RHAIENG-2443: Fixed CVE-2025-62593 by bump codeflare-sdk@main from 0.32.1 to 0.33.0 #2757

ysok · 2025-12-04T20:11:52Z

RHAIENG-2200 : Fixed CVE-2025-62593 by bump codeflare-sdk@main from 0.32.1 to 0.33.0

Description

Discussion here: https://redhat-internal.slack.com/archives/C09UP5LF85P/p1764878306535259?thread_ts=1764875652.951929&cid=C09UP5LF85P

How Has This Been Tested?

Self checklist (all need to be checked):

Ensure that you have run make test (gmake on macOS) before asking for review
Changes to everything except Dockerfile.konflux files should be done in odh/notebooks and automatically synced to rhds/notebooks. For Konflux-specific changes, modify Dockerfile.konflux files directly in rhds/notebooks as these require special attention in the downstream repository and flow to the upcoming RHOAI release.

Merge criteria:

The commits are squashed in a cohesive manner and have meaningful messages.
Testing instructions have been added in the PR body (for PRs involving changes that are not immediately obvious).
The developer has manually tested the changes and verified that the changes work

Summary by CodeRabbit

Release Notes

Chores
- Updated CodeFlare SDK dependency to version 0.33.0 across all Jupyter notebook and runtime environments
- Updated additional Python package dependencies (Click, Ray, PyToolConfig, and others) to latest versions
- Enhanced build infrastructure with optimized build platform configurations for improved build performance
- Updated development environment tooling for improved build stability

_{✏️ Tip: You can customize this high-level summary in your review settings.}

coderabbitai · 2025-12-04T20:12:05Z

Walkthrough

This PR updates the codeflare-sdk dependency from version 0.32.x to 0.33.0 across multiple Python 3.12 notebook and runtime environments. Additional changes include Tekton build platform adjustments, gcc-toolset dependency additions to shell scripts, and version updates to related packages.

Changes

Cohort / File(s)	Change Summary
Tekton build platform configurations `.tekton/odh-base-image-cuda-12-8-py312-c9s-pull-request.yaml`, `.tekton/odh-base-image-cuda-12-8-py312-c9s-push.yaml`, `.tekton/odh-base-image-cuda-py312-c9s-pull-request.yaml`, `.tekton/odh-workbench-jupyter-pytorch-rocm-py312-ubi9-pull-request.yaml`, `.tekton/odh-workbench-jupyter-trustyai-cpu-py312-ubi9-pull-request.yaml`	Replaced `linux/arm64` or `linux-m2xlarge/arm64` with `linux-d160-m2xlarge/arm64` in build-platforms configuration; added documentation comment regarding resource increase to m2xlarge.
Shell script dependency additions `codeserver/ubi9-python-3.12/devel_env_setup.sh`, `codeserver/ubi9-python-3.12/get_code_server_rpm.sh`	Added `gcc-toolset-13-libatomic-devel` and `gcc-toolset-14-libatomic-devel` to OS-specific package installation commands.
Jupyter notebook pyproject.toml files `jupyter/datascience/ubi9-python-3.12/pyproject.toml`, `jupyter/pytorch/ubi9-python-3.12/pyproject.toml`, `jupyter/rocm/pytorch/ubi9-python-3.12/pyproject.toml`, `jupyter/rocm/tensorflow/ubi9-python-3.12/pyproject.toml`, `jupyter/tensorflow/ubi9-python-3.12/pyproject.toml`, `jupyter/trustyai/ubi9-python-3.12/pyproject.toml`	Updated `codeflare-sdk` dependency from `~=0.32.1` to `~=0.33.0`.
Jupyter notebook pylock.toml files `jupyter/datascience/ubi9-python-3.12/pylock.toml`, `jupyter/pytorch/ubi9-python-3.12/pylock.toml`, `jupyter/rocm/pytorch/ubi9-python-3.12/pylock.toml`, `jupyter/rocm/tensorflow/ubi9-python-3.12/pylock.toml`, `jupyter/tensorflow/ubi9-python-3.12/pylock.toml`, `jupyter/trustyai/ubi9-python-3.12/pylock.toml`	Updated `codeflare-sdk` version from `0.32.2` to `0.33.0` with corresponding URL and hash updates; updated `ray` versions (2.47.1 → 2.52.1), `torch`, `scikit-learn`, and other package versions with new distribution URLs and metadata.
Runtime environment pyproject.toml files `runtimes/datascience/ubi9-python-3.12/pyproject.toml`, `runtimes/pytorch/ubi9-python-3.12/pyproject.toml`, `runtimes/rocm-pytorch/ubi9-python-3.12/pyproject.toml`, `runtimes/rocm-tensorflow/ubi9-python-3.12/pyproject.toml`, `runtimes/tensorflow/ubi9-python-3.12/pyproject.toml`	Updated `codeflare-sdk` dependency from `~=0.32.1` to `~=0.33.0`.
Runtime environment pylock.toml files `runtimes/datascience/ubi9-python-3.12/pylock.toml`, `runtimes/pytorch/ubi9-python-3.12/pylock.toml`, `runtimes/rocm-pytorch/ubi9-python-3.12/pylock.toml`, `runtimes/rocm-tensorflow/ubi9-python-3.12/pylock.toml`, `runtimes/tensorflow/ubi9-python-3.12/pylock.toml`	Updated `click` version (8.3.1 → 8.2.1 in datascience/pytorch/rocm variants; 8.3.1 → 8.2.1 in rocm-tensorflow/tensorflow), `codeflare-sdk` from 0.32.2 to 0.33.0, `ray` from 2.47.1 to 2.52.1, and numerous other package versions with corresponding URL and hash updates.
Imagestream manifests `manifests/base/jupyter-datascience-notebook-imagestream.yaml`, `manifests/base/jupyter-pytorch-llmcompressor-imagestream.yaml`, `manifests/base/jupyter-pytorch-notebook-imagestream.yaml`, `manifests/base/jupyter-rocm-pytorch-notebook-imagestream.yaml`, `manifests/base/jupyter-rocm-tensorflow-notebook-imagestream.yaml`, `manifests/base/jupyter-tensorflow-notebook-imagestream.yaml`, `manifests/base/jupyter-trustyai-notebook-imagestream.yaml`	Updated `Codeflare-SDK` dependency version from 0.32 to 0.33 in notebook-python-dependencies.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

pylock.toml consistency: Verify that version bumps and URL/hash updates are correct across all six pylock files, particularly for codeflare-sdk, ray, and other shared dependencies to ensure no version mismatches.
click version inconsistency: Review why click is being downgraded from 8.3.1 to 8.2.1 in runtime environments while other components may depend on newer versions.
Build platform changes: Confirm that the Tekton platform changes from linux-m2xlarge/arm64 to linux-d160-m2xlarge/arm64 are intentional and correct across all pipeline configurations.

Possibly related PRs

RHOAIENG-35553: chore(dependencies): bump Codeflare SDK version from 0.31.1 to 0.32.0 across all Python 3.12 environments #2588: Similar coordinated dependency bumps of codeflare-sdk across Python 3.12 environment manifests and lockfiles.
chore: bump codeflare-sdk to v0.31.1 across all pyproject.toml files #2493: Related codeflare-sdk version updates across pyproject.toml and pylock.toml files.
chore(deps): update package version of Codeflare-SDK (0.32.1) and lock dependencies #2658: Modifies Codeflare-SDK dependency declarations across project lock and manifest files.

Suggested labels

size/xxl, tide/merge-method-squash

Suggested reviewers

daniellutz
jiridanek
atheo89

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The PR description is largely incomplete. Critical sections including 'How Has This Been Tested?' lack actual test results, and all merge criteria checkboxes remain unchecked, indicating the self-verification requirements were not completed before requesting review.	Complete the 'How Has This Been Tested?' section with actual testing details and results; check off or explicitly address all items in the self-checklist and merge criteria to indicate completion or explain any exceptions.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The PR title clearly identifies the main objective: bumping codeflare-sdk from 0.32.1 to 0.33.0 to fix CVE-2025-62593, which is confirmed by the raw_summary showing widespread codeflare-sdk version updates across multiple files.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

✨ Finishing touches

📝 Generate docstrings

🧪 Generate unit tests (beta)

Create PR with unit tests
Post copyable unit tests in a comment

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

coderabbitai

Actionable comments posted: 4

🧹 Nitpick comments (2)

jupyter/datascience/ubi9-python-3.12/pyproject.toml (2)
28-28: Document CVE mitigation in a code comment.

The downgrade to ~=0.31.2 correctly addresses CVE-2025-62593, a Ray vulnerability for RCE via Safari & Firefox through DNS Rebinding Attack. However, the reason for the downgrade is not documented in the code.

For maintainability and future reference, add an inline comment documenting the CVE mitigation:
    # Required for skl2onnx, as upgraded version is not compatible with protobuf
    "onnxconverter-common~=1.13.0",
-   "codeflare-sdk~=0.31.2",
+   # CVE-2025-62593: downgraded from 0.32.1 to mitigate Ray RCE vulnerability
+   "codeflare-sdk~=0.31.2",
20-20: Document CVE mitigation in a code comment.

The codeflare-sdk downgrade consistently addresses CVE-2025-62593, a Ray vulnerability. Similar to the rocm-tensorflow file, add a comment documenting the CVE context for maintainability.
    "kubeflow-training==1.9.3",
-   "codeflare-sdk~=0.31.2; platform_machine != 'ppc64le' and platform_machine != 's390x'",
+   # CVE-2025-62593: downgraded from 0.32.1 to mitigate Ray RCE vulnerability
+   "codeflare-sdk~=0.31.2; platform_machine != 'ppc64le' and platform_machine != 's390x'",

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between df7f474 and 855e3e6.

