security(build): remediate dependency security advisories

[WilliamBerryiii]

Description

Remediated three dependency security advisories (follow-redirects SSRF, mlflow RCE, smol-toml prototype pollution) across npm and Python dependency trees. Resolved five cascading dependency conflicts triggered by the mlflow upgrade and applied a bonus lodash update eliminating 25 pre-existing vulnerabilities. Both npm audits now report 0 vulnerabilities.

Security Advisories Addressed

Advisory	Package	Remediation	Scope
IV-001	follow-redirects	>=1.16.0 <2.0.0 npm override	docs/docusaurus/package.json
IV-002	mlflow	3.11.0rc1 → 3.11.1	evaluation/pyproject.toml, requirements-lerobot-eval.txt, training/il/lerobot/pyproject.toml
IV-003	smol-toml	>=1.6.1 npm override	package.json (root)
—	lodash	4.17.21 → 4.18.1	docs/docusaurus/package.json

Dependency Conflict Resolution

The mlflow 3.11.1 upgrade required python >=3.12. To satisfy this and avoid solver failures, the following ranges were loosened in evaluation/pyproject.toml:

• requires-python: >=3.11 → >=3.12
• numpy: >=1.26.0,<2.0.0 → >=1.26.0,<3.0.0
• marshmallow: >=3.18.0,<4.0 → >=3.18.0,<5.0
• torch: >=2.6.0,<2.8 → >=2.6.0,<3.0
• packaging: >=24.0,<25.0 → >=24.0,<27.0

The evaluation/uv.lock was regenerated (~225 packages) with updated resolution markers.

Type of Change

• 🐛 Bug fix (non-breaking change fixing an issue)
• ✨ New feature (non-breaking change adding functionality)
• 💥 Breaking change (fix or feature causing existing functionality to change)
• 📚 Documentation update
• 🏗️ Infrastructure change (Terraform/IaC)
• ♻️ Refactoring (no functional changes)

Component(s) Affected

• infrastructure/terraform/prerequisites/ - Azure subscription setup
• infrastructure/terraform/ - Terraform infrastructure
• infrastructure/setup/ - OSMO control plane / Helm
• workflows/ - Training and evaluation workflows
• training/ - Training pipelines and scripts
• docs/ - Documentation

Testing Performed

• Terraform plan reviewed (no unexpected changes)
• Terraform apply tested in dev environment
• Training scripts tested locally with Isaac Sim
• OSMO workflow submitted successfully
• Smoke tests passed (smoke_test_azure.py)

Security validation performed:

• npm audit (root): 0 vulnerabilities
• npm audit (docs/docusaurus): 0 vulnerabilities
• uv lock resolves cleanly with no conflicts

Documentation Impact

• No documentation changes needed
• Documentation updated in this PR
• Documentation issue filed

Bug Fix Checklist

• Linked to issue being fixed
• Regression test included, OR
• Justification for no regression test: dependency version bumps only — no application logic changed

Checklist

• My code follows the project conventions
• Commit messages follow conventional commit format
• I have performed a self-review
• Documentation impact assessed above
• No new linting warnings introduced

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 9 package(s) with unknown licenses.

See the Details below.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA a3d827b.

Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

License Issues

evaluation/pyproject.toml

Package	Version	License	Issue Type
torch	2.10.0	Null	Unknown License

evaluation/uv.lock

Package	Version	License	Issue Type
lerobot	0.5.0	Null	Unknown License
mlflow	3.11.1	Null	Unknown License
mlflow-skinny	3.11.1	Null	Unknown License
mlflow-tracing	3.11.1	Null	Unknown License
rich	15.0.0	Null	Unknown License
tensordict	0.12.1	Null	Unknown License

evaluation/sil/docker/requirements-lerobot-eval.txt

Package	Version	License	Issue Type
mlflow	3.11.1	Null	Unknown License

training/il/lerobot/pyproject.toml

Package	Version	License	Issue Type
mlflow	3.11.1	Null	Unknown License

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
npm/lodash	4.18.1	🟢 7.1	Details Check Score Reason Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration CI-Tests 🟢 8 23 out of 26 merged PRs checked by a CI test -- score normalized to 8 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 8 Found 25/30 approved changesets -- score normalized to 8 Contributors 🟢 10 project has 89 contributing companies or organizations Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Dependency-Update-Tool 🟢 10 update tool detected Fuzzing 🟢 10 project is fuzzed License 🟢 9 license file detected Maintained 🟢 10 14 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Pinned-Dependencies ⚠️ 1 dependency not pinned by hash detected -- score normalized to 1 SAST 🟢 9 SAST tool detected but not run on all commits Security-Policy 🟢 10 security policy file detected Signed-Releases ⚠️ -1 no releases found Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Vulnerabilities ⚠️ 0 96 existing vulnerabilities detected
pip/marshmallow	3.26.2	Unknown	Unknown
pip/torch	2.10.0	Unknown	Unknown
pip/huggingface-hub	1.10.2	🟢 6.2	Details Check Score Reason Code-Review 🟢 8 Found 25/29 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy ⚠️ 0 security policy file not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md SAST 🟢 10 SAST tool is run on all commits
pip/lerobot	0.5.0	Unknown	Unknown
pip/markdown-it-py	4.0.0	Unknown	Unknown
pip/mdurl	0.1.2	Unknown	Unknown
pip/mlflow	3.11.1	Unknown	Unknown
pip/mlflow-skinny	3.11.1	Unknown	Unknown
pip/mlflow-tracing	3.11.1	Unknown	Unknown
pip/numpy	2.2.6	Unknown	Unknown
pip/pygments	2.20.0	Unknown	Unknown
pip/rich	15.0.0	Unknown	Unknown
pip/shellingham	1.5.4	🟢 3.4	Details Check Score Reason Code-Review 🟢 5 Found 7/12 approved changesets -- score normalized to 5 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained ⚠️ 1 2 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 1 Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Security-Policy ⚠️ 0 security policy file not detected Fuzzing ⚠️ 0 project is not fuzzed Packaging ⚠️ -1 packaging workflow not detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/tensordict	0.12.1	Unknown	Unknown
pip/typer	0.24.1	Unknown	Unknown
pip/mlflow	3.11.1	Unknown	Unknown
npm/lru-cache	11.3.5	🟢 5.8	Details Check Score Reason Code-Review ⚠️ 0 Found 0/25 approved changesets -- score normalized to 0 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Maintained 🟢 10 30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10 Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 10 security policy file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md SAST 🟢 10 SAST tool is run on all commits
pip/mlflow	3.11.1	Unknown	Unknown

Scanned Files

• docs/docusaurus/package-lock.json
• evaluation/pyproject.toml
• evaluation/sil/docker/requirements-lerobot-eval.txt
• evaluation/uv.lock
• package-lock.json
• training/il/lerobot/pyproject.toml

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 65.19%. Comparing base (0c2bb9c) to head (a3d827b).

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #479   +/-   ##
=======================================
  Coverage   65.19%   65.19%           
=======================================
  Files         254      254           
  Lines       15804    15804           
  Branches     2118     2118           
=======================================
  Hits        10303    10303           
  Misses       5212     5212           
  Partials      289      289           

Flag	Coverage Δ
pester	81.11% <ø> (ø)
pytest	92.40% <ø> (ø)
pytest-dataviewer	65.12% <ø> (ø)
pytest-fuzz	1.56% <ø> (ø)
vitest	51.77% <ø> (ø)

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.