QXYang686/devcontainers
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
bc660d97a516745679d03501a442fcb72cb90823
devcontainers/universal-base/.devcontainer/local-features/patch-conda/install.sh
QXYang686 bc660d97a5 重整
2026-02-14 20:00:37 +08:00

73 lines
2.3 KiB
Bash
Raw Blame History

#!/usr/bin/env bash
#-------------------------------------------------------------------------------------------------------------
# Copyright (c) Microsoft Corporation. All rights reserved.
# Licensed under the MIT License. See https://go.microsoft.com/fwlink/?linkid=2090316 for license information.
#-------------------------------------------------------------------------------------------------------------
USERNAME=${USERNAME:-"codespace"}
set -eux
if [ "$(id -u)" -ne 0 ]; then
echo -e 'Script must be run as root. Use sudo, su, or add "USER root" to your Dockerfile before running this script.'
exit 1
fi
# Ensure that login shells get the correct path if the user updated the PATH using ENV.
rm -f /etc/profile.d/00-restore-env.sh
echo "export PATH=${PATH//$(sh -lc 'echo $PATH')/\$PATH}" > /etc/profile.d/00-restore-env.sh
chmod +x /etc/profile.d/00-restore-env.sh
export DEBIAN_FRONTEND=noninteractive
sudo_if() {
COMMAND="$*"
if [ "$(id -u)" -eq 0 ] && [ "$USERNAME" != "root" ]; then
su - "$USERNAME" -c "$COMMAND"
else
"$COMMAND"
fi
}
update_python_package() {
PYTHON_PATH=$1
PACKAGE=$2
VERSION=$3
sudo_if "$PYTHON_PATH -m pip uninstall --yes $PACKAGE"
sudo_if "$PYTHON_PATH -m pip install --upgrade --no-cache-dir $PACKAGE==$VERSION"
sudo_if "$PYTHON_PATH -m pip show --no-python-version-warning $PACKAGE"
}
update_conda_package() {
PACKAGE=$1
VERSION=$2
sudo_if "conda install -y -c defaults $PACKAGE=$VERSION"
}
sudo_if /opt/conda/bin/python3 -m pip install --upgrade pip
# Temporary: Upgrade python packages due to security vulnerabilities
# They are installed by the conda feature and Conda distribution does not have the patches
# https://github.com/advisories/GHSA-79v4-65xg-pq4g
update_python_package /opt/conda/bin/python3 cryptography "44.0.1"
update_conda_package pyopenssl "25.0.0"
# https://github.com/advisories/GHSA-9hjg-9r4m-mvj7
update_conda_package requests "2.32.4"
# https://github.com/advisories/GHSA-5rjg-fvgr-3xxf
update_conda_package setuptools "78.1.1"
# https://github.com/advisories/GHSA-g7vv-2v7x-gj9p
update_python_package /opt/conda/bin/python3 tqdm "4.66.3"
# https://github.com/advisories/GHSA-38jv-5279-wg99
update_conda_package urllib3 "2.6.3"
# https://nvd.nist.gov/vuln/detail/CVE-2025-6176
update_conda_package brotli "1.2.0"
Reference in New Issue View Git Blame Copy Permalink