Skip to content

Pin lightning==2.6.1 to avoid compromised 2.6.2/2.6.3#229

Closed
imbgar-roboflow wants to merge 142 commits into
mainfrom
security/pin-lightning-2.6.1-cve-ghsa-w37p-236h-pfx3
Closed

Pin lightning==2.6.1 to avoid compromised 2.6.2/2.6.3#229
imbgar-roboflow wants to merge 142 commits into
mainfrom
security/pin-lightning-2.6.1-cve-ghsa-w37p-236h-pfx3

Conversation

@imbgar-roboflow
Copy link
Copy Markdown
Contributor

@imbgar-roboflow imbgar-roboflow commented May 1, 2026

Summary

  • Pin lightning to ==2.6.1 (was >=2.4.0) so a fresh install does not resolve to the malicious wheels on PyPI.

Why

Lightning AI advisory GHSA-w37p-236h-pfx3 (published 2026-04-30) confirms that lightning / pytorch-lightning 2.6.2 and 2.6.3 on PyPI were compromised. The wheels include a hidden _runtime/ directory with a start.py downloader and an ~11 MB obfuscated router_runtime.js payload that auto-executes on import lightning, harvests credentials (GitHub/npm/PyPI tokens, cloud creds, env vars, SSH keys), and attempts to commit encoded data back to victim repos. See Socket's writeup: https://socket.dev/blog/lightning-pypi-package-compromised.

2.6.1 (published 2026-01-30) is the last known clean release. The current spec lightning>=2.4.0 is unbounded and would resolve to 2.6.3 on a fresh install — this PR forces resolvers to skip the malicious versions until upstream ships a clean replacement.

Notes

  • Hard pin is intentionally narrow until Lightning AI publishes a confirmed-clean 2.6.4+. Once that lands we can relax to a >= range again.
  • maestro has no lockfile, so no uv lock / poetry lock regeneration is needed — the pyproject.toml change is sufficient.

Test plan

  • Confirm pip install -e . still resolves successfully
  • Confirm CI passes

Matvezy and others added 30 commits February 4, 2025 20:56
@Matvezy
mask_update
f130aff
@SkalskiP
add Florence-2 object detection cookbook
7bf08cb
@SkalskiP
Merge pull request #135 from roboflow/cookbooks/florence_2_object_det…
54f3840 
…ection

add Florence-2 object detection cookbook
@dependabot
⬆️ Update mypy requirement
e3ad8bf 
Updates the requirements on [mypy](https://github.com/python/mypy) to permit the latest version.
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](python/mypy@v1.11.2...v1.15.0)

---
updated-dependencies:
- dependency-name: mypy
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@onuralpszr
Merge pull request #139 from roboflow/dependabot/pip/mypy-gte-1.11.2-…
8ee7a60 
…and-lt-1.16.0

⬆️ Update mypy requirement from <1.15.0,>=1.11.2 to >=1.11.2,<1.16.0
@onuralpszr
ci(docs): 👷 update docs ci with mkdocs-insiders and use uv
442be6b 
Signed-off-by: Onuralp SEZER <thunderbirdtr@gmail.com>
@onuralpszr
ci(docs): 📦 update mkdocs-material-insiders to version 9.6.2
2f9c3aa
@onuralpszr
Merge pull request #140 from roboflow/docs/mkdocs-insiders
908e274 
ci(docs): 👷 update docs ci with mkdocs-insiders and use uv
@cnukaus
Update pip package to have quotes therefore Mac zsh will not globbing…
fdd862b 
… [ wrong

Update index.md

Update florence_2.md

Update paligemma_2.md

Update qwen_2_5_vl.md - add quotes to fix pip instruction for Mac

Update qwen_2_5_vl.md, quote around package

Update paligemma_2.md quote around package for Mac

Update qwen_2_5_vl.md

add quotes to all pip command for consistency
@SkalskiP
Merge pull request #143 from cnukaus/develop
a5585b0
@dependabot
⬆️ Update transformers requirement from <4.48.0 to <4.49.0
c1bf76b 
Updates the requirements on [transformers](https://github.com/huggingface/transformers) to permit the latest version.
- [Release notes](https://github.com/huggingface/transformers/releases)
- [Commits](huggingface/transformers@v4.43.0...v4.48.3)

---
updated-dependencies:
- dependency-name: transformers
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@onuralpszr
docs: 📝 transformers comment about paligemma2 removed
d6f0b42
@onuralpszr
Merge pull request #151 from roboflow/dependabot/pip/transformers-lt-…
cf7ad8a 
…4.49.0

