diff --git a/src/common_node_24/.trivyignore.yaml b/src/common_node_24/.trivyignore.yaml index ca220bd..9fff67e 100644 --- a/src/common_node_24/.trivyignore.yaml +++ b/src/common_node_24/.trivyignore.yaml @@ -58,3 +58,8 @@ vulnerabilities: purls: - "pkg:npm/tar@7.5.1" expired_at: 2026-09-09 + - id: CVE-2026-31802 + statement: "node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, ..." + purls: + - "pkg:npm/tar@7.5.1" + expired_at: 2026-09-09 diff --git a/src/languages/node_24_python_3_14_java_24/.devcontainer/.tool-versions b/src/languages/node_24_python_3_14_java_24/.devcontainer/.tool-versions new file mode 100644 index 0000000..944ca8c --- /dev/null +++ b/src/languages/node_24_python_3_14_java_24/.devcontainer/.tool-versions @@ -0,0 +1,4 @@ +python 3.14.3 +poetry 2.3.2 +java temurin-24.0.2+12 +maven 3.9.13 diff --git a/src/languages/node_24_python_3_14_java_24/.devcontainer/devcontainer.json b/src/languages/node_24_python_3_14_java_24/.devcontainer/devcontainer.json new file mode 100644 index 0000000..8580944 --- /dev/null +++ b/src/languages/node_24_python_3_14_java_24/.devcontainer/devcontainer.json @@ -0,0 +1,18 @@ +// For format details, see https://aka.ms/devcontainer.json. For config options, see the +// README at: https://github.com/devcontainers/templates/tree/main/src/ubuntu +{ + "name": "EPS Devcontainer node_24 python_3.14", + // Or use a Dockerfile or Docker Compose file. More info: https://containers.dev/guide/dockerfile + "build": { + "dockerfile": "../../../common_node_24/Dockerfile", + "args": { + "CONTAINER_NAME": "eps_devcontainer_${localEnv:CONTAINER_NAME}", + "MULTI_ARCH_TAG": "${localEnv:MULTI_ARCH_TAG}", + "BASE_VERSION_TAG": "${localEnv:BASE_VERSION_TAG}", + "IMAGE_TAG": "${localEnv:IMAGE_TAG}" + }, + "context": "." + }, + "features": {} + } + diff --git a/src/languages/node_24_python_3_14_java_24/.devcontainer/scripts/root_install.sh b/src/languages/node_24_python_3_14_java_24/.devcontainer/scripts/root_install.sh new file mode 100755 index 0000000..52fa2b1 --- /dev/null +++ b/src/languages/node_24_python_3_14_java_24/.devcontainer/scripts/root_install.sh @@ -0,0 +1,7 @@ +#!/usr/bin/env bash +set -e +export DEBIAN_FRONTEND=noninteractive + +# clean up +apt-get clean +rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* diff --git a/src/languages/node_24_python_3_14_java_24/.devcontainer/scripts/vscode_install.sh b/src/languages/node_24_python_3_14_java_24/.devcontainer/scripts/vscode_install.sh new file mode 100755 index 0000000..c68251d --- /dev/null +++ b/src/languages/node_24_python_3_14_java_24/.devcontainer/scripts/vscode_install.sh @@ -0,0 +1,13 @@ +#!/usr/bin/env bash +set -e + +asdf plugin add python +asdf plugin add poetry https://github.com/asdf-community/asdf-poetry.git +asdf plugin add java +asdf plugin add maven + +asdf install python +asdf install + +# install cfn-lint +pip install --user cfn-lint diff --git a/src/languages/node_24_python_3_14_java_24/.trivyignore.yaml b/src/languages/node_24_python_3_14_java_24/.trivyignore.yaml new file mode 100644 index 0000000..8799951 --- /dev/null +++ b/src/languages/node_24_python_3_14_java_24/.trivyignore.yaml @@ -0,0 +1,11 @@ +vulnerabilities: + - id: CVE-2026-23949 + statement: "jaraco.context: jaraco.context: Path traversal via malicious tar archives" + purls: + - "pkg:pypi/jaraco.context@5.3.0" + expired_at: 2026-08-12 + - id: CVE-2026-24049 + statement: "wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking" + purls: + - "pkg:pypi/wheel@0.45.1" + expired_at: 2026-08-12 diff --git a/src/languages/node_24_python_3_14_java_24/trivy.yaml b/src/languages/node_24_python_3_14_java_24/trivy.yaml new file mode 100644 index 0000000..ddcfb05 --- /dev/null +++ b/src/languages/node_24_python_3_14_java_24/trivy.yaml @@ -0,0 +1 @@ +ignorefile: "src/languages/node_24_python_3_14_java_24/.trivyignore_combined.yaml" diff --git a/src/projects/fhir_facade_api/.trivyignore.yaml b/src/projects/fhir_facade_api/.trivyignore.yaml index d8a3458..3c4b5c4 100644 --- a/src/projects/fhir_facade_api/.trivyignore.yaml +++ b/src/projects/fhir_facade_api/.trivyignore.yaml @@ -2,30 +2,26 @@ vulnerabilities: - id: CVE-2022-25235 statement: "expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution" purls: - - "pkg:deb/ubuntu/firefox@147.0.3%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=amd64&distro=ubuntu-22.04" - - "pkg:deb/ubuntu/firefox@148.0%2Bbuild1-0ubuntu0.22.04.1~mt2?arch=arm64&distro=ubuntu-22.04" - - "pkg:deb/ubuntu/firefox@148.0%2Bbuild1-0ubuntu0.22.04.1~mt2?arch=amd64&distro=ubuntu-22.04" + - "pkg:deb/ubuntu/firefox@148.0.2%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=arm64&distro=ubuntu-22.04" + - "pkg:deb/ubuntu/firefox@148.0.2%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=amd64&distro=ubuntu-22.04" expired_at: 2026-08-12 - id: CVE-2022-25236 statement: "expat: Namespace-separator characters in \"xmlns[:prefix]\" attribute values can lead to arbitrary code execution" purls: - - "pkg:deb/ubuntu/firefox@147.0.3%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=amd64&distro=ubuntu-22.04" - - "pkg:deb/ubuntu/firefox@148.0%2Bbuild1-0ubuntu0.22.04.1~mt2?arch=arm64&distro=ubuntu-22.04" - - "pkg:deb/ubuntu/firefox@148.0%2Bbuild1-0ubuntu0.22.04.1~mt2?arch=amd64&distro=ubuntu-22.04" + - "pkg:deb/ubuntu/firefox@148.0.2%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=arm64&distro=ubuntu-22.04" + - "pkg:deb/ubuntu/firefox@148.0.2%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=amd64&distro=ubuntu-22.04" expired_at: 2026-08-12 - id: CVE-2022-26485 statement: "Mozilla: Use-after-free in XSLT parameter processing" purls: - - "pkg:deb/ubuntu/firefox@147.0.3%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=amd64&distro=ubuntu-22.04" - - "pkg:deb/ubuntu/firefox@148.0%2Bbuild1-0ubuntu0.22.04.1~mt2?arch=arm64&distro=ubuntu-22.04" - - "pkg:deb/ubuntu/firefox@148.0%2Bbuild1-0ubuntu0.22.04.1~mt2?arch=amd64&distro=ubuntu-22.04" + - "pkg:deb/ubuntu/firefox@148.0.2%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=arm64&distro=ubuntu-22.04" + - "pkg:deb/ubuntu/firefox@148.0.2%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=amd64&distro=ubuntu-22.04" expired_at: 2026-08-12 - id: CVE-2022-26486 statement: "Mozilla: Use-after-free in WebGPU IPC Framework" purls: - - "pkg:deb/ubuntu/firefox@147.0.3%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=amd64&distro=ubuntu-22.04" - - "pkg:deb/ubuntu/firefox@148.0%2Bbuild1-0ubuntu0.22.04.1~mt2?arch=arm64&distro=ubuntu-22.04" - - "pkg:deb/ubuntu/firefox@148.0%2Bbuild1-0ubuntu0.22.04.1~mt2?arch=amd64&distro=ubuntu-22.04" + - "pkg:deb/ubuntu/firefox@148.0.2%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=arm64&distro=ubuntu-22.04" + - "pkg:deb/ubuntu/firefox@148.0.2%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=amd64&distro=ubuntu-22.04" expired_at: 