,0]} found in conda channel."
-            CONDA_VERSION="0"
-        fi
-        GREATER_VERSION_B=$((echo ${REQUIRED_VERSION}; echo ${CONDA_VERSION}) | sort -V | tail -1)
-        if [[ $CONDA_VERSION == $GREATER_VERSION_B ]]; then
-            echo -e "Found Version v${CONDA_VERSION} in the Conda channel which is greater than or equal to the required version: v${REQUIRED_VERSION}. \n";
-            echo "Installing ${packages_array[$i,0]} from source from conda channel for v${REQUIRED_VERSION}..."
-            conda install "${packages_array[$i,0]}==${CONDA_VERSION}"
-        elif [[ $REQUIRED_VERSION == $GREATER_VERSION_B ]]; then 
-            echo -e "Required version: v${REQUIRED_VERSION} is greater than the version found in the Conda channel v${CONDA_VERSION}. \n";
-            echo "Installing ${packages_array[$i,0]} from source from pip package manager for v${REQUIRED_VERSION}..."
-            python3 -m pip install --upgrade --no-cache-dir "${packages_array[$i,0]}==${REQUIRED_VERSION}"
+if [ $rows -gt 0 ]; then
+    # Define the number of columns
+    cols=2
+    # Define the 2D array
+    declare -A packages_array
+    # Fill the 2D array
+    for ((i=0; i<rows; i++)); do
+        # Split each element of vulnerable_packages by the '=' sign
+        IFS='=' read -ra parts <<< "${vulnerable_packages[$i]}"
+        # Assign the parts to the 2D array
+        packages_array[$i,0]=${parts[0]}
+        packages_array[$i,1]=${parts[1]}
+    done
+    for ((i=0; i<rows; i++)); do
+        CURRENT_VERSION=$(pip show "${packages_array[$i,0]}" --disable-pip-version-check | grep '^Version:' | awk '{print $2}')
+        REQUIRED_VERSION="${packages_array[$i,1]}"
+        GREATER_VERSION_A=$((echo ${REQUIRED_VERSION}; echo ${CURRENT_VERSION}) | sort -V | tail -1)
+        # Check if the required_version is greater than current_version
+        if [[ $CURRENT_VERSION != $GREATER_VERSION_A ]]; then
+            echo "${packages_array[$i,0]} version v${CURRENT_VERSION} installed by the base image is not greater or equal to the required: v${REQUIRED_VERSION}"
+            # Check whether conda channel has a greater or equal version available, so install from conda, otherwise use pip package manager
+            channel_name="anaconda"
+            CONDA_VERSION=$(conda search "${packages_array[$i,0]}" -c "$channel_name" | \
+                grep -E '^[[:alnum:]]' | \
+                awk '{print $2}' | \
+                sort -V | \
+                uniq | \
+                tail -n 2 | \
+                head -n 1)
+            if [[ -z "$CONDA_VERSION" ]]; then
+                echo "No version for ${packages_array[$i,0]} found in conda channel."
+                CONDA_VERSION="0"
+            fi
+            GREATER_VERSION_B=$((echo ${REQUIRED_VERSION}; echo ${CONDA_VERSION}) | sort -V | tail -1)
+            if [[ $CONDA_VERSION == $GREATER_VERSION_B ]]; then
+                echo -e "Found Version v${CONDA_VERSION} in the Conda channel which is greater than or equal to the required version: v${REQUIRED_VERSION}. \n";
+                echo "Installing ${packages_array[$i,0]} from source from conda channel for v${REQUIRED_VERSION}..."
+                conda install "${packages_array[$i,0]}==${CONDA_VERSION}"
+            elif [[ $REQUIRED_VERSION == $GREATER_VERSION_B ]]; then 
+                echo -e "Required version: v${REQUIRED_VERSION} is greater than the version found in the Conda channel v${CONDA_VERSION}. \n";
+                echo "Installing ${packages_array[$i,0]} from source from pip package manager for v${REQUIRED_VERSION}..."
+                python3 -m pip install --upgrade --no-cache-dir "${packages_array[$i,0]}==${REQUIRED_VERSION}"
+            fi
         fi
-    fi
-done
+    done
+fi