From 30b6a1dc44d27d3fd3aee834b0d812796ab270b6 Mon Sep 17 00:00:00 2001 From: MessKon <35975404+MessKon@users.noreply.github.com> Date: Wed, 3 Aug 2022 13:28:23 +0100 Subject: [PATCH] Patch fixed critical CVEs in kserve/alibi-explainer (#2270) * update versions for alibi-explainer to resolve several critical CVEs Signed-off-by: MessKon * change required python version to >=3.7; no impact on critical CVEs Signed-off-by: MessKon * revert the kserve version change Signed-off-by: MessKon * revert alibi version change Signed-off-by: MessKon * fix flake8 lint errors Signed-off-by: MessKon * update aix360 module reference Signed-off-by: MessKon * revert aix360 module reference Signed-off-by: MessKon Signed-off-by: alexagriffith --- python/alibiexplainer/setup.py | 6 +++--- test/e2e/explainer/test_aix_explainer.py | 4 ++-- test/e2e/logger/test_logger.py | 6 +++--- test/e2e/logger/test_raw_logger.py | 6 +++--- test/e2e/predictor/test_autoscaling.py | 14 +++++++------- test/e2e/predictor/test_canary.py | 4 ++-- test/e2e/predictor/test_pytorch.py | 2 +- test/e2e/predictor/test_tensorflow.py | 4 ++-- test/e2e/predictor/test_triton.py | 4 ++-- test/e2e/transformer/test_raw_transformer.py | 2 +- test/e2e/transformer/test_transformer.py | 2 +- 11 files changed, 27 insertions(+), 27 deletions(-) diff --git a/python/alibiexplainer/setup.py b/python/alibiexplainer/setup.py index b6603f64015..886886fa1dc 100644 --- a/python/alibiexplainer/setup.py +++ b/python/alibiexplainer/setup.py @@ -29,15 +29,15 @@ description='Model Explanation Server. \ Not intended for use outside KServe Frameworks Images', long_description=open('README.md').read(), - python_requires='>=3.6', + python_requires='>=3.7', packages=find_packages("alibiexplainer"), install_requires=[ "kserve>=0.7.0", "nest_asyncio>=1.4.0", "alibi==0.6.4", "joblib>=0.13.2", - "xgboost==1.5.0", - "shap==0.40.0", + "xgboost==1.6.1", + "shap==0.41.0", ], tests_require=tests_require, extras_require={'test': tests_require} diff --git a/test/e2e/explainer/test_aix_explainer.py b/test/e2e/explainer/test_aix_explainer.py index d733df9381f..9c5d7203a10 100644 --- a/test/e2e/explainer/test_aix_explainer.py +++ b/test/e2e/explainer/test_aix_explainer.py @@ -82,9 +82,9 @@ def test_tabular_explainer(): raise e res = predict(service_name, './data/mnist_input.json') - assert(res["predictions"] == [[0.0, 0.0, 1.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0]]) + assert (res["predictions"] == [[0.0, 0.0, 1.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0]]) mask = explain_aix(service_name, './data/mnist_input.json') percent_in_mask = np.count_nonzero(mask) / np.size(np.array(mask)) - assert(percent_in_mask > 0.6) + assert (percent_in_mask > 0.6) kserve_client.delete(service_name, KSERVE_TEST_NAMESPACE) diff --git a/test/e2e/logger/test_logger.py b/test/e2e/logger/test_logger.py index 63d356b543d..b1cdd9403c4 100644 --- a/test/e2e/logger/test_logger.py +++ b/test/e2e/logger/test_logger.py @@ -82,7 +82,7 @@ def test_kserve_logger(): print(pod) res = predict(service_name, './data/iris_input.json') - assert(res["predictions"] == [1, 1]) + assert (res["predictions"] == [1, 1]) pods = kserve_client.core_api.list_namespaced_pod(KSERVE_TEST_NAMESPACE, label_selector='serving.kserve.io/inferenceservice={}'. format(msg_dumper)) @@ -93,7 +93,7 @@ def test_kserve_logger(): namespace=pod.metadata.namespace, container="kserve-container") print(log) - assert("org.kubeflow.serving.inference.request" in log) - assert("org.kubeflow.serving.inference.response" in log) + assert ("org.kubeflow.serving.inference.request" in log) + assert ("org.kubeflow.serving.inference.response" in