Bug Report #1701576435246 (Cannot open a PHP project under Docker and opening a NodeJS project with Docker has three moderate vulnerabilities that won't repair)

Wappler General Bugs
1

OS info

  • Operating System : Windows 10.0.22631
  • Wappler Version : 6.0.1

(Cannot open a PHP project under Docker because there’s no repository to pull and opening a NodeJS project with Docker has three moderate vulnerabilities that won’t repair)

I cannot create a PHP project using Docker because it pops the following error message:

[+] Running 1/1
✘ web Error 5.1s
Error response from daemon: pull access denied for wapplerio/php-8.2-apache, repository does not exist or may require ‘docker login’: denied: requested access to the resource is denied
Error Launching Services!

I went to Docker Hub in case it was a Docker login issue. I successfully logged in and found out that problem is that there is no wapplerio/php-8.2-apache repository available in the list.

I guess that means that a PHP project is not an option today.

I had initially chosen to create a NodeJS project. While I am able to work in the NodeJS project, I cannot bring up the local server. I can, however, open the web page by entering http://www.localhost:8100/ in the browser address bar.

The problem there is that there are three moderate vulnerabilities. When I try to apply the fix, it doesn’t happen. The chain there is:

Microsoft Windows [Version 10.0.22631.2787]
© Microsoft Corporation. All rights reserved.

J:\Business\Heron Hill Equine\www 2023\HHE_Wappler_Under_Docker>npm audit

npm audit report

semver 7.0.0 - 7.5.1
Severity: moderate
semver vulnerable to Regular Expression Denial of Service - https://github.com/advisories/GHSA-c2qf-rxjj-qqgw
fix available via npm audit fix
node_modules/simple-update-notifier/node_modules/semver
simple-update-notifier 1.0.7 - 1.1.0
Depends on vulnerable versions of semver
node_modules/simple-update-notifier
nodemon 2.0.19 - 2.0.22
Depends on vulnerable versions of simple-update-notifier
node_modules/nodemon

3 moderate severity vulnerabilities

To address all issues, run:
npm audit fix

J:\Business\Heron Hill Equine\www 2023\HHE_Wappler_Under_Docker>npm audit fix

up to date, audited 269 packages in 3s

28 packages are looking for funding
run npm fund for details

npm audit report

semver 7.0.0 - 7.5.1
Severity: moderate
semver vulnerable to Regular Expression Denial of Service - https://github.com/advisories/GHSA-c2qf-rxjj-qqgw
fix available via npm audit fix
node_modules/simple-update-notifier/node_modules/semver
simple-update-notifier 1.0.7 - 1.1.0
Depends on vulnerable versions of semver
node_modules/simple-update-notifier
nodemon 2.0.19 - 2.0.22
Depends on vulnerable versions of simple-update-notifier
node_modules/nodemon

3 moderate severity vulnerabilities

To address all issues, run:
npm audit fix

J:\Business\Heron Hill Equine\www 2023\HHE_Wappler_Under_Docker>

Steps to reproduce

Full-on reproducible on every try for both problems.

When I try to use the option to close Wappler and re-open it with logging it closes out but crashes somewhere along the way and when it does re-start it isn’t logging . . . hence the above pasting of error messages.

2

The setting you use for your PHP docker project seems pretty old indeed, as we no longer use the custom php image but the original php- apache image.

So just open the project settings and resave to have the latest docker setting applied.

As for your node project those vulnerabilities are not critical and you can easily solve the by updating the node packages, there is a button for this in the bottom toolbar. Also make sure you resave the project options.

3

I set the NodeJS version aside and went with the PHP Docker option using version 8.1. When it installed it automatically updated to the current version. So that’s good.

I think the issue crept in because the Wappler 6.0.1 interface has 8.2 as the most recent option at the top of the list. I was using that when I was getting the error message. When I used 8.1 instead, everything worked out. So, there may be a tweak that needs doing at your end.

At this point the only issue I’m having is connecting to my remote server, which is optimized for PHP-Apache as it turns out. I have time to sort that out with the provider while I build the site on my local system. I have to get a MySQL database put in that server for the site as well.