feat: add dedicated vulnerability removal bit

Makefile

@@ -4,7 +4,7 @@
 # All the content is in `docker-bits`; this Makefile
 # just builds target dockerfiles by combining the dockerbits.
 #
-# Management of build, pull/push, and testing is modified from 
+# Management of build, pull/push, and testing is modified from
 # https://github.com/jupyter/docker-stacks
 
 # The docker-stacks tag
@@ -103,12 +103,13 @@ rstudio: cpu
 		$(SRC)/4_CLI.Dockerfile \
 		$(SRC)/5_DB-Drivers.Dockerfile \
 		$(SRC)/6_$(@).Dockerfile \
+		$(SRC)/7_remove_vulnerabilities.Dockerfile \
 		$(SRC)/∞_CMD.Dockerfile \
 	>   $(OUT)/$@/Dockerfile
 
 # create directories for current images
-jupyterlab: pytorch tensorflow cpu 
-	
+jupyterlab: pytorch tensorflow cpu
+
 	for type in $^; do \
 		mkdir -p $(OUT)/$@-$${type}; \
 		cp -r resources/common/* $(OUT)/$@-$${type}/; \
@@ -118,6 +119,7 @@ jupyterlab: pytorch tensorflow cpu
 			$(SRC)/4_CLI.Dockerfile \
 			$(SRC)/5_DB-Drivers.Dockerfile \
 			$(SRC)/6_$(@).Dockerfile \
+			$(SRC)/7_remove_vulnerabilities.Dockerfile \
 			$(SRC)/∞_CMD.Dockerfile \
 		>   $(OUT)/$@-$${type}/Dockerfile; \
 	done
@@ -135,6 +137,7 @@ remote-desktop:
 		$(SRC)/3_Kubeflow.Dockerfile \
 		$(SRC)/4_CLI.Dockerfile \
 		$(SRC)/6_remote-desktop.Dockerfile \
+		$(SRC)/7_remove_vulnerabilities.Dockerfile \
 		$(SRC)/∞_CMD_remote-desktop.Dockerfile \
 	>   $(OUT)/$@/Dockerfile
 

docker-bits/0_cpu.Dockerfile

@@ -9,11 +9,6 @@ USER root
 
 ENV PATH="/home/jovyan/.local/bin/:${PATH}"
 
-# Remove libpdfbox-java due to CVE-2019-0228. See https://github.com/StatCan/kubeflow-containers/issues/249#issuecomment-834808115 for details.
-# Issue opened https://github.com/jupyter/docker-stacks/issues/1299.
-# This line of code should be removed once a solution or better alternative is found.
 RUN apt-get update --yes \
     && apt-get install --yes language-pack-fr \
-    && dpkg -r --force-depends libpdfbox-java \
-    && apt --fix-broken --yes install \
     && rm -rf /var/lib/apt/lists/*

docker-bits/7_remove_vulnerabilities.Dockerfile

@@ -0,0 +1,7 @@
+# Remove libpdfbox-java due to CVE-2019-0228. See https://github.com/StatCan/kubeflow-containers/issues/249#issuecomment-834808115 for details.
+# Issue opened https://github.com/jupyter/docker-stacks/issues/1299.
+# This line of code should be removed once a solution or better alternative is found.
+RUN apt-get update --yes \
+    && dpkg -r --force-depends libpdfbox-java \
+    && apt --fix-broken --yes install \
+    && rm -rf /var/lib/apt/lists/*

output/jupyterlab-cpu/Dockerfile

@@ -19,13 +19,8 @@ USER root
 
 ENV PATH="/home/jovyan/.local/bin/:${PATH}"
 
-# Remove libpdfbox-java due to CVE-2019-0228. See https://github.com/StatCan/kubeflow-containers/issues/249#issuecomment-834808115 for details.
-# Issue opened https://github.com/jupyter/docker-stacks/issues/1299.
-# This line of code should be removed once a solution or better alternative is found.
 RUN apt-get update --yes \
     && apt-get install --yes language-pack-fr \
-    && dpkg -r --force-depends libpdfbox-java \
-    && apt --fix-broken --yes install \
     && rm -rf /var/lib/apt/lists/*
 
 ###############################
@@ -236,6 +231,18 @@ COPY jupyterlab-overrides.json /opt/conda/share/jupyter/lab/settings/overrides.j
 ENV DEFAULT_JUPYTER_URL=/lab
 ENV GIT_EXAMPLE_NOTEBOOKS=https://github.com/statcan/jupyter-notebooks
 
+###############################
+###  docker-bits/7_remove_vulnerabilities.Dockerfile
+###############################
+
+# Remove libpdfbox-java due to CVE-2019-0228. See https://github.com/StatCan/kubeflow-containers/issues/249#issuecomment-834808115 for details.
+# Issue opened https://github.com/jupyter/docker-stacks/issues/1299.
+# This line of code should be removed once a solution or better alternative is found.
+RUN apt-get update --yes \
+    && dpkg -r --force-depends libpdfbox-java \
+    && apt --fix-broken --yes install \
+    && rm -rf /var/lib/apt/lists/*
+
 ###############################
 ###  docker-bits/∞_CMD.Dockerfile
 ###############################

output/jupyterlab-pytorch/Dockerfile

@@ -19,13 +19,8 @@ USER root
 
 ENV PATH="/home/jovyan/.local/bin/:${PATH}"
 
-# Remove libpdfbox-java due to CVE-2019-0228. See https://github.com/StatCan/kubeflow-containers/issues/249#issuecomment-834808115 for details.
-# Issue opened https://github.com/jupyter/docker-stacks/issues/1299.
-# This line of code should be removed once a solution or better alternative is found.
 RUN apt-get update --yes \
     && apt-get install --yes language-pack-fr \
-    && dpkg -r --force-depends libpdfbox-java \
-    && apt --fix-broken --yes install \
     && rm -rf /var/lib/apt/lists/*
 
