data-prep-kit icon indicating copy to clipboard operation
data-prep-kit copied to clipboard
verified publisher icon IBM

Look into the Quay security scanner checks that show a couple of critical severity issues with our images (e.g., as related to the existence of old pyarrow versions)

Open shahrokhDaijavad opened this issue 1 year ago • 2 comments

Search before asking

  • [X] I searched the issues and found no similar issues.

Component

Other

What happened + What you expected to happen

image

Reproduction script

Look into the Quay UI, e.g. here: https://quay.io/repository/dataprep1/data-prep-kit/noop-ray/manifest/sha256:bad77827518054a1b8a8a70a174dcf9709756d49fb1fee8da6845b3722ecaacd?tab=vulnerabilities

Anything else

No response

OS

MacOS (limited support)

Python

3.11.x

Are you willing to submit a PR?

  • [ ] Yes I am willing to submit a PR!

shahrokhDaijavad avatar Aug 22 '24 16:08 shahrokhDaijavad

@shahrokhDaijavad is this still an issue?

agoyal26 avatar Mar 24 '25 08:03 agoyal26

@agoyal26 This is still an issue. For instance, see this: https://quay.io/repository/dataprep1/data-prep-kit/noop-ray/manifest/sha256:8d48e2d7616a33108b5ba4c83a88ab80d86e9a18e8102dd9b196dfe08e360307?tab=vulnerabilities

We did have a meeting with the Quay team (Red Hat guys) about this, and although this issue was not resolved, they told us not to give it priority (with IBM owning Red Hat). Let's not close the issue.

shahrokhDaijavad avatar Mar 24 '25 16:03 shahrokhDaijavad