From 921a7409dee20971334847a52f83af7ff91025cc Mon Sep 17 00:00:00 2001
From: Serhii Koropets <33310880+koropets@users.noreply.github.com>
Date: Thu, 28 Apr 2022 12:42:51 +0300
Subject: [PATCH] Security dependencies update. USER 999 in Dockerfile (#1243)

* Updating dependencies

* Update notebook

* USER 999
---
 Dockerfile                         |  2 +-
 requirements/full_requirements.txt | 12 ++---
 requirements/requirements.in       |  1 +
 requirements/test_requirements.in  |  3 +-
 requirements/test_requirements.txt | 70 +++++-------------------------
 5 files changed, 16 insertions(+), 72 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 8c6bb887d..76bd1ef93 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -79,4 +79,4 @@ RUN chown -R gordo:gordo ${HOME}
 # Run things from gordo's home to have write access when needed (e.g. Catboost tmp files)
 WORKDIR ${HOME}
 # Switch user
-USER gordo
+USER 999 
diff --git a/requirements/full_requirements.txt b/requirements/full_requirements.txt
index 7bfcc84ab..f16698bf3 100644
--- a/requirements/full_requirements.txt
+++ b/requirements/full_requirements.txt
@@ -1,5 +1,5 @@
 #
-# This file is autogenerated by pip-compile with python 3.7
+# This file is autogenerated by pip-compile with python 3.9
 # To update, run:
 #
 #    pip-compile --extra-index-url=<index_url> --no-emit-index-url --output-file=full_requirements.txt mlflow_requirements.in postgres_requirements.in requirements.in
@@ -65,8 +65,6 @@ backports-tempfile==1.0
     # via azureml-core
 backports-weakref==1.0.post1
     # via backports-tempfile
-cached-property==1.5.2
-    # via h5py
 cachetools==4.1.1
     # via
     #   google-auth
@@ -177,11 +175,8 @@ idna==2.8
     # via requests
 importlib-metadata==4.11.3
     # via
-    #   click
-    #   jsonschema
     #   mlflow
     #   mlflow-skinny
-    #   xarray
 influxdb==5.3.0
     # via gordo-dataset
 inject==4.2.0
@@ -276,8 +271,9 @@ ndg-httpsclient==0.5.1
     # via azureml-core
 numexpr==2.8.1
     # via gordo-dataset
-numpy==1.21.0
+numpy==1.22.3
     # via
+    #   -r requirements.in
     #   catboost
     #   h5py
     #   keras-preprocessing
@@ -484,11 +480,9 @@ threadpoolctl==2.1.0
 typing-extensions==4.2.0
     # via
     #   -r requirements.in
-    #   importlib-metadata
     #   pydantic
     #   tensorflow
     #   typing-inspect
-    #   xarray
 typing-inspect==0.5.0
     # via dataclasses-json
 urllib3==1.26.5
diff --git a/requirements/requirements.in b/requirements/requirements.in
index 610c18673..a782871ac 100644
--- a/requirements/requirements.in
+++ b/requirements/requirements.in
@@ -23,3 +23,4 @@ kiwisolver~=1.3.2
 grpcio~=1.34.1
 typing-extensions>=3.10
 pathspec>=0.9.0
+numpy>=1.22.0
diff --git a/requirements/test_requirements.in b/requirements/test_requirements.in
index 593b19774..d4bf4de48 100644
--- a/requirements/test_requirements.in
+++ b/requirements/test_requirements.in
@@ -12,8 +12,7 @@ responses~=0.13
 black~=22.3.0
 pytest-flakes~=4.0.3
 adal~=1.2
-jupyter~=1.0.0
-notebook~=6.4.1
+notebook~=6.4.10
 nbconvert~=6.0
 urllib3~=1.26
 pytest-benchmark~=3.4
diff --git a/requirements/test_requirements.txt b/requirements/test_requirements.txt
index 933ef0105..340aebf69 100644
--- a/requirements/test_requirements.txt
+++ b/requirements/test_requirements.txt
@@ -1,5 +1,5 @@
 #
-# This file is autogenerated by pip-compile with python 3.7
+# This file is autogenerated by pip-compile with python 3.9
 # To update, run:
 #
 #    pip-compile --output-file=test_requirements.txt test_requirements.in
@@ -77,13 +77,6 @@ idna==2.8
     # via
     #   -c full_requirements.txt
     #   requests
-importlib-metadata==4.11.3
-    # via
-    #   -c full_requirements.txt
-    #   click
-    #   jsonschema
-    #   pluggy