📒 Files selected for processing (29)

jupyter/datascience/ubi9-python-3.12/pylock.toml (2 hunks)
jupyter/datascience/ubi9-python-3.12/pyproject.toml (1 hunks)
jupyter/pytorch/ubi9-python-3.12/pylock.toml (2 hunks)
jupyter/pytorch/ubi9-python-3.12/pyproject.toml (1 hunks)
jupyter/rocm/pytorch/ubi9-python-3.12/pylock.toml (2 hunks)
jupyter/rocm/pytorch/ubi9-python-3.12/pyproject.toml (1 hunks)
jupyter/rocm/tensorflow/ubi9-python-3.12/pylock.toml (2 hunks)
jupyter/rocm/tensorflow/ubi9-python-3.12/pyproject.toml (1 hunks)
jupyter/tensorflow/ubi9-python-3.12/pylock.toml (2 hunks)
jupyter/tensorflow/ubi9-python-3.12/pyproject.toml (1 hunks)
jupyter/trustyai/ubi9-python-3.12/pylock.toml (2 hunks)
jupyter/trustyai/ubi9-python-3.12/pyproject.toml (1 hunks)
manifests/base/jupyter-datascience-notebook-imagestream.yaml (1 hunks)
manifests/base/jupyter-pytorch-llmcompressor-imagestream.yaml (1 hunks)
manifests/base/jupyter-pytorch-notebook-imagestream.yaml (1 hunks)
manifests/base/jupyter-rocm-pytorch-notebook-imagestream.yaml (1 hunks)
manifests/base/jupyter-rocm-tensorflow-notebook-imagestream.yaml (1 hunks)
manifests/base/jupyter-tensorflow-notebook-imagestream.yaml (1 hunks)
manifests/base/jupyter-trustyai-notebook-imagestream.yaml (1 hunks)
runtimes/datascience/ubi9-python-3.12/pylock.toml (3 hunks)
runtimes/datascience/ubi9-python-3.12/pyproject.toml (1 hunks)
runtimes/pytorch/ubi9-python-3.12/pylock.toml (3 hunks)
runtimes/pytorch/ubi9-python-3.12/pyproject.toml (1 hunks)
runtimes/rocm-pytorch/ubi9-python-3.12/pylock.toml (3 hunks)
runtimes/rocm-pytorch/ubi9-python-3.12/pyproject.toml (1 hunks)
runtimes/rocm-tensorflow/ubi9-python-3.12/pylock.toml (2 hunks)
runtimes/rocm-tensorflow/ubi9-python-3.12/pyproject.toml (1 hunks)
runtimes/tensorflow/ubi9-python-3.12/pylock.toml (3 hunks)
runtimes/tensorflow/ubi9-python-3.12/pyproject.toml (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (27)

GitHub Check: Red Hat Konflux / odh-pipeline-runtime-tensorflow-cuda-py312-ubi9-on-pull-request
GitHub Check: Red Hat Konflux / odh-pipeline-runtime-pytorch-cuda-py312-ubi9-on-pull-request
GitHub Check: Red Hat Konflux / odh-pipeline-runtime-datascience-cpu-py312-ubi9-on-pull-request
GitHub Check: Red Hat Konflux / odh-workbench-jupyter-tensorflow-rocm-py312-ubi9-on-pull-request
GitHub Check: Red Hat Konflux / odh-workbench-jupyter-pytorch-rocm-py312-ubi9-on-pull-request
GitHub Check: build (runtime-cuda-tensorflow-ubi9-python-3.12, 3.12, linux/amd64, false) / build
GitHub Check: build (cuda-jupyter-pytorch-ubi9-python-3.12, 3.12, linux/amd64, false) / build
GitHub Check: build (rocm-jupyter-tensorflow-ubi9-python-3.12, 3.12, linux/amd64, false) / build
GitHub Check: build (cuda-jupyter-tensorflow-ubi9-python-3.12, 3.12, linux/amd64, false) / build
GitHub Check: build (jupyter-datascience-ubi9-python-3.12, 3.12, linux/amd64, false) / build
GitHub Check: Red Hat Konflux / odh-workbench-jupyter-datascience-cpu-py312-ubi9-on-pull-request
GitHub Check: build (jupyter-datascience-ubi9-python-3.12, 3.12, linux/ppc64le, false) / build
GitHub Check: build (runtime-datascience-ubi9-python-3.12, 3.12, linux/amd64, false) / build
GitHub Check: build (runtime-cuda-pytorch-ubi9-python-3.12, 3.12, linux/amd64, false) / build
GitHub Check: build (rocm-runtime-pytorch-ubi9-python-3.12, 3.12, linux/amd64, false) / build
GitHub Check: Red Hat Konflux / odh-pipeline-runtime-pytorch-rocm-py312-ubi9-on-pull-request
GitHub Check: build (jupyter-trustyai-ubi9-python-3.12, 3.12, linux/amd64, false) / build
GitHub Check: build (runtime-datascience-ubi9-python-3.12, 3.12, linux/s390x, false) / build
GitHub Check: build (cuda-jupyter-tensorflow-ubi9-python-3.12, 3.12, linux/arm64, false) / build
GitHub Check: build (rocm-runtime-tensorflow-ubi9-python-3.12, 3.12, linux/amd64, false) / build
GitHub Check: build (rocm-jupyter-pytorch-ubi9-python-3.12, 3.12, linux/amd64, false) / build
GitHub Check: Red Hat Konflux / odh-workbench-jupyter-trustyai-cpu-py312-ubi9-on-pull-request
GitHub Check: build (runtime-cuda-tensorflow-ubi9-python-3.12, 3.12, linux/arm64, false) / build
GitHub Check: Red Hat Konflux / odh-workbench-jupyter-tensorflow-cuda-py312-ubi9-on-pull-request
GitHub Check: Red Hat Konflux / odh-pipeline-runtime-tensorflow-rocm-py312-ubi9-on-pull-request
GitHub Check: Red Hat Konflux / odh-workbench-jupyter-pytorch-cuda-py312-ubi9-on-pull-request
GitHub Check: validation-of-sw-versions-in-imagestreams

🔇 Additional comments (47)

jupyter/rocm/tensorflow/ubi9-python-3.12/pyproject.toml (1)

28-28: Dependency version constraint updated correctly.

The codeflare-sdk downgrade from 0.32.1 to 0.31.2 using the compatible release constraint (~=0.31.2) follows standard Python versioning practices and is appropriately applied here.

manifests/base/jupyter-pytorch-llmcompressor-imagestream.yaml (1)

45-45: Metadata version updated consistently.

The Codeflare-SDK version annotation updated to "0.31" aligns with the pyproject.toml downgrade. This metadata entry serves documentation purposes and is appropriately paired with the actual dependency constraint.

jupyter/tensorflow/ubi9-python-3.12/pyproject.toml (1)

25-25: Dependency downgrade applied consistently.

The codeflare-sdk downgrade to 0.31.2 with compatible release constraint is properly applied here, matching the pattern across other notebook configurations.

jupyter/trustyai/ubi9-python-3.12/pyproject.toml (1)

43-43: Platform constraints preserved during downgrade.

The codeflare-sdk downgrade maintains the existing platform machine exclusions for ppc64le and s390x architectures. The constraint is properly formatted and consistent with trustyai's specialized dependencies.

manifests/base/jupyter-datascience-notebook-imagestream.yaml (1)

39-39: Latest image variant version updated appropriately.

The 2025.2 image annotation correctly reflects the codeflare-sdk downgrade to 0.31, while the 2025.1 variant (line 77) appropriately remains at 0.30, following semantic versioning for different release tracks.

manifests/base/jupyter-rocm-tensorflow-notebook-imagestream.yaml (1)

42-42: Version annotation updated for latest release track.

The Codeflare-SDK version in the 2025.2 image variant is correctly updated to 0.31, with the N-1 variant (line 80) appropriately maintaining version 0.30 for release consistency.

jupyter/pytorch/ubi9-python-3.12/pyproject.toml (1)

24-24: Dependency downgrade applied with correct constraint syntax.

The codeflare-sdk version update to 0.31.2 with compatible release constraint (~=0.31.2) is properly formatted and consistent across the PyTorch notebook configuration.

manifests/base/jupyter-trustyai-notebook-imagestream.yaml (2)

44-44: Latest variant version updated correctly.

The Codeflare-SDK version in the 2025.2 image is correctly updated to 0.31. The N-1 variant (line 86) appropriately retains version 0.30 for backward compatibility across release tracks.

1-8: ⚠️ PR readiness concern: Testing and verification checklist incomplete.

Per the PR objectives, all merge criteria and testing items remain unchecked, including:

Running make test / gmake

Manual testing verification

Konflux-specific build instructions

Sync guidance between odh/notebooks and rhds/notebooks

The CVE-2025-62593 vulnerability affects Ray packages with remote code execution via DNS rebinding attacks (CVSS 8.8), but the PR title indicates this fix comes through a codeflare-sdk downgrade. Before merging, ensure:

Validation that codeflare-sdk 0.31.2 transitively includes a Ray version that resolves CVE-2025-62593

All pylock.toml files have been updated consistently with resolved dependency hashes

Test suite passes with the downgraded versions

No breaking changes introduced by the version downgrade

jupyter/tensorflow/ubi9-python-3.12/pylock.toml (1)

649-655: CVE-2025-62593 affects Ray, not codeflare-sdk. The actual CVE fix is the ray upgrade to 2.52.1 (lines 4274–4293), which addresses the critical RCE in Ray < 2.52.0 exploitable via DNS rebinding.

The codeflare-sdk downgrade from 0.32.2 to 0.31.2 appears to address a different concern (possibly a dependency requirement or unrelated CVE). Verify the reason for this downgrade separately and confirm it is intentional. The ray 2.52.1 upgrade is the actual mitigation for CVE-2025-62593; ensure it is merged with token authentication and other hardening measures enabled as recommended by the Ray security advisory.

Likely an incorrect or invalid review comment.

jupyter/rocm/tensorflow/ubi9-python-3.12/pylock.toml (3)

3733-3753: Clarify scope: is the ray 2.52.1 update related to the CVE fix?

The ray package is being updated to 2.52.1 alongside the codeflare-sdk downgrade. Verify whether this update is:

A transitive dependency requirement of codeflare-sdk 0.31.2 (expected in a lock file), or

An unrelated change that should be in a separate PR

If unrelated, consider splitting this into a separate commit or PR to maintain clear fix traceability.

631-637: Version discrepancy: PR title mentions 0.32.1, but hunk shows 0.32.2.

The PR title states the downgrade is from 0.32.1 to 0.31.2, but this file shows a downgrade from 0.32.2 to 0.31.2. Confirm whether all files are consistently downgrading from 0.32.x (whether .1 or .2) or if some files differ.

631-637: Clarify the reason for downgrading codeflare-sdk to 0.31.2.

The downgrade aligns with appropriate URL and hash updates for the new version. However, note that CVE-2025-62593 affects Ray (not codeflare-sdk) and is addressed by the Ray 2.52.1 update in this commit, not by the codeflare-sdk version change. Confirm the rationale for the codeflare-sdk downgrade separately.

jupyter/trustyai/ubi9-python-3.12/pylock.toml (1)

3763-3782: Clarify the scope of the ray version change.