2026-08-12 - id: CVE-2026-25547 statement: "brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion" @@ -53,63 +49,3 @@ vulnerabilities: purls: - "pkg:npm/tar@7.5.1" expired_at: 2026-08-12 - - id: CVE-2022-25235 - statement: "expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution" - purls: - - "pkg:deb/ubuntu/firefox@147.0.3%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=arm64&distro=ubuntu-22.04" - expired_at: 2026-08-13 - - id: CVE-2022-25236 - statement: "expat: Namespace-separator characters in \"xmlns[:prefix]\" attribute values can lead to arbitrary code execution" - purls: - - "pkg:deb/ubuntu/firefox@147.0.3%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=arm64&distro=ubuntu-22.04" - expired_at: 2026-08-13 - - id: CVE-2022-26485 - statement: "Mozilla: Use-after-free in XSLT parameter processing" - purls: - - "pkg:deb/ubuntu/firefox@147.0.3%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=arm64&distro=ubuntu-22.04" - expired_at: 2026-08-13 - - id: CVE-2022-26486 - statement: "Mozilla: Use-after-free in WebGPU IPC Framework" - purls: - - "pkg:deb/ubuntu/firefox@147.0.3%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=arm64&distro=ubuntu-22.04" - expired_at: 2026-08-13 - - id: CVE-2022-25235 - statement: "expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution" - purls: - - "pkg:deb/ubuntu/firefox@147.0.4%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=arm64&distro=ubuntu-22.04" - expired_at: 2026-08-16 - - id: CVE-2022-25236 - statement: "expat: Namespace-separator characters in \"xmlns[:prefix]\" attribute values can lead to arbitrary code execution" - purls: - - "pkg:deb/ubuntu/firefox@147.0.4%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=arm64&distro=ubuntu-22.04" - expired_at: 2026-08-16 - - id: CVE-2022-26485 - statement: "Mozilla: Use-after-free in XSLT parameter processing" - purls: - - "pkg:deb/ubuntu/firefox@147.0.4%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=arm64&distro=ubuntu-22.04" - expired_at: 2026-08-16 - - id: CVE-2022-26486 - statement: "Mozilla: Use-after-free in WebGPU IPC Framework" - purls: - - "pkg:deb/ubuntu/firefox@147.0.4%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=arm64&distro=ubuntu-22.04" - expired_at: 2026-08-16 - - id: CVE-2022-25235 - statement: "expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution" - purls: - - "pkg:deb/ubuntu/firefox@147.0.4%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=amd64&distro=ubuntu-22.04" - expired_at: 2026-08-16 - - id: CVE-2022-25236 - statement: "expat: Namespace-separator characters in \"xmlns[:prefix]\" attribute values can lead to arbitrary code execution" - purls: - - "pkg:deb/ubuntu/firefox@147.0.4%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=amd64&distro=ubuntu-22.04" - expired_at: 2026-08-16 - - id: CVE-2022-26485 - statement: "Mozilla: Use-after-free in XSLT parameter processing" - purls: - - "pkg:deb/ubuntu/firefox@147.0.4%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=amd64&distro=ubuntu-22.04" - expired_at: 2026-08-16 - - id: CVE-2022-26486 - statement: "Mozilla: Use-after-free in WebGPU IPC Framework" - purls: - - "pkg:deb/ubuntu/firefox@147.0.4%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=amd64&distro=ubuntu-22.04" - expired_at: 2026-08-16