⬆️ Update transformers requirement from <4.48.0 to <4.49.0
@onuralpszr
docs: 📝 enable comments on documentation pages and add comment sectio…
2115397 
…n template
@pre-commit-ci
fix(pre_commit): 🎨 auto format pre-commit hooks
ad3a96e
@onuralpszr
Merge pull request #152 from roboflow/docs/style-updates
1e05c9c 
docs:  📝 enable comments on documentation pages and add comment section template
@onuralpszr
chore: qwen2.5 and paligemma2 notebooks maestro versions are set to l…
c920633 
…atest (#155)

Signed-off-by: Onuralp SEZER <thunderbirdtr@gmail.com>
@SkalskiP
- add JSONL docs page
6bae478 
- update contributor guidelines
- update README.md
- add `open in colab` and `roboflow dataset` buttons in cookbooks
@SkalskiP
Merge pull request #156 from roboflow/docs/jsonl_format
52b87a4 
add JSONL docs + examples
@SkalskiP
set version of maestro to latest
7e66063
@SkalskiP
Merge pull request #157 from roboflow/cookbooks/set_maestro_version_t…
895f8a9 
…o_latest

set version of maestro to latest in cookbooks
@onuralpszr
feat(logging): 🔊 add logging configuration for PyTorch Lightning and …
15e91ca 
…Transformers

Signed-off-by: Onuralp SEZER <thunderbirdtr@gmail.com>
@onuralpszr
fix(logging): 🐞 correct logger variable names and set logging levels …
c82738a 
…for clarity

Signed-off-by: Onuralp SEZER <thunderbirdtr@gmail.com>
@onuralpszr
fix(logging): 🐞 reorder import statement for configure_logging in exa…
380f7d5 
…mple usage

Signed-off-by: Onuralp SEZER <thunderbirdtr@gmail.com>
@onuralpszr
Merge pull request #128 from roboflow/log/maestro
7ae2b98 
feat(logging): 🔊 add logging configuration for PyTorch Lightning and Transformers
@pre-commit-ci
chore(pre_commit): ⬆ pre_commit autoupdate
f00f512 
updates:
- [github.com/astral-sh/ruff-pre-commit: v0.9.4 → v0.9.6](astral-sh/ruff-pre-commit@v0.9.4...v0.9.6)
- [github.com/pre-commit/mirrors-mypy: v1.14.1 → v1.15.0](pre-commit/mirrors-mypy@v1.14.1...v1.15.0)
@onuralpszr
Merge pull request #158 from roboflow/pre-commit-ci-update-config
5191104 
chore(pre_commit): ⬆ pre_commit autoupdate
@SkalskiP
initial commit with JSONLDataset refactor and Florence-2 box -> text …
b14f682 
…and text -> box parsing
@SkalskiP
initial implementation of COCO loader
457c76d
@SkalskiP
improve JSONLDataset and COCODataset API consistency
c172516
pre-commit-ci Bot and others added 26 commits April 7, 2025 17:34
@pre-commit-ci
chore(pre_commit): ⬆ pre_commit autoupdate
c3a4b7a 
updates:
- [github.com/astral-sh/ruff-pre-commit: v0.11.2 → v0.11.4](astral-sh/ruff-pre-commit@v0.11.2...v0.11.4)
@onuralpszr
Merge pull request #196 from roboflow/pre-commit-ci-update-config
359dcf7 
chore(pre_commit): ⬆ pre_commit autoupdate
@pre-commit-ci
chore(pre_commit): ⬆ pre_commit autoupdate
ee93c15 
updates:
- [github.com/astral-sh/ruff-pre-commit: v0.11.4 → v0.11.5](astral-sh/ruff-pre-commit@v0.11.4...v0.11.5)
@onuralpszr
Merge pull request #199 from roboflow/pre-commit-ci-update-config
eb2a745 
chore(pre_commit): ⬆ pre_commit autoupdate
@pre-commit-ci
chore(pre_commit): ⬆ pre_commit autoupdate
46344cc 
updates:
- [github.com/astral-sh/ruff-pre-commit: v0.11.5 → v0.11.6](astral-sh/ruff-pre-commit@v0.11.5...v0.11.6)
@onuralpszr
Merge pull request #200 from roboflow/pre-commit-ci-update-config
1ca631b 
chore(pre_commit): ⬆ pre_commit autoupdate
@pre-commit-ci
chore(pre_commit): ⬆ pre_commit autoupdate
c6a8738 
updates:
- [github.com/astral-sh/ruff-pre-commit: v0.11.6 → v0.11.7](astral-sh/ruff-pre-commit@v0.11.6...v0.11.7)
@onuralpszr
Merge pull request #201 from roboflow/pre-commit-ci-update-config
1388f9e 
chore(pre_commit): ⬆ pre_commit autoupdate
@dependabot
⬆️ Update tox requirement
ca1b3ba 
Updates the requirements on [tox](https://github.com/tox-dev/tox) to permit the latest version.
- [Release notes](https://github.com/tox-dev/tox/releases)
- [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst)
- [Commits](tox-dev/tox@4.18.1...4.26.0)