Hunk 2 shows ray pinned at version 2.52.1 across multiple Python/architecture variants. The PR objective focuses on codeflare-sdk CVE-2025-62593, but the AI summary mentions ray was upgraded from 2.47.1. Confirm whether this ray version bump is:

A side effect of lock file regeneration, or

An intentional change bundled with the codeflare-sdk fix

If unintended, it should be reverted to avoid scope creep and ensure focused security fixes.

manifests/base/jupyter-rocm-pytorch-notebook-imagestream.yaml (1)

42-42: Version update is consistent and appropriate.

The metadata update from 0.32 to 0.31 aligns with the PR objective to address CVE-2025-62593 (Ray DNS Rebinding vulnerability). This is a documentation-only change reflecting the transitive dependency fix.

jupyter/rocm/pytorch/ubi9-python-3.12/pyproject.toml (1)

25-25: Dependency downgrade is appropriately scoped.

The flex version pin ~=0.31.2 allows security patches within the 0.31.x line while preventing accidental upgrades to the vulnerable 0.32.x series. This is the correct constraint for a security hotfix.

manifests/base/jupyter-tensorflow-notebook-imagestream.yaml (1)

45-45: Metadata update is consistent with other image manifests.

The downgrade from 0.32 to 0.31 matches the pattern across all notebook image streams and reflects the codeflare-sdk downgrade for CVE-2025-62593 mitigation.

runtimes/rocm-pytorch/ubi9-python-3.12/pyproject.toml (1)

24-24: Runtime dependency downgrade is consistent with Jupyter variants.

Both the Jupyter and Runtime environments maintain consistent codeflare-sdk 0.31.2 versions with appropriate flex pinning.

manifests/base/jupyter-pytorch-notebook-imagestream.yaml (1)

44-44: Manifest metadata is consistent with repository-wide downgrade pattern.

The 0.32 → 0.31 update is uniform across all image streams.

runtimes/datascience/ubi9-python-3.12/pyproject.toml (1)

18-18: Platform exclusions preserved but require verification across all variants.

This file maintains platform machine exclusions (s390x, ppc64le) while downgrading codeflare-sdk to 0.31.2. However, verify that all related files (pytorch, tensorflow, rocm variants) have consistent platform machine constraints to avoid resolution conflicts during builds.

runtimes/pytorch/ubi9-python-3.12/pyproject.toml (1)

23-23: Missing platform exclusions that exist in other variants.

Line 18 of runtimes/datascience/ubi9-python-3.12/pyproject.toml includes platform machine exclusions (ppc64le, s390x), but this file does not. If codeflare-sdk 0.31.2 doesn't support these architectures, this inconsistency could cause dependency resolution failures. Verify and align platform constraints across all runtime/jupyter variants.

runtimes/tensorflow/ubi9-python-3.12/pyproject.toml (1)

25-25: Platform exclusion consistency issue carries to this file as well.

Like the PyTorch runtime, this file lacks the platform machine exclusions present in the datascience variant. Ensure all variants are aligned on platform support before merging.

jupyter/datascience/ubi9-python-3.12/pyproject.toml (1)

20-20: Verify CVE mitigation and consistency with platform constraints.

The codeflare-sdk downgrade to ~=0.31.2 is consistent with the change in the rocm-tensorflow runtime. The environment marker (;) syntax correctly preserves the platform machine exclusions for ppc64le and s390x, maintaining compatibility constraints from the original version specification.

Apply the same verification checks from the rocm-tensorflow file:

Confirm 0.31.2 is the correct safe version for CVE-2025-62593.

Ensure no breaking changes affect this Jupyter runtime.

Verify the corresponding lock file (if present) is synchronized.

Confirm testing has been completed with this downgraded version.

runtimes/rocm-tensorflow/ubi9-python-3.12/pyproject.toml (1)

28-28: Verify CVE assignment and Ray version updates in this PR.

The comment references CVE-2025-62593 as justification for downgrading codeflare-sdk, but this CVE actually affects Ray (impacting versions before 2.52.0), not codeflare-sdk. Clarify:

Is the codeflare-sdk downgrade addressing a different issue, or is this a mislabeled CVE reference?

If CVE-2025-62593 mitigation is needed, verify that Ray has also been updated to 2.52.0 or later in this PR.

Confirm the actual reason for the codeflare-sdk version downgrade.

jupyter/datascience/ubi9-python-3.12/pylock.toml (3)

3989-4008: Clarify whether the ray upgrade is necessary for the codeflare-sdk security fix.

Ray is being upgraded from 2.47.1 to 2.52.1, but the PR objectives focus on addressing CVE-2025-62593 in codeflare-sdk. Confirm:

Is ray a direct dependency of codeflare-sdk that requires this version bump for compatibility?

Was this upgrade intentionally included as part of this PR, or is it incidental scope creep?

Has the ray upgrade been tested independently?

If unrelated to the codeflare-sdk fix, this should be separated into a distinct PR.

3993-4007: All ray 2.52.1 wheel package hashes verified against PyPI—no issues found.

All 15 wheel distributions for ray 2.52.1 have been verified against official PyPI sources. Every hash in the pylock.toml file matches the legitimate packages on PyPI, including cp310, cp311, cp312, and cp313 variants across all supported platforms (macosx_12_0_arm64, manylinux2014_aarch64, manylinux2014_x86_64, and win_amd64).

640-645: Codeflare-sdk 0.31.2 hashes verified against PyPI.

The sdist and wheel SHA256 hashes in the lock file match the official PyPI distributions:

codeflare_sdk-0.31.2.tar.gz: 73b0839ef8a04ffdedc7e64da4aa4c8c58c09542faeecd6e68f6943db867e9c5

codeflare_sdk-0.31.2-py3-none-any.whl: 33c6a36cec22ac22bea4f1c15a6ff2d6dd2a90f71f4aff53f01890460dff3a27

The package version and URLs are legitimate.

runtimes/rocm-tensorflow/ubi9-python-3.12/pylock.toml (2)

542-544: Clarify the undocumented click downgrade from 8.3.1 to 8.2.1.

The PR objective mentions downgrading codeflare-sdk to fix CVE-2025-62593, but this change also downgrades click without explanation. This may be a collateral effect from lock file regeneration or a dependency resolution, but it's not documented in the PR description.

Confirm whether this downgrade is:

Intentional (e.g., compatibility requirement with codeflare-sdk 0.31.2)

Collateral from lock file regeneration (e.g., via uv lock or pip-compile)

If unintentional, verify that removing it does not cause lock file conflicts.

3166-3183: Clarify the undocumented ray upgrade from 2.47.1 to 2.52.1.

Like the click downgrade, this ray upgrade is not mentioned in the PR objectives. The PR focuses on downgrading codeflare-sdk to address CVE-2025-62593, but ray is being upgraded in tandem.

Verify whether this is:

Intentional (e.g., required for codeflare-sdk 0.31.2 compatibility)

A collateral effect from lock file regeneration

A broader dependency refresh unrelated to the CVE fix

If collateral, consider whether this should be separated into a distinct commit or PR to maintain focus on the CVE fix.

jupyter/rocm/pytorch/ubi9-python-3.12/pylock.toml (2)

3999-4017: Ray 2.52.1 upgrade includes security fix and regressions resolution; confirm intentionality with codeflare-sdk downgrade rationale.

Ray 2.52.1 addresses documented regressions in 2.47.x (uv/runtime-env pip package handling, AMD collective communication segfaults) and includes a CVE fix to dashboard header handling. Python 3.9 EOL in 2.52.0 does not impact this Python 3.12 environment. Ray 2.52.0 introduced token authentication (off by default), which is compatible with codeflare-sdk 0.31.2 and poses no breaking risk for this deployment.

However, confirm whether this ray upgrade is intentional and directly motivated by the codeflare-sdk 0.31.2 downgrade, or if it stems from separate dependency resolution. The rationale for downgrading codeflare-sdk while upgrading ray should be documented.

645-648: CVE-2025-62593 is a Ray vulnerability, not codeflare-sdk—the codeflare-sdk downgrade appears unrelated to this CVE.

CVE-2025-62593 is a remote code execution vulnerability in Ray (affecting versions < 2.52.0) that exploits a weak User-Agent check combined with DNS rebinding. The Ray upgrade from 2.47.1 to 2.52.1 correctly addresses this. However, the codeflare-sdk downgrade from 0.32.2 to 0.31.2 is unrelated to this CVE and its motivation should be clarified. Since CodeFlare SDK manages Ray via container images (not direct pip dependencies), verify the reason for downgrading codeflare-sdk and confirm it doesn't revert a necessary fix or introduce regressions.

Likely an incorrect or invalid review comment.

runtimes/rocm-pytorch/ubi9-python-3.12/pylock.toml (4)

554-556: Clarify the scope of the click update.

The click package is updated to version 8.2.1, but this change appears unrelated to the CVE-2025-62593 fix for codeflare-sdk. Confirm whether this update is intentional or unintended scope creep introduced by lock file regeneration.

3479-3495: Verify the ray version upgrade rationale.

The PR downgrades codeflare-sdk (0.32.x → 0.31.2) but upgrades ray (2.47.1 → 2.52.1). This is counterintuitive. Clarify whether:

ray 2.52.1 is a compatibility requirement for codeflare-sdk 0.31.2, or

ray 2.52.1 addresses a separate security concern.

Additionally, verify that ray 2.52.1 does not introduce new vulnerabilities and remains compatible with the rest of the stack.

551-568: Verify lock file consistency and pyproject.toml alignment.

This file is a lock file that should be generated from a source manifest (pyproject.toml or similar). Confirm:

The corresponding pyproject.toml has been updated to reflect the codeflare-sdk and ray version changes.

All other runtime environment lock files (e.g., other pylock.toml files in the PR) are consistently updated with matching versions.

The lock file was regenerated (not manually edited) to ensure integrity.

566-568: CVE-2025-62593 is unrelated to codeflare-sdk and does not justify this downgrade.

CVE-2025-62593 is a critical RCE vulnerability in the Ray project (pip package ray), not codeflare-sdk. It affects Ray versions < 2.52.0 and is resolved in Ray 2.52.0+. The vulnerability involves browser-service DNS rebinding weakness in the Ray dashboard.