log) kserve_client.delete(service_name, KSERVE_TEST_NAMESPACE) kserve_client.delete(msg_dumper, KSERVE_TEST_NAMESPACE) diff --git a/test/e2e/logger/test_raw_logger.py b/test/e2e/logger/test_raw_logger.py index d9cb8755ac8..cf7f3c6fad7 100644 --- a/test/e2e/logger/test_raw_logger.py +++ b/test/e2e/logger/test_raw_logger.py @@ -87,7 +87,7 @@ def test_kserve_logger(): print(pod) res = predict(service_name, './data/iris_input.json') - assert(res["predictions"] == [1, 1]) + assert (res["predictions"] == [1, 1]) pods = kserve_client.core_api.list_namespaced_pod(KSERVE_TEST_NAMESPACE, label_selector='serving.kserve.io/inferenceservice={}'. format(msg_dumper)) @@ -98,7 +98,7 @@ def test_kserve_logger(): namespace=pod.metadata.namespace, container="kserve-container") print(log) - assert("org.kubeflow.serving.inference.request" in log) - assert("org.kubeflow.serving.inference.response" in log) + assert ("org.kubeflow.serving.inference.request" in log) + assert ("org.kubeflow.serving.inference.response" in log) kserve_client.delete(service_name, KSERVE_TEST_NAMESPACE) kserve_client.delete(msg_dumper, KSERVE_TEST_NAMESPACE) diff --git a/test/e2e/predictor/test_autoscaling.py b/test/e2e/predictor/test_autoscaling.py index abb84273130..cb7604a4ce5 100644 --- a/test/e2e/predictor/test_autoscaling.py +++ b/test/e2e/predictor/test_autoscaling.py @@ -69,8 +69,8 @@ def test_sklearn_kserve_concurrency(): res = predict(service_name, INPUT) assert res["predictions"] == [1, 1] - assert(isvc_annotations[METRIC] == 'concurrency') - assert(isvc_annotations[TARGET] == '2') + assert (isvc_annotations[METRIC] == 'concurrency') + assert (isvc_annotations[TARGET] == '2') kserve_client.delete(service_name, KSERVE_TEST_NAMESPACE) @@ -108,8 +108,8 @@ def test_sklearn_kserve_rps(): annotations = pods.items[0].metadata.annotations - assert(annotations[METRIC] == 'rps') - assert(annotations[TARGET] == '5') + assert (annotations[METRIC] == 'rps') + assert (annotations[TARGET] == '5') res = predict(service_name, INPUT) assert res["predictions"] == [1, 1] kserve_client.delete(service_name, KSERVE_TEST_NAMESPACE) @@ -153,8 +153,8 @@ def test_sklearn_kserve_cpu(): isvc_annotations = pods.items[0].metadata.annotations - assert(isvc_annotations[METRIC] == 'cpu') - assert(isvc_annotations[TARGET] == '50') + assert (isvc_annotations[METRIC] == 'cpu') + assert (isvc_annotations[TARGET] == '50') res = predict(service_name, INPUT) assert res["predictions"] == [1, 1] kserve_client.delete(service_name, KSERVE_TEST_NAMESPACE) @@ -197,7 +197,7 @@ def test_sklearn_kserve_raw(): namespace=KSERVE_TEST_NAMESPACE, plural='horizontalpodautoscalers') - assert(hpa_resp['items'][0]['spec']['targetCPUUtilizationPercentage'] == 50) + assert (hpa_resp['items'][0]['spec']['targetCPUUtilizationPercentage'] == 50) res = predict(service_name, INPUT) assert res["predictions"] == [1, 1] kserve_client.delete(service_name, KSERVE_TEST_NAMESPACE) diff --git a/test/e2e/predictor/test_canary.py b/test/e2e/predictor/test_canary.py index 78a6d54b1f9..dfbc0a2ee62 100644 --- a/test/e2e/predictor/test_canary.py +++ b/test/e2e/predictor/test_canary.py @@ -72,7 +72,7 @@ def test_canary_rollout(): canary_isvc = kserve_client.get(service_name, namespace=KSERVE_TEST_NAMESPACE) for traffic in canary_isvc['status']['components']['predictor']['traffic']: if traffic['latestRevision']: - assert(traffic['percent'] == 10) + assert (traffic['percent'] == 10) # Delete the InferenceService kserve_client.delete(service_name, namespace=KSERVE_TEST_NAMESPACE) @@ -126,7 +126,7 @@ def test_canary_rollout_runtime(): canary_isvc = kserve_client.get(service_name, namespace=KSERVE_TEST_NAMESPACE) for