From ff98ace086684caf3291795e4dd517fd50962702 Mon Sep 17 00:00:00 2001
From: QXYang686 <me@yqxpro.com>
Date: Sat, 14 Feb 2026 21:31:34 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E8=A1=A5?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 universal-base/.devcontaiener/Dockerfile      |  1 -
 .../.devcontainer/devcontainer.json           |  5 --
 .../patch-conda/devcontainer-feature.json     |  5 --
 .../local-features/patch-conda/install.sh     | 72 -------------------
 .../patch-python/devcontainer-feature.json    |  5 --
 .../local-features/patch-python/install.sh    | 46 ------------
 .../setup-user/devcontainer-feature.json      |  2 -
 7 files changed, 136 deletions(-)
 delete mode 100644 universal-base/.devcontaiener/Dockerfile
 delete mode 100644 universal-base/.devcontainer/local-features/patch-conda/devcontainer-feature.json
 delete mode 100644 universal-base/.devcontainer/local-features/patch-conda/install.sh
 delete mode 100644 universal-base/.devcontainer/local-features/patch-python/devcontainer-feature.json
 delete mode 100644 universal-base/.devcontainer/local-features/patch-python/install.sh

diff --git a/universal-base/.devcontaiener/Dockerfile b/universal-base/.devcontaiener/Dockerfile
deleted file mode 100644
index 3efbf3e..0000000
--- a/universal-base/.devcontaiener/Dockerfile
+++ /dev/null
@@ -1 +0,0 @@
-FROM registry.yqxpro.com/devcontainers/develop-base
diff --git a/universal-base/.devcontainer/devcontainer.json b/universal-base/.devcontainer/devcontainer.json
index 7206543..3483f43 100644
--- a/universal-base/.devcontainer/devcontainer.json
+++ b/universal-base/.devcontainer/devcontainer.json
@@ -10,15 +10,10 @@
     },
     "./local-features/nvs": "latest",
     "ghcr.io/devcontainers/features/python:1": {
-      "version": "3.12.1",
-      "additionalVersions": "3.11.9",
       "installJupyterlab": "true",
       "configureJupyterlabAllowOrigin": "*",
-      "useOryxIfAvailable": "false",
     },
-    "./local-features/patch-python": {},
     "ghcr.io/devcontainers/features/anaconda:1": {},
-    "./local-features/patch-conda": {},
     "ghcr.io/devcontainers/features/java:1": {
       "jdkDistro": "tem",
       "version": "21",
diff --git a/universal-base/.devcontainer/local-features/patch-conda/devcontainer-feature.json b/universal-base/.devcontainer/local-features/patch-conda/devcontainer-feature.json
deleted file mode 100644
index ad4a3c3..0000000
--- a/universal-base/.devcontainer/local-features/patch-conda/devcontainer-feature.json
+++ /dev/null
@@ -1,5 +0,0 @@
-{
-  "id": "patch-conda",
-  "name": "Patch Conda Packages",
-  "installsAfter": ["ghcr.io/devcontainers/features/anaconda"]
-}
diff --git a/universal-base/.devcontainer/local-features/patch-conda/install.sh b/universal-base/.devcontainer/local-features/patch-conda/install.sh
deleted file mode 100644
index fbd312f..0000000
--- a/universal-base/.devcontainer/local-features/patch-conda/install.sh
+++ /dev/null
@@ -1,72 +0,0 @@
-#!/usr/bin/env bash
-#-------------------------------------------------------------------------------------------------------------
-# Copyright (c) Microsoft Corporation. All rights reserved.
-# Licensed under the MIT License. See https://go.microsoft.com/fwlink/?linkid=2090316 for license information.
-#-------------------------------------------------------------------------------------------------------------
-
-USERNAME=${USERNAME:-"codespace"}
-
-set -eux
-
-if [ "$(id -u)" -ne 0 ]; then
-    echo -e 'Script must be run as root. Use sudo, su, or add "USER root" to your Dockerfile before running this script.'
-    exit 1
-fi
-
-# Ensure that login shells get the correct path if the user updated the PATH using ENV.
-rm -f /etc/profile.d/00-restore-env.sh
-echo "export PATH=${PATH//$(sh -lc 'echo $PATH')/\$PATH}" > /etc/profile.d/00-restore-env.sh
-chmod +x /etc/profile.d/00-restore-env.sh
-
-export DEBIAN_FRONTEND=noninteractive
-
-sudo_if() {
-    COMMAND="$*"
-    if [ "$(id -u)" -eq 0 ] && [ "$USERNAME" != "root" ]; then
-        su - "$USERNAME" -c "$COMMAND"
-    else
-        "$COMMAND"
-    fi
-}
-
-update_python_package() {
-    PYTHON_PATH=$1
-    PACKAGE=$2
-    VERSION=$3
-
-    sudo_if "$PYTHON_PATH -m pip uninstall --yes $PACKAGE"
-    sudo_if "$PYTHON_PATH -m pip install --upgrade --no-cache-dir $PACKAGE==$VERSION"
-    sudo_if "$PYTHON_PATH -m pip show --no-python-version-warning $PACKAGE"
-}
-
-update_conda_package() {
-    PACKAGE=$1
-    VERSION=$2
-
-    sudo_if "conda install -y -c defaults $PACKAGE=$VERSION"
-}
-
-sudo_if /opt/conda/bin/python3 -m pip install --upgrade pip
-
-# Temporary: Upgrade python packages due to security vulnerabilities
-# They are installed by the conda feature and Conda distribution does not have the patches
-
-# https://github.com/advisories/GHSA-79v4-65xg-pq4g
-update_python_package /opt/conda/bin/python3 cryptography "44.0.1"
-
-update_conda_package pyopenssl "25.0.0"
-
-# https://github.com/advisories/GHSA-9hjg-9r4m-mvj7
-update_conda_package requests "2.32.4"
-
-# https://github.com/advisories/GHSA-5rjg-fvgr-3xxf
-update_conda_package setuptools "78.1.1"
-
-# https://github.com/advisories/GHSA-g7vv-2v7x-gj9p
-update_python_package /opt/conda/bin/python3 tqdm "4.66.3"
-
-# https://github.com/advisories/GHSA-38jv-5279-wg99
-update_conda_package urllib3 "2.6.3"
-
-# https://nvd.nist.gov/vuln/detail/CVE-2025-6176
-update_conda_package brotli "1.2.0"
diff --git a/universal-base/.devcontainer/local-features/patch-python/devcontainer-feature.json b/universal-base/.devcontainer/local-features/patch-python/devcontainer-feature.json
deleted file mode 100644
index c93da6d..0000000
--- a/universal-base/.devcontainer/local-features/patch-python/devcontainer-feature.json
+++ /dev/null
@@ -1,5 +0,0 @@
-{
-  "id": "patch-python",
-  "name": "Patch Python Packages",
-  "installsAfter": ["ghcr.io/devcontainers/features/python"]
-}
diff --git a/universal-base/.devcontainer/local-features/patch-python/install.sh b/universal-base/.devcontainer/local-features/patch-python/install.sh
deleted file mode 100644
index 6ceb81a..0000000
--- a/universal-base/.devcontainer/local-features/patch-python/install.sh
+++ /dev/null
@@ -1,46 +0,0 @@
-#!/usr/bin/env bash
-#-------------------------------------------------------------------------------------------------------------
-# Copyright (c) Microsoft Corporation. All rights reserved.
-# Licensed under the MIT License. See https://go.microsoft.com/fwlink/?linkid=2090316 for license information.
-#-------------------------------------------------------------------------------------------------------------
-
-USERNAME=${USERNAME:-"codespace"}
-
-set -eux
-
-if [ "$(id -u)" -ne 0 ]; then
-    echo -e 'Script must be run as root. Use sudo, su, or add "USER root" to your Dockerfile before running this script.'
-    exit 1
-fi
-
-# Ensure that login shells get the correct path if the user updated the PATH using ENV.
-rm -f /etc/profile.d/00-restore-env.sh
-echo "export PATH=${PATH//$(sh -lc 'echo $PATH')/\$PATH}" > /etc/profile.d/00-restore-env.sh
-chmod +x /etc/profile.d/00-restore-env.sh
-
-export DEBIAN_FRONTEND=noninteractive
-
-sudo_if() {
-    COMMAND="$*"
-    if [ "$(id -u)" -eq 0 ] && [ "$USERNAME" != "root" ]; then
-        su - "$USERNAME" -c "$COMMAND"
-    else
-        "$COMMAND"
-    fi
-}
-
-update_package() {
-    PYTHON_PATH=$1
-    PACKAGE=$2
-    VERSION=$3
-
-    sudo_if "$PYTHON_PATH -m pip uninstall --yes $PACKAGE"
-    sudo_if "$PYTHON_PATH -m pip install --upgrade --no-cache-dir $PACKAGE==$VERSION"
-    sudo_if "$PYTHON_PATH -m pip show --no-python-version-warning $PACKAGE"
-}
-# Updating pip version for python 3.11. Must be removed when pinned version 3.11 is updated to a different python version.
-sudo_if /usr/local/python/3.11.*/bin/python -m pip install --upgrade pip
-
-# https://github.com/advisories/GHSA-5rjg-fvgr-3xxf
-# Updating setuptools version for python 3.11. Must be removed when pinned version 3.11 is updated to a different python version.
-update_package /usr/local/python/3.11.*/bin/python setuptools "78.1.1"
diff --git a/universal-base/.devcontainer/local-features/setup-user/devcontainer-feature.json b/universal-base/.devcontainer/local-features/setup-user/devcontainer-feature.json
index 6a3d982..334512a 100644
--- a/universal-base/.devcontainer/local-features/setup-user/devcontainer-feature.json
+++ b/universal-base/.devcontainer/local-features/setup-user/devcontainer-feature.json
@@ -21,9 +21,7 @@
     "ghcr.io/devcontainers/features/node:1",
     "./local-features/nvs",
     "ghcr.io/devcontainers/features/python:1",
-    "./local-features/patch-python",
     "ghcr.io/devcontainers/features/anaconda:1",
-    "./local-features/patch-conda",
     "ghcr.io/devcontainers/features/java:1",
     "ghcr.io/devcontainers/features/go:1",
     "ghcr.io/devcontainers/features/rust:1"