If the codeflare-sdk downgrade to 0.31.2 is necessary, provide the actual reason. If Ray is a dependency, verify that Ray is upgraded to 2.52.0 or later instead.

Likely an incorrect or invalid review comment.

runtimes/pytorch/ubi9-python-3.12/pylock.toml (3)

551-557: Clarify the necessity of the click package downgrade.

The click package is downgraded from 8.3.1 to 8.2.1 in this lock file. Verify whether this:

Is a necessary side-effect of the codeflare-sdk downgrade (dependency resolution), or

Is an intentional separate security/compatibility fix that should be explicitly documented

This helps ensure lock files remain aligned across the PR scope and prevents unintended version regressions.

3604-3622: Verify ray 2.52.1 compatibility with downgraded dependencies.

The ray package is updated to version 2.52.1 (multiple wheels listed). Ensure this version is:

Compatible with the downgraded codeflare-sdk 0.31.2

Not introducing breaking changes or new dependencies that conflict with the environment

Intentionally updated or a side-effect of lock file regeneration

563-569: Original review comment targets incorrect package for CVE-2025-62593.

CVE-2025-62593 is a remote code execution vulnerability affecting Ray (the AI compute engine), not codeflare-sdk. The vulnerability exists in Ray versions < 2.52.0 and is fixed by upgrading to Ray 2.52.0 or later. The PR correctly addresses this by upgrading Ray to 2.52.1. The codeflare-sdk downgrade from 0.32.2 to 0.31.2 is unrelated to this CVE and should be verified separately if it addresses a different concern.

Likely an incorrect or invalid review comment.

runtimes/tensorflow/ubi9-python-3.12/pylock.toml (3)

557-563: Clarify: Is the click update (to 8.2.1) necessary for this CVE fix?

The PR objectives describe downgrading codeflare-sdk to address CVE-2025-62593, but this hunk also updates click from a previous version to 8.2.1. Please confirm whether this is an intentional update or a side effect of lock file resolution.

570-575: Verify: codeflare-sdk 0.31.2 resolves CVE-2025-62593.

The downgrade from 0.32.1 to 0.31.2 is the core change intended to fix CVE-2025-62593. Confirm that version 0.31.2 has the vulnerability patch or doesn't expose the affected code path. The URLs and hashes have been updated appropriately for the new version.

3754-3772: Clarify: Is the ray upgrade (to 2.52.1) intentional or a consequence of the codeflare-sdk downgrade?

This hunk upgrades ray from a previous version to 2.52.1. Verify whether this is a transitive dependency requirement of codeflare-sdk 0.31.2, an intentional update, or an unintended side effect of lock file regeneration. If intentional, document the reason in the PR description.

jupyter/pytorch/ubi9-python-3.12/pylock.toml (3)

4126-4143: Verify integrity of Ray 2.52.1 wheel URLs and hashes against PyPI.

CVE-2025-62593 was fixed in Ray 2.52.0 (commit 70e7c72780bdec075dba6cad1afe0832772bfe09), so verification of this CVE in the 2.52.1 changelog is not necessary. However, confirm that the wheel URLs and SHA256 hashes in the pylock.toml match those published on PyPI, and verify none of the artifacts are yanked.

4126-4143: Ray 2.52.1 does include the CVE-2025-62593 fix; clarify why codeflare-sdk downgrade is needed.

Ray 2.52.1 explicitly addresses CVE-2025-62593 (critical RCE in dashboard via DNS rebinding, CVSS 9.4) with improved browser-rejection checks. The ray upgrade to 2.52.1 is the primary security remediation for this CVE. However, the PR's relationship to codeflare-sdk remains unclear—explain the necessity of the codeflare-sdk downgrade and how it complements the ray security fix.

643-649: Verify integrity of PyPI artifacts (URL, hash, timestamp).

The hashes and URLs for codeflare-sdk 0.31.2 should be verified against the official PyPI repository to ensure they have not been tampered with or replaced. Cross-reference the provided sha256 hashes and download URLs with the official PyPI release metadata.

runtimes/datascience/ubi9-python-3.12/pylock.toml (3)

563-569: Verify CVE-2025-62593 remediation strategy.

The codeflare-sdk downgrade from 0.32.1 to 0.31.2 is the primary change. Before merging, confirm that:

CVE-2025-62593 is actually resolved by downgrading (not just deferred).

No available patch versions for 0.32.x exist that fix the CVE while preserving newer features.

The 0.31.2 version itself has no known vulnerabilities.

Downgrading can be a valid temporary mitigation but introduces risk of missing bugfixes or security patches in newer versions.

3481-3499: Verify ray 2.52.1 compatibility with codeflare-sdk 0.31.2.

Ray has been upgraded from 2.47.1 to 2.52.1, a minor version bump covering multiple architectures (x86_64, aarch64, arm64, Windows). Confirm:

No breaking API changes between ray 2.47.1 and 2.52.1 that would conflict with codeflare-sdk 0.31.2.

All downstream code that depends on ray APIs remains compatible.

Consider running the test suite to validate the integration.

551-3499: Complete testing before merge.

The PR objectives indicate that testing checklists and merge criteria remain incomplete. Per the checklist, make test / gmake has not been run. Lock file changes require verification that:

The resolved dependency graph installs and loads without errors.

All notebook and runtime environments pass their test suites.

No subtle runtime regressions or import failures occur post-installation.

Run the full test suite and mark the checklists complete before merging.

jupyter/tensorflow/ubi9-python-3.12/pylock.toml

jupyter/trustyai/ubi9-python-3.12/pylock.toml

runtimes/rocm-tensorflow/ubi9-python-3.12/pylock.toml

atheo89 · 2025-12-05T09:17:02Z

Hi Vath, I checked the builds that are having trouble. For the cases reporting “no space left” or Clair failures, these appear to be infrastructure issues. The only ones that concern me are the datascience builds for ppc and s390x; however, it looks like they were already failing before this PR rather than being introduced by it.

I open the downstream backport here: red-hat-data-services#1748

atheo89 · 2025-12-05T09:44:04Z

FWI regarding datascienece builds: https://redhat-internal.slack.com/archives/C07ANR2U56C/p1764919798025339?thread_ts=1764889387.666069&cid=C07ANR2U56C

ysok · 2025-12-05T13:37:11Z

As we've discussed with the the team, those failures are unrelated. So it is ok to merge this PR.

jupyter/datascience/ubi9-python-3.12/pyproject.toml

ysok · 2025-12-14T23:46:07Z

/kfbuild all

atheo89 · 2025-12-15T09:05:21Z

Thanks, Vath. The build looks good now. The only remaining failures are from Clairscan and cert preflight checks, and most of them appear to be infrastructure-related. I don’t think these should block merging the PR at this point.

/lgtm

openshift-ci-robot · 2025-12-15T10:05:46Z

/retest-required

Remaining retests: 0 against base HEAD 87e8424 and 2 for PR HEAD f296497 in total

ysok · 2025-12-15T13:56:32Z

All the builds are success, but there were few OOM in code scaning/cert which is resource issue. So I am going to merge this PR.

openshift-ci · 2025-12-15T13:59:05Z

New changes are detected. LGTM label has been removed.

coderabbitai

Actionable comments posted: 1

♻️ Duplicate comments (8)

jupyter/tensorflow/ubi9-python-3.12/pyproject.toml (1)
25-25: Add platform guard to codeflare-sdk—multi-architecture builds will fail on unsupported platforms.

This dependency lacks the platform constraint applied in sibling files (runtimes/datascience and jupyter/datascience). Without it, pip will attempt installation on ppc64le/s390x where wheels are unavailable, causing build failures.

Apply this diff to align with the constraint used in other environments:
-    "codeflare-sdk~=0.33.0",
+    "codeflare-sdk~=0.33.0; platform_machine != 'ppc64le' and platform_machine != 's390x'",
manifests/base/jupyter-rocm-tensorflow-notebook-imagestream.yaml (1)

42-42: Test validation blocker—update ignored_exceptions in tests/test_main.py for Codeflare-SDK 0.33.

The manifest now declares Codeflare-SDK version "0.33", but the test test_image_manifests_version_alignment in tests/test_main.py only allows versions ("0.30", "0.29") in its ignored_exceptions list. This will cause test failures.

Add "0.33" to the allowed versions tuple in tests/test_main.py (around line 238). Verify the update and rerun the test suite before merging.
jupyter/rocm/tensorflow/ubi9-python-3.12/pyproject.toml (1)
28-28: Add platform guard to codeflare-sdk—ROCm multi-architecture builds need constraint.

This file lacks the platform guard applied in sibling environments. ROCm targets multiple architectures, and the PR context indicates ppc64le/s390x builds fail due to missing wheels. Add the constraint to prevent installation attempts on unsupported platforms.

Apply this diff:
-    "codeflare-sdk~=0.33.0",
+    "codeflare-sdk~=0.33.0; platform_machine != 'ppc64le' and platform_machine != 's390x'",
runtimes/rocm-tensorflow/ubi9-python-3.12/pyproject.toml (1)
28-28: Add platform guard to codeflare-sdk for multi-architecture runtime builds.

This runtime environment needs the platform constraint to skip installation on ppc64le/s390x where wheels are unavailable. Without it, builds will fail on those architectures.

Apply this diff:
-    "codeflare-sdk~=0.33.0",
+    "codeflare-sdk~=0.33.0; platform_machine != 'ppc64le' and platform_machine != 's390x'",
runtimes/datascience/ubi9-python-3.12/pylock.toml (1)
3565-3584: ray marker/wheels mismatch still unresolved — remove non-linux wheels or fix marker.

The marker restricts this entry to sys_platform == 'linux', yet the wheels list includes macosx_12_0_arm64 (macOS) and win_amd64 (Windows) artifacts. This contradicts the marker and was flagged in prior reviews.

To fix: either (A) remove all non-Linux wheel records (macosx_* and win_amd64), or (B) split this entry into platform-specific sections with corrected markers.

Additionally, per the previous review comment's web search, Ray 2.52.1 does not publish aarch64 wheels for Python 3.12 (only 3.10, 3.11, 3.13). Verify that the ray-2.52.1-cp312-cp312-manylinux2014_aarch64.whl at line 3578 is a legitimate wheel available on PyPI.

