Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update versions (requirements, tox, pre-commit hooks) #13

Merged
merged 3 commits into from
Jun 15, 2022
Merged

Update versions (requirements, tox, pre-commit hooks) #13

merged 3 commits into from
Jun 15, 2022

Conversation

cofri
Copy link
Collaborator

@cofri cofri commented Jun 8, 2022
edited
Loading

Versions of packages in multiple files have been updated:

  • NumPy 1.19.5 has a vulnerability and must be avoided (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34141). The fixed version in requirements.txt is then removed to fetch the latest NumPy version.
  • The tox virtual environments were fetching different torch/torchvision versions from the ones in requirements.txt. These versions are now aligned in both files to torch==1.10.2+cu113 and torchvision==0.11.3+cu113.
  • The pre-commit hooks have been updated to retrieve the latest versions up to date. Note that black hook 21.6b0 was broken: an update was mandatory.

cofri added 3 commits June 14, 2022 11:15
@cofri
chore: update versions of pre-commit hooks
ca39a7f 
Note that black hook was broken, requiring the update for this hook. In the
meantime, other hooks were updated too.
Moreover, some other files did not pass the "trailing spaces" hook. They were
fixed.
@cofri
fix: align PyTorch version in tox with requirements.txt
74dcef2
@cofri
chore: remove NumPy fixed version in requirements
9bd9956 
NumPy<1.22.0 has a vulnerability (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34141).
This is an opportunity to remove the dependency to a specific version and to
fetch the latest NumPy version.
@cofri cofri force-pushed the chore/remove_numpy_version branch from 8b2ec01 to 9bd9956 Compare June 14, 2022 09:29
@cofri cofri changed the title Remove fixed NumPy version in requirements Update versions (requirements, tox, pre-commit hooks) Jun 14, 2022
@cofri cofri marked this pull request as ready for review June 14, 2022 10:00
@cofri cofri requested review from justinplakoo and thib-s June 14, 2022 10:00
thib-s
thib-s approved these changes Jun 14, 2022
View reviewed changes
Copy link
Member

@thib-s thib-s left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It seems that the setup.py forces the GPU version of pytorch while the GitHub CI only have cpu which might break
Otherwise LGTM

@cofri cofri merged commit e8c11cc into develop Jun 15, 2022
@cofri cofri deleted the chore/remove_numpy_version branch June 15, 2022 15:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@thib-s thib-s thib-s approved these changes

@justinplakoo justinplakoo Awaiting requested review from justinplakoo

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@cofri @thib-s