mirror of
https://github.com/meta-llama/llama-stack.git
synced 2025-12-03 09:53:45 +00:00
chore(deps): update pypdf to fix DoS vulnerabilities (#4121)
Some checks failed
SqlStore Integration Tests / test-postgres (3.13) (push) Failing after 0s
Integration Auth Tests / test-matrix (oauth2_token) (push) Failing after 1s
Integration Tests (Replay) / generate-matrix (push) Successful in 5s
Test Llama Stack Build / generate-matrix (push) Successful in 3s
SqlStore Integration Tests / test-postgres (3.12) (push) Failing after 6s
Test External Providers Installed via Module / test-external-providers-from-module (venv) (push) Has been skipped
Test llama stack list-deps / generate-matrix (push) Successful in 3s
API Conformance Tests / check-schema-compatibility (push) Successful in 13s
Python Package Build Test / build (3.12) (push) Failing after 17s
Python Package Build Test / build (3.13) (push) Failing after 17s
Test llama stack list-deps / show-single-provider (push) Successful in 50s
Test Llama Stack Build / build-single-provider (push) Successful in 53s
UI Tests / ui-tests (22) (push) Successful in 53s
Test Llama Stack Build / build (push) Successful in 52s
Test llama stack list-deps / list-deps-from-config (push) Successful in 1m18s
Test External API and Providers / test-external (venv) (push) Failing after 1m19s
Test llama stack list-deps / list-deps (push) Failing after 1m1s
Vector IO Integration Tests / test-matrix (push) Failing after 1m44s
Unit Tests / unit-tests (3.13) (push) Failing after 1m53s
Unit Tests / unit-tests (3.12) (push) Failing after 2m6s
Test Llama Stack Build / build-ubi9-container-distribution (push) Failing after 3m7s
Test Llama Stack Build / build-custom-container-distribution (push) Successful in 3m8s
Integration Tests (Replay) / Integration Tests (, , , client=, ) (push) Failing after 3m30s
Pre-commit / pre-commit (push) Successful in 4m1s
Some checks failed
SqlStore Integration Tests / test-postgres (3.13) (push) Failing after 0s
Integration Auth Tests / test-matrix (oauth2_token) (push) Failing after 1s
Integration Tests (Replay) / generate-matrix (push) Successful in 5s
Test Llama Stack Build / generate-matrix (push) Successful in 3s
SqlStore Integration Tests / test-postgres (3.12) (push) Failing after 6s
Test External Providers Installed via Module / test-external-providers-from-module (venv) (push) Has been skipped
Test llama stack list-deps / generate-matrix (push) Successful in 3s
API Conformance Tests / check-schema-compatibility (push) Successful in 13s
Python Package Build Test / build (3.12) (push) Failing after 17s
Python Package Build Test / build (3.13) (push) Failing after 17s
Test llama stack list-deps / show-single-provider (push) Successful in 50s
Test Llama Stack Build / build-single-provider (push) Successful in 53s
UI Tests / ui-tests (22) (push) Successful in 53s
Test Llama Stack Build / build (push) Successful in 52s
Test llama stack list-deps / list-deps-from-config (push) Successful in 1m18s
Test External API and Providers / test-external (venv) (push) Failing after 1m19s
Test llama stack list-deps / list-deps (push) Failing after 1m1s
Vector IO Integration Tests / test-matrix (push) Failing after 1m44s
Unit Tests / unit-tests (3.13) (push) Failing after 1m53s
Unit Tests / unit-tests (3.12) (push) Failing after 2m6s
Test Llama Stack Build / build-ubi9-container-distribution (push) Failing after 3m7s
Test Llama Stack Build / build-custom-container-distribution (push) Successful in 3m8s
Integration Tests (Replay) / Integration Tests (, , , client=, ) (push) Failing after 3m30s
Pre-commit / pre-commit (push) Successful in 4m1s
Update pypdf dependency to address vulnerabilities causing potential denial of service through infinite loops or excessive memory usage when handling malicious PDFs. The update remains fully backward compatible, with no changes to the PdfReader API. # What does this PR do? <!-- Provide a short summary of what this PR does and why. Link to relevant issues if applicable. --> Fixes #4120 <!-- If resolving an issue, uncomment and update the line below --> <!-- Closes #[issue-number] --> ## Test Plan <!-- Describe the tests you ran to verify your changes with result summaries. *Provide clear instructions so the plan can be easily re-executed.* --> Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com>