To verify the ray 2.52.1 cp312-aarch64 wheel exists, run:
#!/bin/bash
# Verify ray 2.52.1 cp312-aarch64 wheel is available on PyPI
curl -s "https://pypi.org/pypi/ray/2.52.1/json" | jq '.releases | keys[] | select(contains("cp312") and contains("aarch64"))'
jupyter/tensorflow/ubi9-python-3.12/pylock.toml (1)

4488-4509: Ray 2.52.1 upgrade remains unresolved—scope creep from lock file regeneration.

This comment mirrors a concern raised in the previous review: the ray version upgrade from 2.47.1 to 2.52.1 is unrelated to the PR objective (CVE-2025-62593 fix for codeflare-sdk 0.33.0) and appears to be an incidental change from uncontrolled lock file regeneration. Ray is an optional dependency of codeflare-sdk—it is only required when explicitly using RayJobClient features, not by the version upgrade itself.

Per PR comments, the suggestion was to regenerate lock files using gmake refresh-lock-files without FORCE_LOCKFILES_UPGRADE=1 to avoid unintended transitive dependency changes. Please either revert ray to its prior locked version or document explicitly why this upgrade is necessary for the CVE fix.

jupyter/rocm/tensorflow/ubi9-python-3.12/pylock.toml (1)

3940-3961: Ray 2.52.1 bump warrants verification of intentionality.

This lockfile includes ray==2.52.1, which appears to be a transitive dependency change triggered by the codeflare-sdk bump rather than an explicit direct update. The wheels include manylinux2014_aarch64 variants (lines 3955, 3959) for Python 3.12, which provide proper aarch64 support. However, verify that this ray version bump was expected as a side-effect of the codeflare-sdk upgrade and not an unintended consequence of lockfile regeneration.
runtimes/rocm-pytorch/ubi9-python-3.12/pylock.toml (1)
3605-3625: ⚠️ Ray 2.52.1 manylinux2014_aarch64 wheels remain unresolved—flagged issue not actually fixed.

The previous review flagged that ray 2.52.1 manylinux2014_aarch64 wheels (cp310, cp311, cp312, cp313; lines 3611, 3615, 3619, 3623) do not exist on PyPI and marked the issue "✅ Addressed in commit f841285." However, the current code still contains the identical problematic wheel entries. CI comments confirm ray lacks aarch64 wheels. This will cause build failures on arm64 platforms.

Regenerate the lock file using the repository's standard lock-file refresh process (per PR comments: gmake refresh-lock-files without FORCE_LOCKFILES_UPGRADE=1) to pull correct, available wheels from the current PyPI index, or manually remove the non-existent manylinux2014_aarch64 entries before merge.
Are ray 2.52.1 manylinux2014_aarch64 wheels available on PyPI?

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between f296497 and d71f2f1.

📒 Files selected for processing (38)

.tekton/odh-base-image-cuda-12-8-py312-c9s-pull-request.yaml (1 hunks)
.tekton/odh-base-image-cuda-12-8-py312-c9s-push.yaml (1 hunks)
.tekton/odh-base-image-cuda-py312-c9s-pull-request.yaml (1 hunks)
.tekton/odh-workbench-jupyter-pytorch-rocm-py312-ubi9-pull-request.yaml (1 hunks)
.tekton/odh-workbench-jupyter-trustyai-cpu-py312-ubi9-pull-request.yaml (1 hunks)
base-images/cpu/ubi9-python-3.12/Dockerfile.cpu (1 hunks)
base-images/utils/aipcc.sh (1 hunks)
codeserver/ubi9-python-3.12/devel_env_setup.sh (2 hunks)
codeserver/ubi9-python-3.12/get_code_server_rpm.sh (1 hunks)
jupyter/datascience/ubi9-python-3.12/pylock.toml (2 hunks)
jupyter/datascience/ubi9-python-3.12/pyproject.toml (1 hunks)
jupyter/pytorch/ubi9-python-3.12/pylock.toml (2 hunks)
jupyter/pytorch/ubi9-python-3.12/pyproject.toml (1 hunks)
jupyter/rocm/pytorch/ubi9-python-3.12/pylock.toml (2 hunks)
jupyter/rocm/pytorch/ubi9-python-3.12/pyproject.toml (1 hunks)
jupyter/rocm/tensorflow/ubi9-python-3.12/pylock.toml (2 hunks)
jupyter/rocm/tensorflow/ubi9-python-3.12/pyproject.toml (1 hunks)
jupyter/tensorflow/ubi9-python-3.12/pylock.toml (2 hunks)
jupyter/tensorflow/ubi9-python-3.12/pyproject.toml (1 hunks)
jupyter/trustyai/ubi9-python-3.12/pylock.toml (2 hunks)
jupyter/trustyai/ubi9-python-3.12/pyproject.toml (1 hunks)
manifests/base/jupyter-datascience-notebook-imagestream.yaml (1 hunks)
manifests/base/jupyter-pytorch-llmcompressor-imagestream.yaml (1 hunks)
manifests/base/jupyter-pytorch-notebook-imagestream.yaml (1 hunks)
manifests/base/jupyter-rocm-pytorch-notebook-imagestream.yaml (1 hunks)
manifests/base/jupyter-rocm-tensorflow-notebook-imagestream.yaml (1 hunks)
manifests/base/jupyter-tensorflow-notebook-imagestream.yaml (1 hunks)
manifests/base/jupyter-trustyai-notebook-imagestream.yaml (1 hunks)
runtimes/datascience/ubi9-python-3.12/pylock.toml (3 hunks)
runtimes/datascience/ubi9-python-3.12/pyproject.toml (1 hunks)
runtimes/pytorch/ubi9-python-3.12/pylock.toml (3 hunks)
runtimes/pytorch/ubi9-python-3.12/pyproject.toml (1 hunks)
runtimes/rocm-pytorch/ubi9-python-3.12/pylock.toml (3 hunks)
runtimes/rocm-pytorch/ubi9-python-3.12/pyproject.toml (1 hunks)
runtimes/rocm-tensorflow/ubi9-python-3.12/pylock.toml (2 hunks)
runtimes/rocm-tensorflow/ubi9-python-3.12/pyproject.toml (1 hunks)
runtimes/tensorflow/ubi9-python-3.12/pylock.toml (3 hunks)
runtimes/tensorflow/ubi9-python-3.12/pyproject.toml (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (20)

.tekton/odh-workbench-jupyter-pytorch-rocm-py312-ubi9-pull-request.yaml
.tekton/odh-base-image-cuda-12-8-py312-c9s-push.yaml
codeserver/ubi9-python-3.12/get_code_server_rpm.sh
manifests/base/jupyter-trustyai-notebook-imagestream.yaml
runtimes/tensorflow/ubi9-python-3.12/pyproject.toml
manifests/base/jupyter-rocm-pytorch-notebook-imagestream.yaml
runtimes/rocm-pytorch/ubi9-python-3.12/pyproject.toml
runtimes/pytorch/ubi9-python-3.12/pyproject.toml
base-images/cpu/ubi9-python-3.12/Dockerfile.cpu
manifests/base/jupyter-datascience-notebook-imagestream.yaml
manifests/base/jupyter-tensorflow-notebook-imagestream.yaml
jupyter/pytorch/ubi9-python-3.12/pyproject.toml
base-images/utils/aipcc.sh
manifests/base/jupyter-pytorch-notebook-imagestream.yaml
runtimes/pytorch/ubi9-python-3.12/pylock.toml
jupyter/trustyai/ubi9-python-3.12/pyproject.toml
.tekton/odh-base-image-cuda-py312-c9s-pull-request.yaml
.tekton/odh-workbench-jupyter-trustyai-cpu-py312-ubi9-pull-request.yaml
manifests/base/jupyter-pytorch-llmcompressor-imagestream.yaml
jupyter/rocm/pytorch/ubi9-python-3.12/pyproject.toml

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (18)

GitHub Check: build (codeserver-ubi9-python-3.12, 3.12, linux/arm64, false) / build
GitHub Check: build (runtime-cuda-tensorflow-ubi9-python-3.12, 3.12, linux/arm64, false) / build
GitHub Check: build (rocm-jupyter-tensorflow-ubi9-python-3.12, 3.12, linux/amd64, false) / build
GitHub Check: build (runtime-cuda-pytorch-ubi9-python-3.12, 3.12, linux/amd64, false) / build
GitHub Check: build (runtime-datascience-ubi9-python-3.12, 3.12, linux/s390x, false) / build
GitHub Check: build (rocm-jupyter-pytorch-ubi9-python-3.12, 3.12, linux/amd64, false) / build
GitHub Check: build (runtime-datascience-ubi9-python-3.12, 3.12, linux/amd64, false) / build
GitHub Check: build (codeserver-ubi9-python-3.12, 3.12, linux/amd64, false) / build
GitHub Check: build (rocm-runtime-pytorch-ubi9-python-3.12, 3.12, linux/amd64, false) / build
GitHub Check: build (cuda-jupyter-tensorflow-ubi9-python-3.12, 3.12, linux/amd64, false) / build
GitHub Check: build (jupyter-datascience-ubi9-python-3.12, 3.12, linux/amd64, false) / build
GitHub Check: build (runtime-cuda-tensorflow-ubi9-python-3.12, 3.12, linux/amd64, false) / build
GitHub Check: build (jupyter-datascience-ubi9-python-3.12, 3.12, linux/ppc64le, false) / build
GitHub Check: build (cuda-jupyter-tensorflow-ubi9-python-3.12, 3.12, linux/arm64, false) / build
GitHub Check: build (rocm-runtime-tensorflow-ubi9-python-3.12, 3.12, linux/amd64, false) / build
GitHub Check: build (jupyter-trustyai-ubi9-python-3.12, 3.12, linux/amd64, false) / build
GitHub Check: build (cuda-jupyter-pytorch-ubi9-python-3.12, 3.12, linux/amd64, false) / build
GitHub Check: validation-of-sw-versions-in-imagestreams

🔇 Additional comments (22)

codeserver/ubi9-python-3.12/devel_env_setup.sh (1)

71-71: Verify necessity and availability of gcc-toolset-13-libatomic-devel.

The addition of gcc-toolset-13-libatomic-devel to both s390x (line 71) and ppc64le (line 99) architecture blocks is consistent, but the relationship to the CVE-2025-62593 fix and codeflare-sdk 0.33.0 bump is unclear.

