From 61cfb7ee59e6a44dc6abade2d0866dea9ede18e9 Mon Sep 17 00:00:00 2001
From: Nightknight3000 <alexander.roehl@uni-tuebingen.de>
Date: Tue, 11 Jul 2023 11:31:50 +0200
Subject: [PATCH] fix: apply changes so main-ci test passes (#148)

* ci: update allowedlist.yaml and Dockerfile

* fix: remove git from image to prevent vulnerability

* fix: add vulnerabilities to allowedlist.yaml
---
 .github/containerscan/allowedlist.yaml | 24 ++++++++++++++++++++++++
 docker/Dockerfile                      |  1 +
 2 files changed, 25 insertions(+)

diff --git a/.github/containerscan/allowedlist.yaml b/.github/containerscan/allowedlist.yaml
index 67ab10c..b2a0145 100644
--- a/.github/containerscan/allowedlist.yaml
+++ b/.github/containerscan/allowedlist.yaml
@@ -1,5 +1,29 @@
 general:
   vulnerabilities:
+    - CVE-2023-29007
+    - CVE-2023-25652
+    - CVE-2023-3390
+    - CVE-2023-3389
+    - CVE-2023-3338
+    - CVE-2023-35829
+    - CVE-2023-35827
+    - CVE-2023-35824
+    - CVE-2023-35823
+    - CVE-2023-35788
+    - CVE-2023-3397
+    - CVE-2023-3268
+    - CVE-2023-3141
+    - CVE-2023-3111
+    - CVE-2023-3090
+    - CVE-2023-2156
+    - CVE-2023-2124
+    - CVE-2023-2007
+    - CVE-2022-2309
+    - CVE-2021-31239
+    - CVE-2023-31484
+    - CVE-2023-29491
+    - CVE-2023-2953
+    - CVE-2023-2603
     - CVE-2022-1015
     - CVE-2022-32221
     - CVE-2019-8457
diff --git a/docker/Dockerfile b/docker/Dockerfile
index d7fc2b6..fa6de71 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -11,6 +11,7 @@ RUN apt -y update && apt-get -y install software-properties-common && \
     apt-utils \
     locales \
     curl && \
+    apt-get remove -yqq git && \
     apt-get clean && \
     rm -rf /var/lib/apt/lists/* && \
     rm -rf /var/cache/apt/archives/*