---
updated-dependencies:
- dependency-name: tox
  dependency-version: 4.26.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
⬆️ Update mypy requirement
275f2f5 
Updates the requirements on [mypy](https://github.com/python/mypy) to permit the latest version.
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](python/mypy@v1.11.2...v1.16.0)

---
updated-dependencies:
- dependency-name: mypy
  dependency-version: 1.16.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@pre-commit-ci
chore(pre_commit): ⬆ pre_commit autoupdate
4a78945 
updates:
- [github.com/astral-sh/ruff-pre-commit: v0.11.7 → v0.11.12](astral-sh/ruff-pre-commit@v0.11.7...v0.11.12)
- [github.com/pre-commit/mirrors-mypy: v1.15.0 → v1.16.0](pre-commit/mirrors-mypy@v1.15.0...v1.16.0)
@dependabot
⬆️ Update pytest requirement from ~=8.3.2 to >=8.3.2,<8.5.0
682ed06 
Updates the requirements on [pytest](https://github.com/pytest-dev/pytest) to permit the latest version.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest@8.3.2...8.4.0)

---
updated-dependencies:
- dependency-name: pytest
  dependency-version: 8.4.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@onuralpszr
Merge pull request #208 from roboflow/dependabot/pip/pytest-gte-8.3.2…
08c096a 
…-and-lt-8.5.0

⬆️ Update pytest requirement from ~=8.3.2 to >=8.3.2,<8.5.0
@onuralpszr
Merge pull request #206 from roboflow/dependabot/pip/mypy-gte-1.11.2-…
8af5a5d 
…and-lt-1.17.0

⬆️ Update mypy requirement from <1.16.0,>=1.11.2 to >=1.11.2,<1.17.0
@onuralpszr
Merge pull request #204 from roboflow/dependabot/pip/tox-gte-4.18.1-a…
752f5ac 
…nd-lt-4.27.0

⬆️ Update tox requirement from <4.26.0,>=4.18.1 to >=4.18.1,<4.27.0
@onuralpszr
Merge pull request #202 from roboflow/pre-commit-ci-update-config
7c3746e 
chore(pre_commit): ⬆ pre_commit autoupdate
@capjamesg
add new theme
bc7a7ec
@pre-commit-ci
fix(pre_commit): 🎨 auto format pre-commit hooks
cb074bc
@pre-commit-ci
chore(pre_commit): ⬆ pre_commit autoupdate
7c071b0 
updates:
- [github.com/PyCQA/bandit: 1.8.3 → 1.8.5](PyCQA/bandit@1.8.3...1.8.5)
- [github.com/astral-sh/ruff-pre-commit: v0.11.12 → v0.12.1](astral-sh/ruff-pre-commit@v0.11.12...v0.12.1)
- [github.com/pre-commit/mirrors-mypy: v1.16.0 → v1.16.1](pre-commit/mirrors-mypy@v1.16.0...v1.16.1)
@onuralpszr
Merge pull request #209 from roboflow/pre-commit-ci-update-config
5e36fd2 
chore(pre_commit): ⬆ pre_commit autoupdate
@capjamesg
update theme based on supervision feedback
5a2fd14
@capjamesg
update nav bar
a23c5a2
@capjamesg
update navigation link
0aeae5e
@capjamesg
use same stylesheet as supervision
b5218c7
@SkalskiP
Merge pull request #214 from roboflow/new-theme
f394fce 
Add new theme
@imbgar-roboflow
Pin lightning==2.6.1 to avoid compromised 2.6.2/2.6.3
216faf7 
Lightning AI advisory GHSA-w37p-236h-pfx3 reports the lightning /
pytorch-lightning 2.6.2 and 2.6.3 wheels on PyPI contain a
credential-harvesting payload that auto-executes on import. 2.6.1 is
the last known clean release.

The previous spec 'lightning>=2.4.0' would resolve to 2.6.3 on a fresh
install. Pinning to 2.6.1 forces resolvers to skip the malicious
versions until upstream publishes a clean replacement.

Refs: GHSA-w37p-236h-pfx3
@CLAassistant
Copy link
Copy Markdown

CLAassistant commented May 1, 2026
edited
Loading

CLA assistant check
All committers have signed the CLA.

@imbgar-roboflow
Copy link
Copy Markdown
Contributor Author

imbgar-roboflow commented May 1, 2026

Closing — accidentally targeted main instead of the default branch develop. Reopening against develop.

@imbgar-roboflow imbgar-roboflow deleted the security/pin-lightning-2.6.1-cve-ghsa-w37p-236h-pfx3 branch May 1, 2026 00:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

8 participants

@imbgar-roboflow @CLAassistant @Matvezy @SkalskiP @onuralpszr @cnukaus @shataxiDubey @capjamesg