Confirm that:

This package is available in UBI 9 and gcc-toolset-13 repositories

This addition is necessary to resolve the wheel-building failures mentioned in PR comments (e.g., ray/nvidia-cublas wheel availability on non-x86 architectures)

This is a prerequisite for codeflare-sdk 0.33.0 or its transitive dependencies

Also applies to: 99-99

jupyter/trustyai/ubi9-python-3.12/pylock.toml (2)

657-662: ✅ CVE-2025-62593 fix correctly applied via ray 2.52.1 and codeflare-sdk 0.33.0.

The fix for CVE-2025-62593 is to update to Ray 2.52.0 or higher, and this change includes ray 2.52.1 which includes more robust handling for CVE-2025-62593 through testing for more browser-specific headers in dashboard browser rejection logic. The codeflare-sdk 0.33.0 entry includes correct PyPI hashes and URLs, and all wheels are properly pinned.

3929-3949: ✅ Ray 2.52.1 wheels properly pinned with correct platform support.

All wheel entries are correctly specified for supported platforms (macosx_12_0_arm64, manylinux2014_aarch64, manylinux2014_x86_64, win_amd64) across Python 3.10–3.13, with no missing or incompatible platform tags. The marker correctly restricts the package to CPython on Linux (excluding ppc64le and s390x), consistent with the lock file's policy.

jupyter/pytorch/ubi9-python-3.12/pylock.toml (2)

680-684: CVE-2025-62593 fix is confirmed in Ray 2.52.1.

The actual CVE-2025-62593 vulnerability (a DNS-rebinding RCE in Ray's dashboard) is fixed by upgrading Ray to 2.52.1 (line 4321). codeflare-sdk is now updated to 0.33.0, and both versions appear to be properly hashed in the lockfile.

Given the PR comments mentioning pylock.toml regeneration concerns, please confirm:

The lockfile was regenerated using gmake refresh-lock-files (without FORCE_LOCKFILES_UPGRADE=1) as recommended in the comments.

codeflare-sdk 0.33.0 is compatible with Ray 2.52.1 and any transitive dependencies were validated during lockfile generation.

This will help ensure the lockfile integrity and prevent the build failures referenced in the PR comments.

4321-4339: Ray upgrade to 2.52.1 addresses the CVE.

Ray 2.52.1 provides wheels for multiple Python versions (cp310, cp311, cp312, cp313) and platforms (macosx_arm64, manylinux2014_aarch64, manylinux2014_x86_64, win_amd64). This addresses CVE-2025-62593 and should resolve the platform-specific wheel availability issues mentioned in the PR comments (e.g., aarch64 support).

runtimes/datascience/ubi9-python-3.12/pyproject.toml (1)

18-18: Platform guard correctly applied.

The constraint is properly formatted and consistent with sibling environments. This will correctly skip installation on ppc64le/s390x.

jupyter/datascience/ubi9-python-3.12/pyproject.toml (1)

20-20: Platform guard correctly applied.

The constraint is properly formatted and matches the pattern in other environments. This ensures codeflare-sdk skips installation on unsupported architectures.

.tekton/odh-base-image-cuda-12-8-py312-c9s-pull-request.yaml (1)

39-39: Verify platform build-size scaling is consistent across all Tekton files.

The arm64 platform changed from linux/arm64 to linux-d160-m2xlarge/arm64 (larger compute resources). This appears aligned with addressing OOMKilled failures mentioned in PR comments.

Confirm that:

Similar platform scaling is applied consistently across other Tekton base-image files in this PR (e.g., .tekton/odh-base-image-cuda-py312-c9s-pull-request.yaml).

This change does not conflict with downstream Konflux or CI configurations.

jupyter/datascience/ubi9-python-3.12/pylock.toml (1)

670-677: Lock file content verified as properly regenerated.

The codeflare-sdk version bump (0.32.2 → 0.33.0) is correctly present with valid TOML structure, properly formatted hashes (SHA256 format with 64 hex characters), and consistent metadata entries. The file structure is well-formed with all [[packages]] sections properly delimited. Ray version 2.52.1 is also present with appropriate wheel entries for the supported platforms.

runtimes/datascience/ubi9-python-3.12/pylock.toml (2)

568-573: Verify the click downgrade (8.3.1 → 8.2.1) is intentional.

Click was downgraded rather than upgraded. This is unusual unless resolving a known incompatibility. Confirm:

Is this downgrade intentional, or an artifact of dependency resolution (e.g., codeflare-sdk 0.33.0 or ray 2.52.1 forcing it)?

Does this align with the earlier comment about click inconsistencies across runtimes (8.2.1, 8.3.1 vs jupyter 8.1.8)?

Are there any breaking changes in click 8.3.1 that necessitate reverting to 8.2.1?

582-587: codeflare-sdk update looks correct.

The version bump from 0.32.1 to 0.33.0 directly addresses the CVE fix objective. URLs, hashes, and metadata are properly updated. Platform marker exclusions (ppc64le, s390x) remain consistent.

runtimes/tensorflow/ubi9-python-3.12/pylock.toml (2)

583-586: Verify click version downgrade from 8.3.1 to 8.2.1.

The click dependency was downgraded rather than updated. Confirm this is intentional and does not regress functionality or security.

597-600: codeflare-sdk bump to 0.33.0 aligns with CVE-2025-62593 mitigation.

The version bump and updated metadata (sdist/wheel URLs, hashes) are appropriate for the security fix.
jupyter/rocm/pytorch/ubi9-python-3.12/pylock.toml (4)
680-683: Verify the codeflare-sdk update aligns with CVE fix scope.

The codeflare-sdk version bump from 0.32.2 to 0.33.0 is correct for the CVE-2025-62593 fix. However, ensure this is the only intentional change to address the CVE, and confirm no transitive dependency cascades introduced unrelated updates.

4196-4214: Verify ray version bump to 2.52.1 and arm64 wheel availability.

The ray version was bumped from 2.47.1 to 2.52.1 (5 minor versions). This is a significant jump not mentioned in the PR objectives. Per PR comments, ray 2.52.1 lacks wheels for aarch64 (manylinux_2_34_aarch64), which caused build failures. Confirm:

Whether the new wheels provide arm64 support (manylinux2014_aarch64 vs. manylinux_2_34_aarch64 tags).

Whether this version bump was intentional or a transitive dependency resolution artifact.

Whether any build-time platform constraints or required-environments adjustments are needed.

677-4214: Verify click downgrade is intentional.

Per the AI summary, click was downgraded from 8.3.1 to 8.2.1. This downgrade is not mentioned in the PR description and contradicts the typical intent of a CVE-fix PR (which should minimize scope changes). Confirm:

Whether the click downgrade was intentional (e.g., to resolve a conflict) or an unintended artifact of lock file regeneration.

Whether the downgrade introduces any compatibility risks or regressions.

If unintentional, consider regenerating the lock file using the approach suggested in PR comments: gmake refresh-lock-files without FORCE_LOCKFILES_UPGRADE=1.

677-4214: Confirm lock file regeneration was performed correctly.

Per jiridanek's feedback in PR comments, there were concerns about pylock.toml generation. Confirm that this lock file was regenerated using the recommended approach (e.g., gmake refresh-lock-files without FORCE_LOCKFILES_UPGRADE=1) to ensure transitive dependencies are correctly resolved without scope creep.

Run the following script to verify that the lock file changes are consistent across all pylock.toml variants and that only expected dependencies were updated:
#!/bin/bash
# Description: Check for consistency of dependency updates across all pylock.toml variants.

# Find all pylock.toml files and extract codeflare-sdk, click, and ray versions
echo "=== codeflare-sdk versions across all variants ==="
fd 'pylock.toml' | xargs -I {} sh -c 'echo "File: {}"; rg "name = \"codeflare-sdk\"" -A 1 {} | head -3'

echo ""
echo "=== click versions across all variants ==="
fd 'pylock.toml' | xargs -I {} sh -c 'echo "File: {}"; rg "name = \"click\"" -A 1 {} | head -3'

echo ""
echo "=== ray versions across all variants ==="
fd 'pylock.toml' | xargs -I {} sh -c 'echo "File: {}"; rg "name = \"ray\"" -A 1 {} | head -3'
jupyter/rocm/tensorflow/ubi9-python-3.12/pylock.toml (1)

663-670: codeflare-sdk 0.33.0 update is correct and aligned with PR objectives.

The version bump from 0.32.2 to 0.33.0 is properly reflected in the lockfile with updated sdist and wheel URLs, sizes, and sha256 hashes. This aligns with the stated CVE-2025-62593 fix and is consistent across other lockfiles in this PR.

runtimes/rocm-tensorflow/ubi9-python-3.12/pylock.toml (3)

562-562: Verify intentionality of click downgrade from 8.3.1 → 8.2.1.

Click has been downgraded rather than upgraded. Confirm this is intentional and that no regressions are introduced (e.g., missing features, API changes, or compatibility issues with dependent packages). If this was unintended, revert to 8.3.1.

Also applies to: 564-565

569-572: codeflare-sdk 0.33.0 upgrade looks good.

The codeflare-sdk version has been correctly updated from 0.32.x to 0.33.0 as intended, with valid sdist and wheel artifacts. This aligns with the PR objective to address the CVE (though the underlying vulnerability is in Ray, not codeflare-sdk itself).

3298-3315: Ray 2.52.1 wheels provide better multi-arch support; monitor for platform-specific glibc version gaps.

Ray 2.52.1 now includes wheels for aarch64 (manylinux2014_aarch64) alongside x86_64 and macOS. This improves architecture coverage compared to prior versions. However, the PR discussion notes that some downstream consumers require manylinux_2_34_aarch64 wheels (glibc 2.34+), while these wheels use manylinux2014 (glibc 2.17+). If downstream builds fail due to glibc version mismatches on specific architectures, you may need to either (1) adjust target environments to use compatible base images, (2) contact Ray maintainers for newer manylinux variants, or (3) regenerate locks per-architecture if using uv.

Per past feedback, multi-arch pylock handling may require per-arch generation to avoid wheel-availability gaps on non-x86 platforms. Ensure builds are tested on all target architectures before merge.

runtimes/rocm-pytorch/ubi9-python-3.12/pylock.toml (1)

573-579: Reconsider the CVE context for this click downgrade.

CVE-2025-62593 is a Ray project vulnerability, not a codeflare-sdk issue; neither codeflare-sdk nor click are affected. Additionally, click 8.3.1 and 8.2.1 are both bugfix releases with no documented security differences. If a click version change is necessary, verify whether it stems from codeflare-sdk's actual dependency requirements rather than this CVE.

