Commit Graph

4 Commits

Author SHA1 Message Date
jasquat a025aaa017 upgraded cryptography to satisfy snyk and added ignore for werkzeug issue since we cannot do anything about it now w/ burnettk 2023-10-26 11:28:37 -04:00
jasquat fe4dc14b8d Feature/docker CVE issues (#558)
* updated Dockerfile to try to remove security vulnerabilities w/ burnettk

* we require curl for health checks w/ burnettk

* try to scan docker image in ci

* use Dockerfile from backend w/ burnettk

* continue-on-error w/ burnettk

* attempt to elevate permissions of snyk w/ burnettk

* added snyk security github workflow w/ burnettk

* fixed location of constraints w/ burnettk

* add in or true for snyk tests w/ burnettk

* sent the snyk token w/ burnettk

* specify the directory for the sarif file w/ burnettk

* updated spiffworkflow-connector-command for snyk issue w/ burnettk

* updated sql statements sanitize input

* ignore issues for debug_controller and check frontend with snyk w/ burnettk

* updated babel and electron for snyk w/ burnettk

* some more updates to fix vulnerabilities w/ burnettk

* prune repeated deps for frontend builds since

* uncomment ci code so it runs again and use node for frontend base image w/ burnettk

* fixed backend image name w/ burnettk

* pyl w/ burnettk

---------

Co-authored-by: jasquat <jasquat@users.noreply.github.com>
2023-10-19 14:22:52 -04:00
jbirddog 122d1efbda Bump flask for safety (#304)
* Bump flask for safety

* let snyk check flask again w/ burnettk

* attempt to use the same revision for front w/ burnettk

---------

Co-authored-by: jasquat <jasquat@users.noreply.github.com>
2023-06-06 17:33:48 -07:00
burnettk da8206f9f9 ignore issue for which ticket has been filed 2023-05-03 10:49:32 -04:00