security: clear remaining resolvable Dependabot advisories (black, pytest, starlette, fastapi)#43
Merged
Merged
Conversation
Builds on #41. Resolves 7 of the 14 remaining advisories — the rest are upstream-blocked behind langfair-mantric's `langchain ^0.3.7` pin and will need a coordinated fork update. ## What this fixes | Severity | Package | From -> To | Advisory | |---|---|---|---| | high | black | 25.1 -> 26.3.1 | GHSA-3936-cmfr-pm3m (cache filename arbitrary write) | | high | starlette | <0.47 -> >=0.49.1 | GHSA-7f5h-v6xp-fcq8 (range-header O(n^2) DoS) | | medium | starlette | <0.47 -> >=0.49.1 | GHSA-2c2j-9gv5-cj73 (multipart parser DoS) | | medium | pytest | <9 -> >=9.0.3 | GHSA-6w46-j5rx-g56g (tmpdir handling) | | dev | pytest-asyncio | 0.25.3 -> 1.x | required for pytest 9 compat | | dev | fastapi | 0.115.x -> 0.136 | required for starlette 0.49+ compat | The pre-commit black hook is also bumped to 26.3.1 so local + CI runs both use the patched binary. ## What stays open (and why) 7 advisories on the LangChain 0.3.x ecosystem are upstream-blocked: - langchain-core <1.2.22 (1 high + 1 low) - langchain-text-splitters <1.1.2 (1 medium) - langchain-openai <1.1.14 (1 low) - duplicates of the above from Dependabot's rescan history `langfair @ git+...langfair-mantric.git` pins `langchain ^0.3.7`, which forces the entire LangChain ecosystem onto the 0.3.x line. AICertify doesn't import LangChain directly — it's transitive via langfair — so the right fix is to update langfair-mantric to allow LangChain 1.x, not to fork it again here. Also deferred: transformers 5.0.0rc3 (release candidate; not safe for production). ## Verification poetry.lock regenerated with the new constraints; resolver succeeded. Key resolved versions: - black 26.3.1, pytest 9.0.3, pytest-asyncio 1.3.0 - fastapi 0.136.1, starlette 1.0.0 - LangChain ecosystem on 0.3.x (langfair-pinned) - All prior security pins preserved (aiohttp 3.13.5, urllib3 2.7.0, pillow 12.2.0, pypdf 6.11.0, nltk 3.9.4, protobuf 5.29.6, transformers 4.57.6)
…tting Two unrelated cleanups bundled together because both surfaced from the same dependency bump in the parent commit. ## Workflow permissions (CodeQL #1, #2 — both medium) GitHub Actions workflows should explicitly limit GITHUB_TOKEN permissions (least privilege). Add top-level permissions: contents: read to the two flagged workflows: - .github/workflows/aicertify-ci.yaml - .github/workflows/pre-commit.yaml (auto-label.yaml already declares job-level permissions with issues:write + pull-requests:write + contents:read and isn't flagged.) ## Black 26.3.1 formatting churn Black 26.x removed the extra blank line that 25.x left between the last import-block and the first non-import statement in modules. Running black 26 reformats 9 files in aicertify/ — pure whitespace deletions, no semantic change. This unblocks the pre-commit CI which would otherwise fail on the pinned black version after the parent commit bumped it. Files reformatted: aicertify/api/__init__.py aicertify/api/evaluators.py aicertify/api/policy.py aicertify/api/reports.py aicertify/api/utils.py aicertify/evaluators/api.py aicertify/models/evaluation_models.py aicertify/report_generation/flexible_extraction.py aicertify/report_generation/report_models.py
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Follow-up to #41. Closes the resolvable subset of the 14 remaining open advisories. The 7 that remain are upstream-blocked behind
langfair-mantric'slangchain ^0.3.7pin (see "What stays open" below).Closed by this PR (7 alerts on 4 unique fixes)
Plus two coupling bumps (no advisory, required for the resolver to succeed):
pytest-asyncio0.25.3 → 1.3.0 (needed for pytest 9 compat)fastapi0.115.x → 0.136.x (needed for starlette 0.49+ compat)The pre-commit black hook is also bumped from 25.1.0 to 26.3.1 so the lint pass uses the patched binary.
What stays open (7 alerts) and why
The LangChain ecosystem advisories require migrating from the 0.3.x line to 1.x:
langchain-core<1.2.22 (1 high + 1 low)langchain-text-splitters<1.1.2 (1 medium)langchain-openai<1.1.14 (1 low)langfair @ git+...langfair-mantric.gitpinslangchain ^0.3.7, which transitively forces every LangChain-* dep onto the 0.3.x line. AICertify itself doesn't import LangChain (it's pulled in transitively vialangfair,posthog,sentry-sdk), so the correct upstream fix is to update langfair-mantric to allowlangchain ^1.Also deferred:
transformers 5.0.0rc3— release candidate, not safe for production. Will resolve when 5.0.0 stable ships.After merge
Verification
poetry lock --regeneratesucceeded with the new constraints. CI exercisespoetry install+import aicertify(which doesn't touch LangChain APIs).Key resolved versions: black 26.3.1, pytest 9.0.3, pytest-asyncio 1.3.0, fastapi 0.136.1, starlette 1.0.0. All prior security pins from #41 preserved.