From d34491da719f65ddd590777a183e3d9f27d2829b Mon Sep 17 00:00:00 2001 From: Michael Denkowski Date: Wed, 23 Oct 2024 14:14:06 -0500 Subject: [PATCH 1/3] Retire DeepSpeed support. --- .github/workflows/push_pr.yml | 4 +--- .github/workflows/python-publish.yml | 2 -- requirements/requirements.deepspeed.txt | 1 - 3 files changed, 1 insertion(+), 6 deletions(-) delete mode 100644 requirements/requirements.deepspeed.txt diff --git a/.github/workflows/push_pr.yml b/.github/workflows/push_pr.yml index d27822f76..c9fdbcc4f 100644 --- a/.github/workflows/push_pr.yml +++ b/.github/workflows/push_pr.yml @@ -30,8 +30,6 @@ jobs: run: python -m pip install --upgrade pip - name: Sockeye requirements run: pip install -r requirements/requirements.txt - - name: DeepSpeed requirements - run: pip install -r requirements/requirements.deepspeed.txt - name: Faiss requirements run: | if [ "$RUNNER_OS" == "Linux" ]; then @@ -57,4 +55,4 @@ jobs: run: check-manifest --ignore sockeye/git_version.py - name: System tests run: | - pytest test/system + pytest test/system diff --git a/.github/workflows/python-publish.yml b/.github/workflows/python-publish.yml index 44e827301..ed92c19c0 100644 --- a/.github/workflows/python-publish.yml +++ b/.github/workflows/python-publish.yml @@ -24,8 +24,6 @@ jobs: pip install setuptools wheel twine - name: Sockeye requirements run: pip install -r requirements/requirements.txt - - name: DeepSpeed requirements - run: pip install -r requirements/requirements.deepspeed.txt - name: Development requirements run: pip install -r requirements/requirements.dev.txt - name: Unit tests diff --git a/requirements/requirements.deepspeed.txt b/requirements/requirements.deepspeed.txt deleted file mode 100644 index 7a22db486..000000000 --- a/requirements/requirements.deepspeed.txt +++ /dev/null @@ -1 +0,0 @@ -deepspeed==0.6.5 From e04cef60b9e22a1b8b6511237afd551c99db07d0 Mon Sep 17 00:00:00 2001 From: Michael Denkowski Date: Wed, 23 Oct 2024 14:19:31 -0500 Subject: [PATCH 2/3] Update version and changelog. --- CHANGELOG.md | 6 ++++++ sockeye/__init__.py | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 77effc9c2..e8afe9c88 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -11,6 +11,12 @@ Note that Sockeye has checks in place to not translate with an old model that wa Each version section may have subsections for: _Added_, _Changed_, _Removed_, _Deprecated_, and _Fixed_. +## [3.1.39] + +### Removed + +- Retired DeepSpeed support due to security issue (remote code execution vulnerability) with the supported version of DeepSpeed (0.6.5). + ## [3.1.38] ### Fixed diff --git a/sockeye/__init__.py b/sockeye/__init__.py index 80b1416a6..b6d453f36 100644 --- a/sockeye/__init__.py +++ b/sockeye/__init__.py @@ -11,4 +11,4 @@ # express or implied. See the License for the specific language governing # permissions and limitations under the License. -__version__ = '3.1.38' +__version__ = '3.1.39' From 07a9d410ef640e0e5652d1ab2cc54ef92233eb71 Mon Sep 17 00:00:00 2001 From: Michael Denkowski Date: Wed, 23 Oct 2024 14:26:51 -0500 Subject: [PATCH 3/3] Specify error type. --- test/unit/test_deepspeed.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/unit/test_deepspeed.py b/test/unit/test_deepspeed.py index 74a3efc7a..46a01dc7b 100644 --- a/test/unit/test_deepspeed.py +++ b/test/unit/test_deepspeed.py @@ -26,7 +26,7 @@ try: import deepspeed deepspeed_installed = True -except: +except ImportError: deepspeed_installed = False