traffic in canary_isvc['status']['components']['predictor']['traffic']: if traffic['latestRevision']: - assert(traffic['percent'] == 10) + assert (traffic['percent'] == 10) # Delete the InferenceService kserve_client.delete(service_name, namespace=KSERVE_TEST_NAMESPACE) diff --git a/test/e2e/predictor/test_pytorch.py b/test/e2e/predictor/test_pytorch.py index e4485028208..f8bfe005a41 100644 --- a/test/e2e/predictor/test_pytorch.py +++ b/test/e2e/predictor/test_pytorch.py @@ -63,5 +63,5 @@ def test_pytorch(): print(pod) raise e res = predict(service_name, './data/cifar_input.json') - assert(np.argmax(res["predictions"]) == 3) + assert (np.argmax(res["predictions"]) == 3) kserve_client.delete(service_name, KSERVE_TEST_NAMESPACE) diff --git a/test/e2e/predictor/test_tensorflow.py b/test/e2e/predictor/test_tensorflow.py index 8e4c5974a40..3296b6002fc 100644 --- a/test/e2e/predictor/test_tensorflow.py +++ b/test/e2e/predictor/test_tensorflow.py @@ -52,7 +52,7 @@ def test_tensorflow_kserve(): kserve_client.create(isvc) kserve_client.wait_isvc_ready(service_name, namespace=KSERVE_TEST_NAMESPACE) res = predict(service_name, './data/flower_input.json') - assert(np.argmax(res["predictions"][0].get('scores')) == 0) + assert (np.argmax(res["predictions"][0].get('scores')) == 0) # Delete the InferenceService kserve_client.delete(service_name, namespace=KSERVE_TEST_NAMESPACE) @@ -85,7 +85,7 @@ def test_tensorflow_runtime_kserve(): kserve_client.create(isvc) kserve_client.wait_isvc_ready(service_name, namespace=KSERVE_TEST_NAMESPACE) res = predict(service_name, './data/flower_input.json') - assert(np.argmax(res["predictions"][0].get('scores')) == 0) + assert (np.argmax(res["predictions"][0].get('scores')) == 0) # Delete the InferenceService kserve_client.delete(service_name, namespace=KSERVE_TEST_NAMESPACE) diff --git a/test/e2e/predictor/test_triton.py b/test/e2e/predictor/test_triton.py index c4d29b75353..248ed576576 100644 --- a/test/e2e/predictor/test_triton.py +++ b/test/e2e/predictor/test_triton.py @@ -74,7 +74,7 @@ def test_triton(): print(deployment) raise e res = predict(service_name, "./data/image.json", model_name='cifar10') - assert(np.argmax(res.get("predictions")[0]) == 5) + assert (np.argmax(res.get("predictions")[0]) == 5) kserve_client.delete(service_name, KSERVE_TEST_NAMESPACE) @@ -126,5 +126,5 @@ def test_triton_runtime(): print(deployment) raise e res = predict(service_name, "./data/image.json", model_name='cifar10') - assert(np.argmax(res.get("predictions")[0]) == 5) + assert (np.argmax(res.get("predictions")[0]) == 5) kserve_client.delete(service_name, KSERVE_TEST_NAMESPACE) diff --git a/test/e2e/transformer/test_raw_transformer.py b/test/e2e/transformer/test_raw_transformer.py index 453ba7c2f60..e06756294dc 100644 --- a/test/e2e/transformer/test_raw_transformer.py +++ b/test/e2e/transformer/test_raw_transformer.py @@ -77,5 +77,5 @@ def test_transformer(): raise e res = predict(service_name, "./data/transformer.json", model_name="mnist") - assert(res.get("predictions")[0] == 2) + assert (res.get("predictions")[0] == 2) kserve_client.delete(service_name, KSERVE_TEST_NAMESPACE) diff --git a/test/e2e/transformer/test_transformer.py b/test/e2e/transformer/test_transformer.py index 74ff1140981..21d6311a0d4 100644 --- a/test/e2e/transformer/test_transformer.py +++ b/test/e2e/transformer/test_transformer.py @@ -78,5 +78,5 @@ def test_transformer(): print(pod) raise e res = predict(service_name, "./data/transformer.json", model_name="mnist") - assert(res.get("predictions")[0] == 2) + assert (res.get("predictions")[0] == 2) kserve_client.delete(service_name, KSERVE_TEST_NAMESPACE)