security(deps): bump diffusers from 0.35.2 to 0.38.0 in /training/il/lerobot in the pip group across 1 directory

[dependabot]

Bumps the pip group with 1 update in the /training/il/lerobot directory: diffusers.

Updates diffusers from 0.35.2 to 0.38.0

Release notes

Sourced from diffusers's releases.

Diffusers 0.38.0: New image and audio pipelines, Core library improvements, and more

New Pipelines

LLaDA2

LLaDA2 is a family of discrete diffusion language models that generate text through block-wise iterative refinement. Instead of autoregressive token-by-token generation, LLaDA2 starts with a fully masked sequence and progressively unmasks tokens by confidence over multiple refinement steps.

• PR: huggingface/diffusers#13226
• Docs: https://huggingface.co/docs/diffusers/main/api/pipelines/llada2

Nucleus-MoE

NucleusMoE-Image is a 2B active 17B parameter model trained with efficiency at its core. Our novel architecture highlights the scalability of a sparse MoE architecture for Image generation.

• PR: huggingface/diffusers#13317
• Docs: https://huggingface.co/docs/diffusers/main/api/pipelines/nucleusmoe_image

Thanks to @​sippycoder for the contribution.

Ernie-Image

ERNIE-Image is a powerful and highly efficient image generation model with 8B parameters.

• PR: huggingface/diffusers#13432
• Docs: https://huggingface.co/docs/diffusers/main/api/pipelines/ernie_image

Thanks to @​HsiaWinter for the contribution.

LongCat-AudioDiT

LongCat-AudioDiT is a text-to-audio diffusion model from Meituan LongCat.

• PR: huggingface/diffusers#13483
• Docs: https://huggingface.co/docs/diffusers/main/api/pipelines/longcat_audio_dit

Thanks to @​RuixiangMa for the contribution.

Ace-Step 1.5

ACE-Step 1.5 generates variable-length stereo audio at 48 kHz (10 seconds to 10 minutes) from text prompts and optional lyrics. The full system pairs a Language Model planner with a Diffusion Transformer (DiT) synthesizer; this pipeline wraps the DiT half of that stack, and consists of three components: an AutoencoderOobleck VAE that compresses waveforms into 25 Hz stereo latents, a Qwen3-based text encoder for prompt and lyric conditioning, and an AceStepTransformer1DModel DiT that operates in the VAE latent space using flow matching.

• PR: huggingface/diffusers#13095
• Docs: https://huggingface.co/docs/diffusers/main/api/pipelines/ace_step

Thanks to @ChuxiJ for the contribution.

Flux.2 Small Decoder

Make your Flux.2 decoding faster with this new small decoder model from the Black Forest Labs. You can check it out here. It was contributed by @​huemin-art in this PR.

... (truncated)

Commits

• 275869d Release: v0.38.0-release
• 42a46e4 Fix missing latents_bn_std dtype cast in VAE normalization (#13299)
• 1a8a17b Add ACE-Step pipeline for text-to-music generation (#13095)
• 303c1d8 [Ernie-Image] Add lora support (#13575)
• 716f246 Fix UniPC scheduler device mismatch when using offloading (#13489)
• a5bc046 NucleusMoE docs (#13661)
• 4744648 [ci] use tokenizers stable installtion in CI. (#13562)
• 50cb2db feat: support ring attention with arbitrary KV sequence lengths (#13545)
• 0fff459 Fix ErnieImagePipeline pre-computed prompt_embeds + num_images_per_prompt sha...
• 2173c55 [docs] fix typo in AutoencoderOobleck docs (#13642) (#13645)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 2 package(s) with unknown licenses.

See the Details below.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA 8263ee8.

Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

License Issues

training/il/lerobot/requirements.txt

Package	Version	License	Issue Type
cryptography	48.0.0	Null	Unknown License
diffusers	0.38.0	Null	Unknown License

OpenSSF Scorecard

Package	Version	Score	Details
pip/cryptography	48.0.0	Unknown	Unknown
pip/diffusers	0.38.0	Unknown	Unknown

Scanned Files

• training/il/lerobot/requirements.txt

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 77.38%. Comparing base (c06c4e3) to head (8263ee8).

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #621   +/-   ##
=======================================
  Coverage   77.38%   77.38%           
=======================================
  Files         272      272           
  Lines       18140    18140           
  Branches     2452     2452           
=======================================
  Hits        14038    14038           
  Misses       3677     3677           
  Partials      425      425           

Flag	Coverage Δ		*Carryforward flag
pester	83.13% <ø> (ø)		Carriedforward from c06c4e3
pytest-data-pipeline	100.00% <ø> (ø)		Carriedforward from c06c4e3
pytest-dataviewer	93.60% <ø> (ø)		Carriedforward from c06c4e3
pytest-dm-tools	100.00% <ø> (ø)		Carriedforward from c06c4e3
pytest-evaluation	99.51% <ø> (ø)
pytest-fuzz	4.89% <ø> (ø)
pytest-inference	100.00% <ø> (ø)		Carriedforward from c06c4e3
pytest-training	93.32% <ø> (ø)
vitest	53.34% <ø> (ø)		Carriedforward from c06c4e3
vitest-app	53.34% <ø> (ø)		Carriedforward from c06c4e3
vitest-components	53.34% <ø> (ø)		Carriedforward from c06c4e3
vitest-features	53.34% <ø> (ø)		Carriedforward from c06c4e3
vitest-lib	53.34% <ø> (ø)		Carriedforward from c06c4e3
vitest-state	53.34% <ø> (ø)		Carriedforward from c06c4e3

*This pull request uses carry forward flags. Click here to find out more.