 ###############################
@@ -333,6 +328,18 @@ COPY jupyterlab-overrides.json /opt/conda/share/jupyter/lab/settings/overrides.j
 ENV DEFAULT_JUPYTER_URL=/lab
 ENV GIT_EXAMPLE_NOTEBOOKS=https://github.com/statcan/jupyter-notebooks
 
+###############################
+###  docker-bits/7_remove_vulnerabilities.Dockerfile
+###############################
+
+# Remove libpdfbox-java due to CVE-2019-0228. See https://github.com/StatCan/kubeflow-containers/issues/249#issuecomment-834808115 for details.
+# Issue opened https://github.com/jupyter/docker-stacks/issues/1299.
+# This line of code should be removed once a solution or better alternative is found.
+RUN apt-get update --yes \
+    && dpkg -r --force-depends libpdfbox-java \
+    && apt --fix-broken --yes install \
+    && rm -rf /var/lib/apt/lists/*
+
 ###############################
 ###  docker-bits/∞_CMD.Dockerfile
 ###############################

output/jupyterlab-tensorflow/Dockerfile

@@ -19,13 +19,8 @@ USER root
 
 ENV PATH="/home/jovyan/.local/bin/:${PATH}"
 
-# Remove libpdfbox-java due to CVE-2019-0228. See https://github.com/StatCan/kubeflow-containers/issues/249#issuecomment-834808115 for details.
-# Issue opened https://github.com/jupyter/docker-stacks/issues/1299.
-# This line of code should be removed once a solution or better alternative is found.
 RUN apt-get update --yes \
     && apt-get install --yes language-pack-fr \
-    && dpkg -r --force-depends libpdfbox-java \
-    && apt --fix-broken --yes install \
     && rm -rf /var/lib/apt/lists/*
 
 ###############################
@@ -328,6 +323,18 @@ COPY jupyterlab-overrides.json /opt/conda/share/jupyter/lab/settings/overrides.j
 ENV DEFAULT_JUPYTER_URL=/lab
 ENV GIT_EXAMPLE_NOTEBOOKS=https://github.com/statcan/jupyter-notebooks
 
+###############################
+###  docker-bits/7_remove_vulnerabilities.Dockerfile
+###############################
+
+# Remove libpdfbox-java due to CVE-2019-0228. See https://github.com/StatCan/kubeflow-containers/issues/249#issuecomment-834808115 for details.
+# Issue opened https://github.com/jupyter/docker-stacks/issues/1299.
+# This line of code should be removed once a solution or better alternative is found.
+RUN apt-get update --yes \
+    && dpkg -r --force-depends libpdfbox-java \
+    && apt --fix-broken --yes install \
+    && rm -rf /var/lib/apt/lists/*
+
 ###############################
 ###  docker-bits/∞_CMD.Dockerfile
 ###############################

output/remote-desktop/Dockerfile

@@ -439,6 +439,18 @@ RUN wget --quiet https://repo.anaconda.com/miniconda/Miniconda3-${CONDA_VERSION}
 ENV DEFAULT_JUPYTER_URL=desktop/?autoconnect=true
 ENV HOME=/home/jovyan
 
+###############################
+###  docker-bits/7_remove_vulnerabilities.Dockerfile
+###############################
+
+# Remove libpdfbox-java due to CVE-2019-0228. See https://github.com/StatCan/kubeflow-containers/issues/249#issuecomment-834808115 for details.
+# Issue opened https://github.com/jupyter/docker-stacks/issues/1299.
+# This line of code should be removed once a solution or better alternative is found.
+RUN apt-get update --yes \
+    && dpkg -r --force-depends libpdfbox-java \
+    && apt --fix-broken --yes install \
+    && rm -rf /var/lib/apt/lists/*
+
 ###############################
 ###  docker-bits/∞_CMD_remote-desktop.Dockerfile
 ###############################

output/rstudio/Dockerfile

@@ -19,13 +19,8 @@ USER root
 
 ENV PATH="/home/jovyan/.local/bin/:${PATH}"
 
-# Remove libpdfbox-java due to CVE-2019-0228. See https://github.com/StatCan/kubeflow-containers/issues/249#issuecomment-834808115 for details.
-# Issue opened https://github.com/jupyter/docker-stacks/issues/1299.
-# This line of code should be removed once a solution or better alternative is found.
 RUN apt-get update --yes \
     && apt-get install --yes language-pack-fr \
-    && dpkg -r --force-depends libpdfbox-java \
-    && apt --fix-broken --yes install \
     && rm -rf /var/lib/apt/lists/*
 
 ###############################
@@ -166,6 +161,18 @@ RUN chown $NB_USER:users /var/lib/rstudio-server/rstudio.sqlite
 ENV DEFAULT_JUPYTER_URL="/rstudio"
 ENV GIT_EXAMPLE_NOTEBOOKS=https://github.com/statcan/R-notebooks.git
 
+###############################
+###  docker-bits/7_remove_vulnerabilities.Dockerfile
+###############################
+
+# Remove libpdfbox-java due to CVE-2019-0228. See https://github.com/StatCan/kubeflow-containers/issues/249#issuecomment-834808115 for details.
+# Issue opened https://github.com/jupyter/docker-stacks/issues/1299.
+# This line of code should be removed once a solution or better alternative is found.
+RUN apt-get update --yes \
+    && dpkg -r --force-depends libpdfbox-java \
+    && apt --fix-broken --yes install \
+    && rm -rf /var/lib/apt/lists/*
+
 ###############################
 ###  docker-bits/∞_CMD.Dockerfile
 ###############################