-    #   pytest
 influxdb==5.3.0
     # via
     #   -c full_requirements.txt
@@ -91,25 +84,14 @@ influxdb==5.3.0
 iniconfig==1.1.1
     # via pytest
 ipykernel==5.1.3
-    # via
-    #   ipywidgets
-    #   jupyter
-    #   jupyter-console
-    #   notebook
-    #   qtconsole
+    # via notebook
 ipython==7.11.1
-    # via
-    #   ipykernel
-    #   ipywidgets
-    #   jupyter-console
+    # via ipykernel
 ipython-genutils==0.2.0
     # via
     #   nbformat
     #   notebook
-    #   qtconsole
     #   traitlets
-ipywidgets==7.5.1
-    # via jupyter
 jedi==0.15.2
     # via ipython
 jinja2==2.11.3
@@ -122,24 +104,17 @@ jsonschema==3.2.0
     # via
     #   -c full_requirements.txt
     #   nbformat
-jupyter==1.0.0
-    # via -r test_requirements.in
 jupyter-client==6.1.12
     # via
     #   ipykernel
-    #   jupyter-console
     #   nbclient
     #   notebook
-    #   qtconsole
-jupyter-console==6.0.0
-    # via jupyter
 jupyter-core==4.6.1
     # via
     #   jupyter-client
     #   nbconvert
     #   nbformat
     #   notebook
-    #   qtconsole
 jupyterlab-pygments==0.1.2
     # via nbconvert
 markupsafe==1.1.1
@@ -150,10 +125,6 @@ mistune==0.8.4
     # via nbconvert
 mock==4.0.3
     # via -r test_requirements.in
-more-itertools==8.1.0
-    # via
-    #   -c full_requirements.txt
-    #   zipp
 msgpack==0.6.1
     # via
     #   -c full_requirements.txt
@@ -172,21 +143,18 @@ nbclient==0.5.3
 nbconvert==6.1.0
     # via
     #   -r test_requirements.in
-    #   jupyter
     #   notebook
 nbformat==5.0.3
     # via
-    #   ipywidgets
     #   nbclient
     #   nbconvert
     #   notebook
 nest-asyncio==1.5.1
-    # via nbclient
-notebook==6.4.3
     # via
-    #   -r test_requirements.in
-    #   jupyter
-    #   widgetsnbextension
+    #   nbclient
+    #   notebook
+notebook==6.4.11
+    # via -r test_requirements.in
 packaging==20.7
     # via
     #   -c full_requirements.txt
@@ -214,9 +182,7 @@ prometheus-client==0.7.1
     #   -c full_requirements.txt
     #   notebook
 prompt-toolkit==2.0.10
-    # via
-    #   ipython
-    #   jupyter-console
+    # via ipython
 ptyprocess==0.6.0
     # via
     #   pexpect
@@ -237,10 +203,8 @@ pygments==2.9.0
     # via
     #   -r test_requirements.in
     #   ipython
-    #   jupyter-console
     #   jupyterlab-pygments
     #   nbconvert
-    #   qtconsole
 pyjwt[crypto]==1.7.1
     # via
     #   -c full_requirements.txt
@@ -294,8 +258,6 @@ pyzmq==18.1.1
     # via
     #   jupyter-client
     #   notebook
-qtconsole==4.6.0
-    # via jupyter
 requests==2.25.1
     # via
     #   -c full_requirements.txt
@@ -305,7 +267,7 @@ requests==2.25.1
     #   responses
 responses==0.13.3
     # via -r test_requirements.in
-send2trash==1.5.0
+send2trash==1.8.0
     # via notebook
 six==1.15.0
     # via
@@ -342,19 +304,14 @@ traitlets==5.0.5
     # via
     #   ipykernel
     #   ipython
-    #   ipywidgets
     #   jupyter-client
     #   jupyter-core
     #   nbclient
     #   nbconvert
     #   nbformat
     #   notebook
-    #   qtconsole
 typed-ast==1.4.3
-    # via
-    #   -r test_requirements.in
-    #   black
-    #   mypy
+    # via -r test_requirements.in
 types-mock==4.0.13
     # via -r test_requirements.in
 types-python-dateutil==2.8.11
@@ -375,7 +332,6 @@ typing-extensions==4.2.0
     # via
     #   -c full_requirements.txt
     #   black
-    #   importlib-metadata
     #   mypy
 urllib3==1.26.5
     # via
@@ -391,12 +347,6 @@ websocket-client==0.57.0
     # via
     #   -c full_requirements.txt
     #   docker
-widgetsnbextension==3.5.1
-    # via ipywidgets
-zipp==2.0.0
-    # via
-    #   -c full_requirements.txt
-    #   importlib-metadata
 
 # The following packages are considered to be unsafe in a requirements file:
 # setuptools