Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
gitpod-io
GitHub Repository: gitpod-io/gitpod
 Path: blob/main/WORKSPACE.yaml
2482 views
1
# this file makes this a leeway workspace

2
defaultTarget: components:all

3
defaultArgs:

4
  imageRepoBase: "eu.gcr.io/gitpod-dev-artifact/build"

5
  coreYarnLockBase: ../..

6
  npmPublishTrigger: "false"

7
  publishToNPM: true

8
  publishToJBMarketplace: true

9
  localAppVersion: unknown

10
  codeCommit: bbd81e3f7202bb6b506c62afc097bf57e33bd11f

11
  codeVersion: 1.102.3

12
  codeQuality: stable

13
  codeWebExtensionCommit: 3953e8160fffa97dd4a4509542b4bf7ff9b704cd

14
  xtermCommit: d547d4ff4590b66c3ea24342fc62e3afcf6b77bc

15
  noVerifyJBPlugin: false

16
  intellijDownloadUrl: "https://download.jetbrains.com/idea/ideaIU-2025.1.1.1.tar.gz"

17
  golandDownloadUrl: "https://download.jetbrains.com/go/goland-2025.1.1.tar.gz"

18
  pycharmDownloadUrl: "https://download.jetbrains.com/python/pycharm-2025.1.1.1.tar.gz"

19
  phpstormDownloadUrl: "https://download.jetbrains.com/webide/PhpStorm-2025.1.1.tar.gz"

20
  rubymineDownloadUrl: "https://download.jetbrains.com/ruby/RubyMine-2025.1.1.tar.gz"

21
  webstormDownloadUrl: "https://download.jetbrains.com/webstorm/WebStorm-2025.1.1.tar.gz"

22
  riderDownloadUrl: "https://download.jetbrains.com/rider/JetBrains.Rider-2024.1.4.tar.gz"

23
  clionDownloadUrl: "https://download.jetbrains.com/cpp/CLion-2025.1.1.tar.gz"

24
  rustroverDownloadUrl: "https://download.jetbrains.com/rustrover/RustRover-2025.1.2.tar.gz"

25
  jbBackendVersion: "latest"

26
  dockerVersion: "27.5.1"

27
  dockerComposeVersion: "2.34.0-gitpod.1"

28
  ipfsKuboVersion: "v0.18.0"

29
  ipfsClusterVersion: "v1.0.8"

30
  schedulerExtenderVersion: "c1925d8"

31
provenance:

32
  enabled: true

33
  slsa: true

34
sbom:

35
  enabled: true

36
  ignoreVulnerabilities:

37
    - vulnerability: GHSA-fx4w-v43j-vc45

38
      reason: |

39
        This vulnerability in TypeORM's findOne / findOneOrFail functions can improperly interpret a crafted JSON object

40
        and concatenate it into raw SQL, potentially allowing SQL injection attacks.

41


42
        In Gitpod’s usage, TypeORM is not exposed to arbitrary user input. For example, DB migrations run preset queries;

43
        the server/bridge code does not hand raw JSON from external sources to findOne. Therefore, there is no path for

44
        injecting malicious JSON into a query, rendering the vulnerability non-exploitable.

45
    - vulnerability: GHSA-2jcg-qqmg-46q6

46
      reason: |

47
        This is a false positive. See https://github.com/browserify/resolve/issues/303

48
environmentManifest:

49
  - name: "go"

50
    command: ["sh", "-c", "go version | sed s/arm/amd/"]

51
  - name: "arch"

52
    command: ["sh", "-c", "echo amd64"]

53
defaultVariant:

54
  env:

55
    - GOARCH=amd64

56
    - DOCKER_DEFAULT_PLATFORM=linux/amd64

57
    - NODE_OPTIONS=--max_old_space_size=8192

58
    - LEEWAY_BUILD=true

59
  srcs:

60
    exclude:

61
      # Make sure we don't include node_modules/**/*.ts by accident

62
      - "**/node_modules/**"

63
  config:

64
    go:

65
      lintCommand: ["sh", "-c", "golangci-lint run --disable govet,errcheck,staticcheck --allow-parallel-runners --timeout 15m"]

66


67