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[github-actions]

Advisory Review Summary

Affected surfaces: python-runtime (training/il/lerobot — IL / LeRobot imitation learning)

Package	From	To	Severity	Surface
diffusers	0.35.2	0.38.0	No advisory in PR body	python-runtime (il-training)
cryptography	46.0.7	48.0.0	No advisory in PR body; security(deps): prefix implies CVE	python-runtime (il-training)

---

diffusers

Bump: 0.35.2 → 0.38.0 (direct LeRobot dependency, lockfile-only pin in training/il/lerobot/requirements.txt)

Release highlights (from PR body — sourced from diffusers releases):

• New pipelines: LLaDA2 (discrete diffusion language model), NucleusMoE-Image (2B/17B MoE), ERNIE-Image (8B), LongCat-AudioDiT, ACE-Step 1.5, Flux.2 Small Decoder
• Bug fixes: latents_bn_std dtype cast in VAE normalisation, UniPC scheduler device mismatch, ErnieImagePipeline prompt embedding

ABI sensitivity: diffusers is not in the Isaac Sim ABI-sensitive set (numpy, torch, tensordict, onnxruntime-gpu). No GPU smoke-test gate applies. No training/rl/ manifest changes detected; Isaac Sim ABI guard does not apply.

Advisory enrichment: External advisory APIs (OSV.dev, GitHub Advisory, PyPI) were inaccessible from the sandbox firewall. No GHSA or CVE IDs appear in the PR body.

---

cryptography

Bump: 46.0.7 → 48.0.0 (transitive dependency via azure-identity and azure-storage-blob, lockfile-only pin)

This is a two-major-release jump. The security(deps): PR title prefix implies a known vulnerability in the 46.x line motivated the update. No GHSA or CVE IDs are present in the PR body and external APIs are blocked by the sandbox firewall.

Maintainer action: Verify the relevant advisories in the cryptography CHANGELOG for versions 47.x and 48.0.0.

---

Transitive-only pin note

Both package changes are lockfile-only updates to training/il/lerobot/requirements.txt. No corresponding manifest (pyproject.toml) change appears in the diff. This is expected for a pip-compiled lockfile.

---

Uncovered manifest note

training/il/lerobot/ is not listed in .github/dependabot.yml. The Dependabot configuration covers pip for /training/rl and /evaluation but not for /training/il/lerobot. This PR was triggered via a security alert rather than a scheduled Dependabot entry. Consider adding a pip entry for /training/il/lerobot to enable routine lockfile updates.

---

Validation Signal

Deterministic CI:

• PR_VALIDATION_CONCLUSION (env): in_progress:in_progress — captured before the orchestrator completed
• pr-validation-summary: success — run
• Pytest Training / Pytest Training: success — run
• Python Lint / Ruff Lint and Format Check: success — run

The orchestrator env var captured an in-progress state; per-surface check runs have since completed successfully.

Static impact reasoning: Both changes are lockfile-only pins in training/il/lerobot/requirements.txt. No training/rl/requirements.txt or training/rl/pyproject.toml changes are present, so the Isaac Sim numpy ABI guard (>=1.26.0,<2.0.0) does not apply. cryptography is a security-critical transitive dependency; no ABI sensitivity to GPU runtimes.

---

Advisory verdict: COMMENT — PR_VALIDATION_CONCLUSION was in_progress:in_progress at agent start (per-surface checks are green). Advisory enrichment was limited by the sandbox network firewall; maintainers should verify cryptography CVE coverage before merging. The uncovered training/il/lerobot manifest entry in dependabot.yml is recommended.

🔒 - Generated by Copilot

Generated by AW Dependabot PR Review for issue #621 · ● 474.6K

[github-actions]

diffusers 0.35.2 → 0.38.0 (direct LeRobot dep, lockfile-only)

Minor version bump spanning three releases. Release highlights include new pipelines (LLaDA2, NucleusMoE, ERNIE-Image, ACE-Step 1.5, Flux.2 Small Decoder) and core library improvements — no ABI-breaking changes reported. Not in the Isaac Sim ABI-sensitive set (numpy, torch, tensordict, onnxruntime-gpu), so no GPU smoke-test gate applies.

[github-actions]

cryptography 46.0.7 → 48.0.0 (transitive, lockfile-only)

This is a two-major-release jump for a security-critical package. The security(deps): PR title prefix signals that a known vulnerability in the 46.x line motivated this bump. Transitive consumers are azure-identity and azure-storage-blob.

No GHSA or CVE IDs appear in the PR body, and external advisory APIs are inaccessible from the sandbox. Verify the relevant advisories in the cryptography CHANGELOG for versions 47.x and 48.0.0 before merging.

[dependabot]

Superseded by #638.