This commit is contained in:
Akshay Ghodake
GitHub
parent
6ca2a67a9f
commit
539b9c08f3
2 changed files with 8 additions and 8 deletions
|
|
@ -112,7 +112,7 @@ unit = [
|
||||||
"aiosqlite",
|
"aiosqlite",
|
||||||
"aiohttp",
|
"aiohttp",
|
||||||
"psycopg2-binary>=2.9.0",
|
"psycopg2-binary>=2.9.0",
|
||||||
"pypdf",
|
"pypdf>=6.1.3",
|
||||||
"mcp",
|
"mcp",
|
||||||
"chardet",
|
"chardet",
|
||||||
"sqlalchemy",
|
"sqlalchemy",
|
||||||
|
|
@ -135,7 +135,7 @@ test = [
|
||||||
"torchvision>=0.21.0",
|
"torchvision>=0.21.0",
|
||||||
"chardet",
|
"chardet",
|
||||||
"psycopg2-binary>=2.9.0",
|
"psycopg2-binary>=2.9.0",
|
||||||
"pypdf",
|
"pypdf>=6.1.3",
|
||||||
"mcp",
|
"mcp",
|
||||||
"datasets>=4.0.0",
|
"datasets>=4.0.0",
|
||||||
"autoevals",
|
"autoevals",
|
||||||
|
|
|
||||||
12
uv.lock
generated
12
uv.lock
generated
|
|
@ -1,5 +1,5 @@
|
||||||
version = 1
|
version = 1
|
||||||
revision = 3
|
revision = 2
|
||||||
requires-python = ">=3.12"
|
requires-python = ">=3.12"
|
||||||
resolution-markers = [
|
resolution-markers = [
|
||||||
"(python_full_version >= '3.13' and platform_machine != 'aarch64' and sys_platform == 'linux') or (python_full_version >= '3.13' and sys_platform != 'darwin' and sys_platform != 'linux')",
|
"(python_full_version >= '3.13' and platform_machine != 'aarch64' and sys_platform == 'linux') or (python_full_version >= '3.13' and sys_platform != 'darwin' and sys_platform != 'linux')",
|
||||||
|
|
@ -2166,7 +2166,7 @@ test = [
|
||||||
{ name = "milvus-lite", specifier = ">=2.5.0" },
|
{ name = "milvus-lite", specifier = ">=2.5.0" },
|
||||||
{ name = "psycopg2-binary", specifier = ">=2.9.0" },
|
{ name = "psycopg2-binary", specifier = ">=2.9.0" },
|
||||||
{ name = "pymilvus", specifier = ">=2.6.1" },
|
{ name = "pymilvus", specifier = ">=2.6.1" },
|
||||||
{ name = "pypdf" },
|
{ name = "pypdf", specifier = ">=6.1.3" },
|
||||||
{ name = "qdrant-client" },
|
{ name = "qdrant-client" },
|
||||||
{ name = "requests" },
|
{ name = "requests" },
|
||||||
{ name = "sqlalchemy" },
|
{ name = "sqlalchemy" },
|
||||||
|
|
@ -2219,7 +2219,7 @@ unit = [
|
||||||
{ name = "moto", extras = ["s3"], specifier = ">=5.1.10" },
|
{ name = "moto", extras = ["s3"], specifier = ">=5.1.10" },
|
||||||
{ name = "ollama" },
|
{ name = "ollama" },
|
||||||
{ name = "psycopg2-binary", specifier = ">=2.9.0" },
|
{ name = "psycopg2-binary", specifier = ">=2.9.0" },
|
||||||
{ name = "pypdf" },
|
{ name = "pypdf", specifier = ">=6.1.3" },
|
||||||
{ name = "sqlalchemy" },
|
{ name = "sqlalchemy" },
|
||||||
{ name = "sqlalchemy", extras = ["asyncio"], specifier = ">=2.0.41" },
|
{ name = "sqlalchemy", extras = ["asyncio"], specifier = ">=2.0.41" },
|
||||||
{ name = "sqlite-vec" },
|
{ name = "sqlite-vec" },
|
||||||
|
|
@ -3973,11 +3973,11 @@ wheels = [
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "pypdf"
|
name = "pypdf"
|
||||||
version = "5.9.0"
|
version = "6.2.0"
|
||||||
source = { registry = "https://pypi.org/simple" }
|
source = { registry = "https://pypi.org/simple" }
|
||||||
sdist = { url = "https://files.pythonhosted.org/packages/89/3a/584b97a228950ed85aec97c811c68473d9b8d149e6a8c155668287cf1a28/pypdf-5.9.0.tar.gz", hash = "sha256:30f67a614d558e495e1fbb157ba58c1de91ffc1718f5e0dfeb82a029233890a1", size = 5035118, upload-time = "2025-07-27T14:04:52.364Z" }
|
sdist = { url = "https://files.pythonhosted.org/packages/4e/2b/8795ec0378384000b0a37a2b5e6d67fa3d84802945aa2c612a78a784d7d4/pypdf-6.2.0.tar.gz", hash = "sha256:46b4d8495d68ae9c818e7964853cd9984e6a04c19fe7112760195395992dce48", size = 5272001, upload-time = "2025-11-09T11:10:41.911Z" }
|
||||||
wheels = [
|
wheels = [
|
||||||
{ url = "https://files.pythonhosted.org/packages/48/d9/6cff57c80a6963e7dd183bf09e9f21604a77716644b1e580e97b259f7612/pypdf-5.9.0-py3-none-any.whl", hash = "sha256:be10a4c54202f46d9daceaa8788be07aa8cd5ea8c25c529c50dd509206382c35", size = 313193, upload-time = "2025-07-27T14:04:50.53Z" },
|
{ url = "https://files.pythonhosted.org/packages/de/ba/743ddcaf1a8fb439342399645921e2cf2c600464cba5531a11f1cc0822b6/pypdf-6.2.0-py3-none-any.whl", hash = "sha256:4c0f3e62677217a777ab79abe22bf1285442d70efabf552f61c7a03b6f5c569f", size = 326592, upload-time = "2025-11-09T11:10:39.941Z" },
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue