Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(sec): upgrade torch to 1.13.1 #24933

Merged
merged 1 commit into from
Jan 20, 2023

Conversation

smart2pet
Copy link
Contributor

What happened?

There are 1 security vulnerabilities found in torch 1.12.0.

What did I do?

Upgrade torch from 1.12.0 to 1.13.1 for vulnerability fix.

What did you expect to happen?

Clean out the insecure libs to used.

The specification of the pull request

PR Specification from OSCS

@codecov
Copy link

codecov bot commented Jan 7, 2023

Codecov Report

Merging #24933 (91105d1) into master (a388568) will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##           master   #24933   +/-   ##
=======================================
  Coverage   73.07%   73.07%           
=======================================
  Files         735      735           
  Lines       98133    98133           
=======================================
  Hits        71708    71708           
  Misses      25065    25065           
  Partials     1360     1360           
Flag Coverage Δ
python 82.69% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files Coverage Δ
sdks/python/apache_beam/utils/interactive_utils.py 95.12% <0.00%> (-2.44%) ⬇️
sdks/python/apache_beam/runners/direct/executor.py 96.46% <0.00%> (-0.55%) ⬇️
...ks/python/apache_beam/runners/worker/sdk_worker.py 89.08% <0.00%> (-0.17%) ⬇️
...hon/apache_beam/runners/worker/bundle_processor.py 93.54% <0.00%> (-0.13%) ⬇️
sdks/python/apache_beam/runners/common.py 88.71% <0.00%> (+0.12%) ⬆️
...eam/runners/portability/fn_api_runner/execution.py 93.13% <0.00%> (+0.63%) ⬆️

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

@github-actions
Copy link
Contributor

github-actions bot commented Jan 7, 2023

Assigning reviewers. If you would like to opt out of this review, comment assign to next reviewer:

R: @pabloem for label python.

Available commands:

  • stop reviewer notifications - opt out of the automated review tooling
  • remind me after tests pass - tag the comment author after tests pass
  • waiting on author - shift the attention set back to the author (any comment or push by the author will return the attention set to the reviewers)

The PR bot will only process comments in the main thread (not review comments).

@smart2pet
Copy link
Contributor Author

remind me after tests pass

@github-actions
Copy link
Contributor

github-actions bot commented Jan 7, 2023

Ok - I'll remind @smart2pet after tests pass

@AnandInguva
Copy link
Contributor

Run Inference Benchmarks

@smart2pet
Copy link
Contributor Author

How to do it? @AnandInguva

@smart2pet
Copy link
Contributor Author

This is a security vulnerabilitie fix. Do we need to do the benchmarks?

@AnandInguva
Copy link
Contributor

No, it is not. I thought you included torch benchmark tests but after reviewing, these tests weren't part of that suite. So, you can ignore the benchmarks comment.

@smart2pet
Copy link
Contributor Author

OK.

@github-actions
Copy link
Contributor

Reminder, please take a look at this pr: @pabloem

@github-actions
Copy link
Contributor

Assigning new set of reviewers because Pr has gone too long without review. If you would like to opt out of this review, comment assign to next reviewer:

R: @tvalentyn for label python.

Available commands:

  • stop reviewer notifications - opt out of the automated review tooling
  • remind me after tests pass - tag the comment author after tests pass
  • waiting on author - shift the attention set back to the author (any comment or push by the author will return the attention set to the reviewers)

@tvalentyn
Copy link
Contributor

How to do it? @AnandInguva

FYI Anand's comment was a command to the bot.

@tvalentyn
Copy link
Contributor

@AnandInguva will postcommit tests exercise this change?

@AnandInguva
Copy link
Contributor

@AnandInguva will postcommit tests exercise this change?

Unfortunately, no. There are no tests for these examples. I thought there were but I am wrong

@tvalentyn tvalentyn merged commit 4824014 into apache:master Jan 20, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants