From 8fc6ce5eee31b97ee6c6b702c8e91ae9b3b20781 Mon Sep 17 00:00:00 2001 From: Mahathi Vatsal Date: Mon, 24 Jun 2024 15:28:55 -0700 Subject: [PATCH] Fix security issues --- .../samples/azure/requirements.txt | 2 +- .../samples/interoperability/requirements.txt | 8 ++++---- docs/notebooks/transfer_learning/requirements.txt | 12 ++++++------ .../bert_large/inference/gpu/requirements.txt | 2 +- .../pytorch/rnnt/inference/cpu/requirements.txt | 10 +++++----- .../pytorch/rnnt/training/cpu/requirements.txt | 12 ++++++------ .../distilbert_base/inference/requirements.txt | 2 +- .../bert_large/inference/gpu/requirements.txt | 2 +- .../distilbert/inference/gpu/requirements.txt | 6 +++--- .../recommendation/pytorch/dlrm/requirements.txt | 4 ++-- .../pytorch/memrec_dlrm/requirements.txt | 10 +++++----- 11 files changed, 35 insertions(+), 35 deletions(-) diff --git a/datasets/cloud_data_connector/samples/azure/requirements.txt b/datasets/cloud_data_connector/samples/azure/requirements.txt index d8ae6ce2c..861d669e4 100644 --- a/datasets/cloud_data_connector/samples/azure/requirements.txt +++ b/datasets/cloud_data_connector/samples/azure/requirements.txt @@ -1,3 +1,3 @@ mlflow -scikit-learn==1.2.2 +scikit-learn>=1.5.0 xlrd==2.0.1 diff --git a/datasets/cloud_data_connector/samples/interoperability/requirements.txt b/datasets/cloud_data_connector/samples/interoperability/requirements.txt index 5f5285264..6631a0213 100644 --- a/datasets/cloud_data_connector/samples/interoperability/requirements.txt +++ b/datasets/cloud_data_connector/samples/interoperability/requirements.txt @@ -1,6 +1,6 @@ +build==0.10.0 mlflow -scikit-learn==1.2.2 -xlrd==2.0.1 -pandas-gbq==0.19.1 notebook==6.5.4 -build==0.10.0 +pandas-gbq==0.19.1 +scikit-learn>=1.5.0 +xlrd==2.0.1 diff --git a/docs/notebooks/transfer_learning/requirements.txt b/docs/notebooks/transfer_learning/requirements.txt index 341eff8a3..2a953cf53 100644 --- a/docs/notebooks/transfer_learning/requirements.txt +++ b/docs/notebooks/transfer_learning/requirements.txt @@ -1,8 +1,8 @@ -accelerate>=0.20.1 -Pillow~=10.2.0 # upgraded to fix CVEs PyYAML~=6.0 +accelerate>=0.20.1 charset-normalizer~=3.1.0 datasets~=2.12.0 +evaluate==0.4.0 fsspec~=2023.9.2 gin-config~=0.5.0 intel-extension-for-pytorch==1.13.100 @@ -18,9 +18,10 @@ notebook~=7.0.7 numpy~=1.23.5 opencv-python~=4.7.0.72 pandas~=2.0.1 +pillow>=10.3.0 # upgraded to avoid a vulnerability psutil~=5.9.5 pycocotools~=2.0.6 -scikit-learn~=1.2.2 +scikit-learn>=1.5.0 scipy~=1.10.1 sentencepiece~=0.1.99 tensorflow-addons~=0.20.0 @@ -29,7 +30,6 @@ tensorflow-hub~=0.13.0 tf-models-official torch==1.13.1 torchvision==0.14.1 -transformers~=4.36.0 -urllib3~=2.0.2 +transformers~=4.38.0 # upgraded to avoid a vulnerability +urllib3>=2.2.2 wget~=3.2 -evaluate==0.4.0 diff --git a/models/language_modeling/pytorch/bert_large/inference/gpu/requirements.txt b/models/language_modeling/pytorch/bert_large/inference/gpu/requirements.txt index 33d46be5c..394c2bb56 100644 --- a/models/language_modeling/pytorch/bert_large/inference/gpu/requirements.txt +++ b/models/language_modeling/pytorch/bert_large/inference/gpu/requirements.txt @@ -1,2 +1,2 @@ tensorboardX -transformers==4.36.0 # fixed for Snyk scans to avoid vulnerability +transformers==4.38.0 diff --git a/models/language_modeling/pytorch/rnnt/inference/cpu/requirements.txt b/models/language_modeling/pytorch/rnnt/inference/cpu/requirements.txt index d8b31abea..f78c58a86 100755 --- a/models/language_modeling/pytorch/rnnt/inference/cpu/requirements.txt +++ b/models/language_modeling/pytorch/rnnt/inference/cpu/requirements.txt @@ -1,11 +1,11 @@ -pandas -tqdm==4.31.1 ascii-graph==1.5.1 -wrapt==1.10.11 +ipdb librosa -toml +pandas soundfile -ipdb sox tensorboard==2.0.0 +toml +tqdm==4.66.3 wheel==0.38.0 # Included this to avoid a vulnerability +wrapt==1.10.11 diff --git a/models/language_modeling/pytorch/rnnt/training/cpu/requirements.txt b/models/language_modeling/pytorch/rnnt/training/cpu/requirements.txt index a212b6056..e1f8ebc36 100755 --- a/models/language_modeling/pytorch/rnnt/training/cpu/requirements.txt +++ b/models/language_modeling/pytorch/rnnt/training/cpu/requirements.txt @@ -1,11 +1,11 @@ -pandas -tqdm==4.41.0 ascii-graph==1.5.1 -wrapt==1.10.11 +ipdb librosa -toml +pandas soundfile -ipdb sox tensorboard==2.0.0 -wheel==0.38.0 # Included this to avoid a vulnerability +toml +tqdm==4.66.3 +wheel==0.38.0 # upgraded to avoid a vulnerability +wrapt==1.10.11 diff --git a/models/language_modeling/tensorflow/distilbert_base/inference/requirements.txt b/models/language_modeling/tensorflow/distilbert_base/inference/requirements.txt index 87f5675b4..ddb601a16 100644 --- a/models/language_modeling/tensorflow/distilbert_base/inference/requirements.txt +++ b/models/language_modeling/tensorflow/distilbert_base/inference/requirements.txt @@ -3,4 +3,4 @@ evaluate==0.3.0 scikit-learn>=1.1.2 scipy>=1.9.3 tokenizers==0.13.1 -transformers==4.36.0 # fixed for Snyk scans to avoid vulnerability +transformers==4.38.0 # upgraded to avoid a vulnerability diff --git a/models_v2/pytorch/bert_large/inference/gpu/requirements.txt b/models_v2/pytorch/bert_large/inference/gpu/requirements.txt index 589a226c5..394c2bb56 100644 --- a/models_v2/pytorch/bert_large/inference/gpu/requirements.txt +++ b/models_v2/pytorch/bert_large/inference/gpu/requirements.txt @@ -1,2 +1,2 @@ -transformers==4.36.2 tensorboardX +transformers==4.38.0 diff --git a/models_v2/pytorch/distilbert/inference/gpu/requirements.txt b/models_v2/pytorch/distilbert/inference/gpu/requirements.txt index 859928626..17b5e2f1d 100644 --- a/models_v2/pytorch/distilbert/inference/gpu/requirements.txt +++ b/models_v2/pytorch/distilbert/inference/gpu/requirements.txt @@ -1,6 +1,6 @@ -transformers==4.36.0 gitpython==3.1.41 -tensorboard>=1.14.0 -tensorboardX==1.8 psutil==5.6.6 scipy>=1.4.1 +tensorboard>=1.14.0 +tensorboardX==1.8 +transformers==4.38.0 diff --git a/quickstart/recommendation/pytorch/dlrm/requirements.txt b/quickstart/recommendation/pytorch/dlrm/requirements.txt index 382512974..1d580317a 100644 --- a/quickstart/recommendation/pytorch/dlrm/requirements.txt +++ b/quickstart/recommendation/pytorch/dlrm/requirements.txt @@ -1,6 +1,6 @@ future numpy +scikit-learn>=1.5.0 torch -wheel==0.38.0 # Included this to avoid a vulnerability -scikit-learn tqdm +wheel==0.38.0 # upgraded to avoid a vulnerability diff --git a/quickstart/recommendation/pytorch/memrec_dlrm/requirements.txt b/quickstart/recommendation/pytorch/memrec_dlrm/requirements.txt index 96cd18dd3..8e34cc059 100644 --- a/quickstart/recommendation/pytorch/memrec_dlrm/requirements.txt +++ b/quickstart/recommendation/pytorch/memrec_dlrm/requirements.txt @@ -1,10 +1,10 @@ future==0.18.3 numpy==1.26.0 -onnx==1.15.0 #Upgraded to avoid vulnerability +onnx==1.16.0 #Upgraded to avoid vulnerability pydot==1.4.2 +scikit-learn==1.5.0 +tensorboard==2.14.0 torch==2.0.1 torchviz==0.0.2 -scikit-learn==1.3.0 -tqdm==4.66.1 -tensorboard==2.14.0 -wheel==0.38.1 +tqdm==4.66.3 +wheel==0.38.1 # upgraded to avoid a vulnerability