Merge pull request #182 from intel/fix_security_issues

Fix versions to resolve security issues

Signed-off-by: Mahathi Vatsal Salopanthula<mahathi.vatsal.salopanthula@intel.com>

datasets/cloud_data_connector/samples/azure/requirements.txt

@@ -1,3 +1,3 @@
 mlflow
-scikit-learn==1.2.2
+scikit-learn>=1.5.0
 xlrd==2.0.1

datasets/cloud_data_connector/samples/interoperability/requirements.txt

@@ -1,6 +1,6 @@
+build==0.10.0
 mlflow
-scikit-learn==1.2.2
-xlrd==2.0.1
-pandas-gbq==0.19.1
 notebook==6.5.4
-build==0.10.0
+pandas-gbq==0.19.1
+scikit-learn>=1.5.0
+xlrd==2.0.1

docs/notebooks/transfer_learning/requirements.txt

@@ -1,8 +1,8 @@
-accelerate>=0.20.1
-Pillow~=10.2.0 # upgraded to fix CVEs
 PyYAML~=6.0
+accelerate>=0.20.1
 charset-normalizer~=3.1.0
 datasets~=2.12.0
+evaluate==0.4.0
 fsspec~=2023.9.2
 gin-config~=0.5.0
 intel-extension-for-pytorch==1.13.100
@@ -18,9 +18,10 @@ notebook~=7.0.7
 numpy~=1.23.5
 opencv-python~=4.7.0.72
 pandas~=2.0.1
+pillow>=10.3.0 # upgraded to avoid a vulnerability
 psutil~=5.9.5
 pycocotools~=2.0.6
-scikit-learn~=1.2.2
+scikit-learn>=1.5.0
 scipy~=1.10.1
 sentencepiece~=0.1.99
 tensorflow-addons~=0.20.0
@@ -29,7 +30,6 @@ tensorflow-hub~=0.13.0
 tf-models-official
 torch==1.13.1
 torchvision==0.14.1
-transformers~=4.36.0
-urllib3~=2.0.2
+transformers~=4.38.0 # upgraded to avoid a vulnerability
+urllib3>=2.2.2
 wget~=3.2
-evaluate==0.4.0

models/language_modeling/pytorch/bert_large/inference/gpu/requirements.txt

@@ -1,2 +1,2 @@
 tensorboardX
-transformers==4.36.0 # fixed for Snyk scans to avoid vulnerability
+transformers==4.38.0

models/language_modeling/pytorch/rnnt/inference/cpu/requirements.txt

@@ -1,11 +1,11 @@
-pandas
-tqdm==4.31.1
 ascii-graph==1.5.1
-wrapt==1.10.11
+ipdb
 librosa
-toml
+pandas
 soundfile
-ipdb
 sox
 tensorboard==2.0.0
+toml
+tqdm==4.66.3
 wheel==0.38.0 # Included this to avoid a vulnerability
+wrapt==1.10.11

models/language_modeling/pytorch/rnnt/training/cpu/requirements.txt

@@ -1,11 +1,11 @@
-pandas
-tqdm==4.41.0
 ascii-graph==1.5.1
-wrapt==1.10.11
+ipdb
 librosa
-toml
+pandas
 soundfile
-ipdb
 sox
 tensorboard==2.0.0
-wheel==0.38.0 # Included this to avoid a vulnerability
+toml
+tqdm==4.66.3
+wheel==0.38.0 # upgraded to avoid a vulnerability
+wrapt==1.10.11

models/language_modeling/tensorflow/distilbert_base/inference/requirements.txt

@@ -3,4 +3,4 @@ evaluate==0.3.0
 scikit-learn>=1.1.2
 scipy>=1.9.3
 tokenizers==0.13.1
-transformers==4.36.0 # fixed for Snyk scans to avoid vulnerability
+transformers==4.38.0 # upgraded to avoid a vulnerability

models_v2/pytorch/bert_large/inference/gpu/requirements.txt

@@ -1,2 +1,2 @@
-transformers==4.36.2
 tensorboardX
+transformers==4.38.0

models_v2/pytorch/distilbert/inference/gpu/requirements.txt

@@ -1,6 +1,6 @@
-transformers==4.36.0
 gitpython==3.1.41
-tensorboard>=1.14.0
-tensorboardX==1.8
 psutil==5.6.6
 scipy>=1.4.1
+tensorboard>=1.14.0
+tensorboardX==1.8
+transformers==4.38.0

quickstart/recommendation/pytorch/dlrm/requirements.txt

@@ -1,6 +1,6 @@
 future
 numpy
+scikit-learn>=1.5.0
 torch
-wheel==0.38.0 # Included this to avoid a vulnerability
-scikit-learn
 tqdm
+wheel==0.38.0 # upgraded to avoid a vulnerability

quickstart/recommendation/pytorch/memrec_dlrm/requirements.txt

@@ -1,10 +1,10 @@
 future==0.18.3
 numpy==1.26.0
-onnx==1.15.0  #Upgraded to avoid vulnerability
+onnx==1.16.0  #Upgraded to avoid vulnerability
 pydot==1.4.2
+scikit-learn==1.5.0
+tensorboard==2.14.0
 torch==2.0.1
 torchviz==0.0.2
-scikit-learn==1.3.0
-tqdm==4.66.1
-tensorboard==2.14.0
-wheel==0.38.1
+tqdm==4.66.3
+wheel==0.38.1 # upgraded to avoid a vulnerability