chore(docker): Updated Perl & Debian pkgs

T145 · Sep 20, 2024 · 9a37a51 · 9a37a51
1 parent 8b92f3c
commit 9a37a51
Show file tree

Hide file tree

Showing 7 changed files with 28 additions and 27 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -9,7 +9,7 @@ RUN git config --global advice.detachedHead false; \
     go install -v github.com/johnkerl/miller/cmd/mlr; \
     rm -rf ./*; \
     # https://github.com/mikefarah/yq/
-    go install -v github.com/mikefarah/yq/v4@v4.44.2; \
+    go install -v github.com/mikefarah/yq/v4@v4.44.3; \
     # https://github.com/ipinfo/cli
     go install -v github.com/ipinfo/cli/ipinfo@ipinfo-3.3.1; \
     # https://github.com/projectdiscovery/dnsx
@@ -59,7 +59,7 @@ RUN apt-get -yq update --no-allow-insecure-repositories; \
 # https://hub.docker.com/r/parrotsec/core
 FROM docker.io/parrotsec/core:base-lts-amd64
 LABEL maintainer="T145" \
-      version="6.4.5" \
+      version="6.5.0" \
       description="Runs the \"Black Mirror\" project! Check it out GitHub!" \
       org.opencontainers.image.description="https://github.com/T145/black-mirror#-docker-usage"
 
@@ -132,16 +132,16 @@ RUN apt-get -q update --no-allow-insecure-repositories; \
     bc=1.07.1-3+b1 \
     build-essential=12.9 \
     csvkit=1.0.7-1 \
-    curl=7.88.1-10+deb12u6 \
+    curl=7.88.1-10+deb12u7 \
     debsums=3.0.2.1 \
     dos2unix=7.4.3-1 \
     gawk=1:5.2.1-2 \
-    git=1:2.39.2-1.1 \
+    git=1:2.39.5-0+deb12u1 \
     grepcidr=2.0-2 \
     html-xml-utils=7.7-1.1 \
     libc-ares2=1.18.1-3 \
     libpsl5=0.21.2-1 \
-    libssl3=3.0.13-1~deb12u1 \
+    libssl3=3.0.14-1~deb12u2 \
     localepurge=* \
     lynx=2.9.0dev.12-1 \
     nodejs=18.19.0+dfsg-6~deb12u2 \
@@ -183,8 +183,9 @@ RUN apt-get -q update --no-allow-insecure-repositories; \
 
 # Upgrade Perl
 # https://github.com/Perl/docker-perl
-RUN wget -q https://cpan.metacpan.org/authors/id/B/BO/BOOK/perl-5.41.1.tar.gz; \
-    echo '7dee38af601b0ba3f3730cb812cdbc799c921da440cb0ce96dd7a4f508b1a6f8 *perl-5.41.1.tar.gz' | sha256sum --strict --check -; \
+# Threaded Bookworm
+RUN wget -q https://cpan.metacpan.org/authors/id/B/BO/BOOK/perl-5.41.3.tar.gz; \
+    echo '7b9cd0f84a5350ea485ae6c57f3231d338f8a00c23f193db3964a60d38cf8850 *perl-5.41.3.tar.gz' | sha256sum --strict --check -; \
     tar --strip-components=1 -xzf perl-*.tar.gz; \
     cat *.patch | patch -p1 || :; \
     ./Configure -Darchname=x86_64-linux-gnu -Duse64bitall -Dusethreads -Duseshrplib -Dvendorprefix=/usr/local -Dusedevel -Dversiononly=undef -des; \
@@ -196,6 +197,8 @@ RUN wget -q https://cpan.metacpan.org/authors/id/B/BO/BOOK/perl-5.41.1.tar.gz; \
     wget -q https://www.cpan.org/authors/id/M/MI/MIYAGAWA/App-cpanminus-1.7047.tar.gz; \
     echo '963e63c6e1a8725ff2f624e9086396ae150db51dd0a337c3781d09a994af05a5 *App-cpanminus-1.7047.tar.gz' | sha256sum --strict --check -; \
     tar --strip-components=1 -xzf App-cpanminus-*.tar.gz; \
+    perl -pi -E 's{http://(www\.cpan\.org|backpan\.perl\.org|cpan\.metacpan\.org|fastapi\.metacpan\.org|cpanmetadb\.plackperl\.org)}{https://$1}g' bin/cpanm; \
+    perl -pi -E 's{try_lwp=>1}{try_lwp=>0}g' bin/cpanm; \
     perl bin/cpanm .; \
     wget -q 'https://www.cpan.org/authors/id/C/CH/CHRISN/Net-SSLeay-1.94.tar.gz'; \
     echo '9d7be8a56d1bedda05c425306cc504ba134307e0c09bda4a788c98744ebcd95d *Net-SSLeay-1.94.tar.gz' | sha256sum --strict --check -; \
@@ -233,4 +236,4 @@ RUN chown 0:0 /usr/bin/as; \
 RUN adduser --disabled-password --gecos "" admin
 USER admin
 
-HEALTHCHECK --interval=30s --timeout=30s --start-period=5s --retries=3 CMD [ "cpanm --version && cpm --version && command -v ipinfo && command -v ghosts && command -v parsort && command -v yq && command -v mlr" ]
+HEALTHCHECK NONE
diff --git a/README.md b/README.md
@@ -263,31 +263,29 @@ Leverage the [`ADGUARD_SOURCES.txt`](https://github.com/T145/black-mirror/blob/m
 
