Skip to content

Fix jupyter_core and protobuf vulnerabilities #960

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Fix jupyter_core and protobuf vulnerabilities #960

wants to merge 1 commit into from

Conversation

balvisio
Copy link
Collaborator

Description

Type of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Refactor
  • Documentation update
  • Other (please describe): Fix vulnerabilities reported by pulse scan

CI Pipeline Configuration

Configure CI behavior by applying the relevant labels:

Note

By default, the notebooks validation tests are skipped unless explicitly enabled.

Authorizing CI Runs

We use copy-pr-bot to manage authorization of CI
runs on NVIDIA's compute resources.

  • If a pull request is opened by a trusted user and contains only trusted changes, the pull request's code will
    automatically be copied to a pull-request/ prefixed branch in the source repository (e.g. pull-request/123)
  • If a pull request is opened by an untrusted user or contains untrusted changes, an NVIDIA org member must leave an
    /ok to test comment on the pull request to trigger CI. This will need to be done for each new commit.

Usage

TODO: Add code snippet

Pre-submit Checklist

  • I have tested these changes locally
  • I have updated the documentation accordingly
  • I have added/updated tests as needed
  • All existing tests pass successfully

@copy-pr-bot copy-pr-bot
Copy link

copy-pr-bot bot commented Jun 26, 2025

This pull request requires additional validation before any workflows can run on NVIDIA's runners.

Pull request vetters can view their responsibilities here.

Contributors can view more details about this message here.

@balvisio
Copy link
Collaborator Author

/ok to test 9e4e3d0

@codecov-commenter
Copy link

codecov-commenter commented Jun 27, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 84.22%. Comparing base (5c254b6) to head (c171a91).

✅ All tests successful. No failed tests found.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #960      +/-   ##
==========================================
+ Coverage   84.19%   84.22%   +0.02%     
==========================================
  Files         144      144              
  Lines        9398     9398              
==========================================
+ Hits         7913     7915       +2     
+ Misses       1485     1483       -2

see 1 file with indirect coverage changes

@balvisio balvisio force-pushed the ba/BIONEMO-2224-fix-vulnerabilities branch from 9e4e3d0 to 2086bda Compare June 30, 2025 03:33
@balvisio
Copy link
Collaborator Author

/ok to test 2086bda

@balvisio balvisio force-pushed the ba/BIONEMO-2224-fix-vulnerabilities branch from 2086bda to c171a91 Compare July 1, 2025 14:28
@balvisio
Copy link
Collaborator Author

balvisio commented Jul 1, 2025

/ok to test c171a91

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dorotat-nv dorotat-nv Awaiting requested review from dorotat-nv dorotat-nv is a code owner

@jstjohn jstjohn Awaiting requested review from jstjohn jstjohn is a code owner

@ohadmo ohadmo Awaiting requested review from ohadmo ohadmo is a code owner

@pstjohn pstjohn Awaiting requested review from pstjohn pstjohn is a code owner

@trvachov trvachov Awaiting requested review from trvachov trvachov is a code owner

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@balvisio @codecov-commenter