Universal Anaconda: Update "wheel" due to CVE-2022-40898 (devcontaine…

…rs#456)

src/anaconda/.devcontainer/Dockerfile

@@ -65,7 +65,9 @@ RUN python3 -m pip install \
  # https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34141
  numpy \
  # https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23491
- certifi
+ certifi \
+ # https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40898
+ wheel
 
 # Copy environment.yml (if found) to a temp location so we can update the environment. Also
 # copy "noop.txt" so the COPY instruction does not fail if no environment.yml exists.

src/anaconda/manifest.json

@@ -29,7 +29,8 @@
  "cryptography",
  "mistune",
  "numpy",
- "certifi"
+ "certifi",
+ "wheel"
  ],
  "other": {
  "git": {},

src/anaconda/test-project/test.sh

@@ -44,5 +44,8 @@ check-version-ge "mistune-requirement" "${mistune_version}" "2.0.3"
 numpy_version=$(python -c "import numpy; print(numpy.__version__)")
 check-version-ge "numpy-requirement" "${numpy_version}" "1.22"
 
+wheel_version=$(python -c "import wheel; print(wheel.__version__)")
+check-version-ge "wheel-requirement" "${wheel_version}" "0.38.1"
+
 # Report result
 reportResults

src/universal/manifest.json

@@ -118,7 +118,8 @@
  "requests",
  "plotly",
  "jupyterlab-git",
- "certifi"
+ "certifi",
+ "wheel"
  ],
  "other": {
  "git": {},

src/universal/test-project/test.sh

@@ -181,6 +181,9 @@ check "java-version-on-path-is-12.0.2" java --version | grep 12.0.2
 MAVEN_PATH=$(cd /usr/local/sdkman/candidates/maven/3*/lib/ && pwd)
 check "commons-io-lib" bash -c "ls ${MAVEN_PATH} | grep commons-io-2.11.jar"
 
+wheel_version=$(python -c "import wheel; print(wheel.__version__)")
+check-version-ge "wheel-requirement" "${wheel_version}" "0.38.1"
+
 ls -la /home/codespace
 
 # Report result