 ## 🐋 Docker Usage
 
-To provide a temporary container to experiment with `Black Mirror` scripts and the CLI utilities it uses, run the following:
+### Temporary Container
 
 ```bash
-docker container run -it --rm -h black-mirror ghcr.io/t145/black-mirror
+docker container run -u 0 -it --rm -h black-mirror ghcr.io/t145/black-mirror
 ```
 
-For a persistant container, use something like what's given below:
+### Persistant Container
 
 ```bash
-docker container run -it --name black-mirror -h black-mirror ghcr.io/t145/black-mirror
+docker container run -u 0 -it --name black-mirror -h black-mirror ghcr.io/t145/black-mirror
 ```
 
 Then to access the container at a later date, run:
 
 ```bash
 docker start black-mirror
-docker exec -it black-mirror /bin/bash
+docker exec -u 0 -it black-mirror /bin/bash
 ```
 
-To use the root user just append `-u 0`.
-
-NOTE: Before using `rkhunter`, be sure to run:
+### Building the Image
 
 ```bash
-rkhunter --update
+docker build --no-cache --progress=plain -t black-mirror .
 ```
 
 ## 👨‍💻 Development

diff --git a/scripts/v2/apply_filters.bash b/scripts/v2/apply_filters.bash
@@ -18,11 +18,11 @@ get_ipv6_cidrs() {
 }
 
 get_domains_from_urls() {
-	perl5.41.1 -MData::Validate::Domain=is_domain -MRegexp::Common=URI -nE 'while (/$RE{URI}{HTTP}{-scheme => "https?|udp"}{-keep}/g) {say $3 if is_domain($3, { domain_private_tld => { onion => 1 } })}'
+	perl5.41.3 -MData::Validate::Domain=is_domain -MRegexp::Common=URI -nE 'while (/$RE{URI}{HTTP}{-scheme => "https?|udp"}{-keep}/g) {say $3 if is_domain($3, { domain_private_tld => { onion => 1 } })}'
 }
 
 get_ipv4s_from_urls() {
-	perl5.41.1 -MData::Validate::IP=is_ipv4 -MRegexp::Common=URI -nE 'while (/$RE{URI}{HTTP}{-scheme => "https?|udp"}{-keep}/g) {say $3 if is_ipv4($3)}'
+	perl5.41.3 -MData::Validate::IP=is_ipv4 -MRegexp::Common=URI -nE 'while (/$RE{URI}{HTTP}{-scheme => "https?|udp"}{-keep}/g) {say $3 if is_ipv4($3)}'
 }
 
 hostsblock() {
@@ -200,22 +200,22 @@ process_list() {
 		'IPV4')
 			case "$LIST_METHOD" in
 			'BLOCK')
-				perl5.41.1 -MData::Validate::IP=is_public_ipv4 -nE 'chomp; if(defined($_) and is_public_ipv4($_)) {say $_;}'
+				perl5.41.3 -MData::Validate::IP=is_public_ipv4 -nE 'chomp; if(defined($_) and is_public_ipv4($_)) {say $_;}'
 				;;
 			# Ensure bogons get whitelisted
 			'ALLOW')
-				perl5.41.1 -MData::Validate::IP=is_ipv4 -nE 'chomp; if(defined($_) and is_ipv4($_)) {say $_;}'
+				perl5.41.3 -MData::Validate::IP=is_ipv4 -nE 'chomp; if(defined($_) and is_ipv4($_)) {say $_;}'
 				;;
 			esac
 			;;
 		'IPV6')
 			case "$LIST_METHOD" in
 			'BLOCK')
-				perl5.41.1 -MData::Validate::IP=is_public_ipv6 -nE 'chomp; if(defined($_) and is_public_ipv6($_)) {say $_;}'
+				perl5.41.3 -MData::Validate::IP=is_public_ipv6 -nE 'chomp; if(defined($_) and is_public_ipv6($_)) {say $_;}'
 				;;
 			# Ensure bogons get whitelisted
 			'ALLOW')
-				perl5.41.1 -MData::Validate::IP=is_ipv6 -nE 'chomp; if(defined($_) and is_ipv6($_)) {say $_;}'
+				perl5.41.3 -MData::Validate::IP=is_ipv6 -nE 'chomp; if(defined($_) and is_ipv6($_)) {say $_;}'
 				;;
 			esac
 			;;

diff --git a/scripts/v2/build_lists.bash b/scripts/v2/build_lists.bash
@@ -29,7 +29,7 @@ readonly -a FORMATS
 
 # https://github.com/ildar-shaimordanov/perl-utils#sponge
 sponge() {
-	perl5.41.1 -ne '
+	perl5.41.3 -ne '
 	push @lines, $_;
 	END {
 		open(OUT, ">$file")

diff --git a/scripts/v2/check_cidrs.pl b/scripts/v2/check_cidrs.pl
@@ -1,6 +1,6 @@
 #!/usr/bin/env perl
 
-use 5.41.1;
+use 5.41.3;
 use warnings;
 use strict;
 use open ':std', ':encoding(UTF-8)';

diff --git a/scripts/v2/check_domains.pl b/scripts/v2/check_domains.pl
@@ -1,6 +1,6 @@
 #!/usr/bin/env perl
 
-use 5.41.1;
+use 5.41.3;
 use warnings;
 use strict;
 use open ':std', ':encoding(UTF-8)';

diff --git a/scripts/v3/check_hosts.pl b/scripts/v3/check_hosts.pl
@@ -1,6 +1,6 @@
 #!/usr/bin/env perl
 
-use 5.41.1;
+use 5.41.3;
 use feature 'say';
 
 use utf8;