Likely an incorrect or invalid review comment.

coderabbitai · 2025-12-15T14:04:15Z

runtimes/tensorflow/ubi9-python-3.12/pylock.toml

+version = "2.52.1"
 marker = "python_full_version >= '3.12' and implementation_name == 'cpython' and sys_platform == 'linux'"
 wheels = [
-    { url = "https://files.pythonhosted.org/packages/92/fe/2f1fc21b7a321385fe34fd159c27245c06bad795aba7de71f29e7a00e741/ray-2.47.1-cp310-cp310-macosx_11_0_arm64.whl", upload-time = 2025-06-17T22:26:11Z, size = 66145880, hashes = { sha256 = "36a30930e8d265e708df96f37f6f1f5484f4b97090d505912f992e045a69d310" } },
-    { url = "https://files.pythonhosted.org/packages/87/4a/60b0ce7dc1ac04e9c48fc398afed557f0f0cb3fd74c07cb71b567a041157/ray-2.47.1-cp310-cp310-macosx_12_0_x86_64.whl", upload-time = 2025-06-17T22:26:18Z, size = 68562947, hashes = { sha256 = "7c03a1e366d3a868a55f8c2f728f5ce35ac85ddf093ac81d0c1a35bf1c25c377" } },
-    { url = "https://files.pythonhosted.org/packages/2f/a6/bad64e886ef74bbcab7d36b617e41c378088fc4852557005c1e227669697/ray-2.47.1-cp310-cp310-manylinux2014_aarch64.whl", upload-time = 2025-06-17T22:26:24Z, size = 67810643, hashes = { sha256 = "6fc7df8657b8df684b77c2d1b643137ad745aa1c12ade34743f06cca79003df0" } },
-    { url = "https://files.pythonhosted.org/packages/6d/98/9289f360deb9b3d32cc9170168dff919c2f5192bf87682d5b72050206dca/ray-2.47.1-cp310-cp310-manylinux2014_x86_64.whl", upload-time = 2025-06-17T22:26:30Z, size = 68760640, hashes = { sha256 = "84a96b4720175a0000521a48eb7aa915f3b419bb5cd6172d8dee005c3f23b813" } },
-    { url = "https://files.pythonhosted.org/packages/b6/6c/80690615b50e5e6f5309d5f0f9fcaaf83170e5240252c0d8bbeedc8dc9bd/ray-2.47.1-cp310-cp310-win_amd64.whl", upload-time = 2025-06-17T22:26:35Z, size = 26231731, hashes = { sha256 = "44900a1a72cb3bfb331db160a8975737c25945a97f376c70e72ccf35adf3b744" } },
-    { url = "https://files.pythonhosted.org/packages/82/8c/f763f633a4c80d9ead6c1e9277983c42286a3a83dedccedb15363f3d4c40/ray-2.47.1-cp311-cp311-macosx_11_0_arm64.whl", upload-time = 2025-06-17T22:26:40Z, size = 66106702, hashes = { sha256 = "a640d447e0e6cf63f85b9220c883ec02bb2b8e40a9c1d84efa012795c769ba68" } },
-    { url = "https://files.pythonhosted.org/packages/5d/10/05b70d425c46eba22bdd46a77cf7db09328eb9dcbf5952fa32e42c5c28e5/ray-2.47.1-cp311-cp311-macosx_12_0_x86_64.whl", upload-time = 2025-06-17T22:26:46Z, size = 68525746, hashes = { sha256 = "feeba1e715cfd8737d3adcd2018d0cdabb7c6084fa4b093e638e6c7d42f3c956" } },
-    { url = "https://files.pythonhosted.org/packages/cd/2d/a3fe20b0830ecbe74dac1ae809c265023f713e19a9f6100870d50885f44d/ray-2.47.1-cp311-cp311-manylinux2014_aarch64.whl", upload-time = 2025-06-17T22:26:52Z, size = 67906931, hashes = { sha256 = "db5ff652e9035f03c65e1742a706b76519f6e8a6744cc005396053ac8766fc46" } },
-    { url = "https://files.pythonhosted.org/packages/5f/2b/d1395192c748b3761a43f2dbd9fa702a56f8e185fc2beee73ba25e801a46/ray-2.47.1-cp311-cp311-manylinux2014_x86_64.whl", upload-time = 2025-06-17T22:26:57Z, size = 68851571, hashes = { sha256 = "48961229614b2b56a535be510c8abc76e99a9aa7fa195b5c949bd0c6c69af40a" } },
-    { url = "https://files.pythonhosted.org/packages/de/dd/b5dc7d3581e52683259c80014e95074835042ceaf1dea6a400185e0e1947/ray-2.47.1-cp311-cp311-win_amd64.whl", upload-time = 2025-06-17T22:27:03Z, size = 26180204, hashes = { sha256 = "bd1cba64070db06bbf79c0e075cdc4529193e2d0b19564f4f057b4193b29e912" } },
-    { url = "https://files.pythonhosted.org/packages/96/d8/833edaf128fb5cdd53818d307bb93df75d943f32ecc5cb0d7b14981265e6/ray-2.47.1-cp312-cp312-macosx_11_0_arm64.whl", upload-time = 2025-06-17T22:27:08Z, size = 66091855, hashes = { sha256 = "322049c4546cf67e5efdad90c371c5508acbb193e5aaaf4038103c6c5ce1f578" } },
-    { url = "https://files.pythonhosted.org/packages/ce/fa/23640e58046c91fcc05edd04bd51dd3d6a44cd7b408faf5bb3528a24c13d/ray-2.47.1-cp312-cp312-macosx_12_0_x86_64.whl", upload-time = 2025-06-17T22:27:15Z, size = 68512697, hashes = { sha256 = "e6d9c78e53ac89cabbc4056aecfec53c506c692e3132af9dae941d6180ef462f" } },
-    { url = "https://files.pythonhosted.org/packages/c5/32/6abf17053eb0ae720a2981a17e6b22797cc655782b603a707052b47f64eb/ray-2.47.1-cp312-cp312-manylinux2014_aarch64.whl", upload-time = 2025-06-17T22:27:21Z, size = 67918881, hashes = { sha256 = "cd4e7eb475487364b5209963b17cefedcb7fbd3a816fdb6def7ea533ebd72424" } },
-    { url = "https://files.pythonhosted.org/packages/5c/31/4545d03ed68eedf42b52e2a8705a584361e262640e145d6ab219ae33969c/ray-2.47.1-cp312-cp312-manylinux2014_x86_64.whl", upload-time = 2025-06-17T22:27:27Z, size = 68888167, hashes = { sha256 = "3eaeaeec3bbe2ca6493e530c30473d84b8580a7ac3256bb9183d8c63def5a92f" } },
-    { url = "https://files.pythonhosted.org/packages/94/f6/ed91383e0057ad9e3d9c45212a0c7edc5a9d24a2e46da0d55c8233df868c/ray-2.47.1-cp312-cp312-win_amd64.whl", upload-time = 2025-06-17T22:27:33Z, size = 26164455, hashes = { sha256 = "601f23ba89918b7b3ffebf967328f7bdb605deaf8c103aad7820dc2722fe450c" } },
-    { url = "https://files.pythonhosted.org/packages/7b/85/4dbf9a126f080a1114ec7738d9274759c256ff2a1c21662b09123311bbf0/ray-2.47.1-cp313-cp313-macosx_11_0_arm64.whl", upload-time = 2025-06-17T22:27:38Z, size = 66082130, hashes = { sha256 = "8cd625d469ce15391e5f1f44ddf8dd30b2380f917603fa0172661229acb0011f" } },
-    { url = "https://files.pythonhosted.org/packages/5a/8e/e893176ca3c02a310bb962b287436508f5b61fd179a7283f37610c0e0087/ray-2.47.1-cp313-cp313-macosx_12_0_x86_64.whl", upload-time = 2025-06-17T22:27:44Z, size = 68507369, hashes = { sha256 = "e578929f58b3f0c59c7544a96d864e26278238b755d13cd19ae798070c848e57" } },
-    { url = "https://files.pythonhosted.org/packages/0c/97/f36e8a19885d930ab0dbcb0b7b6706e630412336b08fa3312bcaaad818b7/ray-2.47.1-cp313-cp313-manylinux2014_aarch64.whl", upload-time = 2025-06-17T22:27:51Z, size = 67875541, hashes = { sha256 = "d6ed6d182e25d6f77179dc77bc97a749c81765b13cb671a46db3203029389663" } },
-    { url = "https://files.pythonhosted.org/packages/52/60/83430886d17526f4757e298b77268533afeedc74ed934f911d522f191ef2/ray-2.47.1-cp313-cp313-manylinux2014_x86_64.whl", upload-time = 2025-06-17T22:27:57Z, size = 68848558, hashes = { sha256 = "252a471e8afb918b105cdbffb4cbebb0143baad75a06c8ffcde27ac317579ccb" } },
-    { url = "https://files.pythonhosted.org/packages/cf/84/055a43a9157869912b7455afbf83a7f01795def134655f82e681496378ed/ray-2.47.1-cp39-cp39-macosx_11_0_arm64.whl", upload-time = 2025-06-17T22:28:03Z, size = 66149938, hashes = { sha256 = "c21720f283a3df360ddec002a592ddfbaf520faf4cb1b86562a7b7c196ad96a0" } },
-    { url = "https://files.pythonhosted.org/packages/98/5c/08e162bf1d83709d4bb3d7cffdd12763f6f62605c5c2ad7f3b071a66353e/ray-2.47.1-cp39-cp39-macosx_12_0_x86_64.whl", upload-time = 2025-06-17T22:28:09Z, size = 68568408, hashes = { sha256 = "6c7b4abe112c4d698243e30023bcbffe2c2c9a68416b95a6a0d50f9ca5725545" } },
-    { url = "https://files.pythonhosted.org/packages/9b/0f/cec17486997fae42b00a6e82f007514635a556d32217a38204ed4a3a9530/ray-2.47.1-cp39-cp39-manylinux2014_aarch64.whl", upload-time = 2025-06-17T22:28:15Z, size = 67814246, hashes = { sha256 = "21f2689c1bbc688f9cd31a18bae2c9582027e91b508073849441167bb5077816" } },
-    { url = "https://files.pythonhosted.org/packages/b2/f1/734d5fd9835610c7d00ec5bbfb232a8bb4d560d0030d85f749c0eb0ee0f2/ray-2.47.1-cp39-cp39-manylinux2014_x86_64.whl", upload-time = 2025-06-17T22:28:22Z, size = 68763833, hashes = { sha256 = "106817f80087d21d24e63f6e56ea5ab7c387a25105eb65e6b783551f569534ea" } },
-    { url = "https://files.pythonhosted.org/packages/20/1d/64e6d6751b11668a634c7983dffc7a739487de4544110a6cacdf33c1da64/ray-2.47.1-cp39-cp39-win_amd64.whl", upload-time = 2025-06-17T22:28:27Z, size = 26234907, hashes = { sha256 = "dee02ba9b8cd45c4eadc457183f6d80f1701b85f966d02cdacd5b11867cb7375" } },
+    { url = "https://files.pythonhosted.org/packages/d0/19/7882c5918d3af848543ad1000b7da22db0f65fa20da8d371272ee24d41ba/ray-2.52.1-cp310-cp310-macosx_12_0_arm64.whl", upload-time = 2025-11-28T02:22:03Z, size = 69385176, hashes = { sha256 = "993194a8be70540e0f819862031bbf19a64401fbe6c31b42065fd313ba466d34" } },
+    { url = "https://files.pythonhosted.org/packages/43/e4/e42cc912a657211eca9eb0befe71ffc4b6a209d561e9eaed246255c05c4d/ray-2.52.1-cp310-cp310-manylinux2014_aarch64.whl", upload-time = 2025-11-28T02:22:09Z, size = 71253481, hashes = { sha256 = "65bf461fdfe4ffa667c46f9455f8740b2ad6c1fa471b461d5f5cf6b7baf177b5" } },
+    { url = "https://files.pythonhosted.org/packages/ee/3e/f180102b73157592ab48a160711771728bbbdc77f6a0510a6a7a2ca18818/ray-2.52.1-cp310-cp310-manylinux2014_x86_64.whl", upload-time = 2025-11-28T02:22:15Z, size = 72083695, hashes = { sha256 = "b3f9e61b799fb3cc8fd7077a3d2eb676ddfef7db644f6b6a2b657c5c3214cf19" } },
+    { url = "https://files.pythonhosted.org/packages/f3/b4/f6109cb80f8c3057fb5361d0c76249856cda0872ef36220d9b7f600f1253/ray-2.52.1-cp310-cp310-win_amd64.whl", upload-time = 2025-11-28T02:22:19Z, size = 27169182, hashes = { sha256 = "24694e60cdc7770b90f123cc578cabb9d1a231c1fe673b5da0027b118de45846" } },
+    { url = "https://files.pythonhosted.org/packages/8c/64/688d72f53f7adf582913a1bba95ab9fc3232a144057aec6b6f62cc1c76b4/ray-2.52.1-cp311-cp311-macosx_12_0_arm64.whl", upload-time = 2025-11-28T02:22:24Z, size = 69389239, hashes = { sha256 = "f59e3b2d1a1466ac0778f2c6fac9ccb5f30107d77e3dddd1d60167248d268474" } },
+    { url = "https://files.pythonhosted.org/packages/0b/c6/ae42db4bc9efd221643abad28d0fcdeecc31d49728f07eb27d2b1e4fcebc/ray-2.52.1-cp311-cp311-manylinux2014_aarch64.whl", upload-time = 2025-11-28T02:22:30Z, size = 71373439, hashes = { sha256 = "2b57ef272a2a0a0dbae6d18d70aa541eab620b4fe3b44d50466d3a533c16f9d9" } },
+    { url = "https://files.pythonhosted.org/packages/40/5e/b000aa0e8189b37a8f2dfb4f589bb78105e9c451ad75424d4e67f03c5c79/ray-2.52.1-cp311-cp311-manylinux2014_x86_64.whl", upload-time = 2025-11-28T02:22:35Z, size = 72201688, hashes = { sha256 = "a5a3c268d45060c50cd029979ecc5f1eaaec040b19fa88dd4fe9e927d19ff13e" } },
+    { url = "https://files.pythonhosted.org/packages/fc/5f/0b2e7bf4e1e80c83aaba789de81f346b6fd5f014223873e22f94e2e1c5d4/ray-2.52.1-cp311-cp311-win_amd64.whl", upload-time = 2025-11-28T02:22:40Z, size = 27163246, hashes = { sha256 = "4e8478544fef69a17d865431c0bebdcfeff7c0f76a306f29b73c3bc3cbb0bdb9" } },
+    { url = "https://files.pythonhosted.org/packages/5c/c5/d5c3b6e28dee2bb6f9029dfcb950f41c2e682b1bf4cdbbbe42bde66f2ea8/ray-2.52.1-cp312-cp312-macosx_12_0_arm64.whl", upload-time = 2025-11-28T02:22:45Z, size = 69374499, hashes = { sha256 = "6831592fedf0a122016f5dab4b67d85fa3d4db3b21f588d18834b5c031396d1c" } },
+    { url = "https://files.pythonhosted.org/packages/63/9f/a019b66f1d716cfed89edfa6c597c9bffe4eab559042a8495a9c2b2c82ab/ray-2.52.1-cp312-cp312-manylinux2014_aarch64.whl", upload-time = 2025-11-28T02:22:51Z, size = 71412116, hashes = { sha256 = "08eb8f5fd55292ba6bee363a32491136a5e54af54e007f81e0603986fbea41a4" } },
+    { url = "https://files.pythonhosted.org/packages/d7/a5/eaea6f080953dfe1506c4d7b7e16a46536b6ebc9f39703683e0c94e115e0/ray-2.52.1-cp312-cp312-manylinux2014_x86_64.whl", upload-time = 2025-11-28T02:22:56Z, size = 72267230, hashes = { sha256 = "843c0108ad72bb7fc6c23a22e29e6099546a5eaad3ad675c78a146d9080f6ec6" } },
+    { url = "https://files.pythonhosted.org/packages/eb/69/d6cabdd6f3651f380a0cdf90d97b71ec266d6ba06fd2e649e8c878ab08ce/ray-2.52.1-cp312-cp312-win_amd64.whl", upload-time = 2025-11-28T02:23:01Z, size = 27144021, hashes = { sha256 = "8045172ad3fcff62b9dab9a4cd2e0991ad0e27fc814fe625a8d3a120306651d6" } },
+    { url = "https://files.pythonhosted.org/packages/b3/8a/d802270d2871cb3a18cb470f4645eb5cef0deaeda9a4c0d1ac280f2a7424/ray-2.52.1-cp313-cp313-macosx_12_0_arm64.whl", upload-time = 2025-11-28T02:23:06Z, size = 69321286, hashes = { sha256 = "b5bc29548abb0a0a7ae9e6ff3b0ccca2824edaf011a4336e15a32793d574fbfd" } },
+    { url = "https://files.pythonhosted.org/packages/7c/35/5f354584dfbc38e0851f9284f905798060d7fca98c9e9da42838296515b7/ray-2.52.1-cp313-cp313-manylinux2014_aarch64.whl", upload-time = 2025-11-28T02:23:11Z, size = 71319629, hashes = { sha256 = "e3826aeb4e4399de0c6885bd8be7ce2f629fa0010f0013f1183e0726b3d25e40" } },
+    { url = "https://files.pythonhosted.org/packages/a0/a0/b5e0099e1b1b3dc2e4c6c78a6630fd97ed2706cd47daba4d7872897cfe86/ray-2.52.1-cp313-cp313-manylinux2014_x86_64.whl", upload-time = 2025-11-28T02:23:17Z, size = 72181309, hashes = { sha256 = "bbe492c780a39a64bd3d0766cad10d54cf12222df88d287ec2d8f2d52de37c79" } },
 ]


⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

# First, let's find and examine the pylock.toml file find . -name "pylock.toml" -type f

Repository: opendatahub-io/notebooks

Length of output: 968

🏁 Script executed:

# Read the specific section mentioned in the review (lines 3900-3925 to get full context) head -n 3925 runtimes/tensorflow/ubi9-python-3.12/pylock.toml | tail -n 26

Repository: opendatahub-io/notebooks

Length of output: 5075

Ray entry has non-linux wheels listed under linux-only marker.

The marker specifies sys_platform == 'linux' but the wheels list includes macOS (macosx_12_0_arm64) and Windows (win_amd64) wheels alongside the valid manylinux wheels (manylinux2014_aarch64 and manylinux2014_x86_64). Remove the 8 non-linux wheels (4 macOS, 4 Windows) and keep only the 8 manylinux wheels.

….32.1 to 0.33.0

coderabbitai

Actionable comments posted: 1

♻️ Duplicate comments (9)

runtimes/datascience/ubi9-python-3.12/pylock.toml (3)
568-573: Click version inconsistency persists across runtimes—align or document rationale.

This PR maintains click 8.2.1 here, but past reviews flagged that runtimes use multiple versions: 8.2.1 (datascience), 8.3.1 (pytorch+llmcompressor), and 8.1.8 (jupyter). Ensure this inconsistency doesn't introduce subtle compatibility issues with downstream tools or dependencies expecting a specific version range.

Run the following to check click version distribution across all lockfiles:
#!/bin/bash
# Find all click version constraints in pylock files
rg -n 'name = "click"' -A2 runtimes/**/*.toml jupyter-environments/**/*.toml 2>/dev/null | grep -E '(name|version)'
3564-3584: ⚠️ Critical: ray multi-arch marker–wheel mismatch unresolved.

The marker restricts this entry to sys_platform == 'linux', yet the wheels list includes macOS (macosx_12_0_arm64) and Windows (win_amd64) artifacts. This contradiction prevents correct dependency resolution—tooling will attempt to use Linux-restricted wheels on non-Linux platforms.

Filter the wheels to include only Linux artifacts:
 [[packages]]
 name = "ray"
 version = "2.52.1"
 marker = "implementation_name == 'cpython' and platform_machine != 'ppc64le' and platform_machine != 's390x' and sys_platform == 'linux'"
 wheels = [
     { url = "https://files.pythonhosted.org/packages/43/e4/e42cc912a657211eca9eb0befe71ffc4b6a209d561e9eaed246255c05c4d/ray-2.52.1-cp310-cp310-manylinux2014_aarch64.whl", upload-time = 2025-11-28T02:22:09Z, size = 71253481, hashes = { sha256 = "65bf461fdfe4ffa667c46f9455f8740b2ad6c1fa471b461d5f5cf6b7baf177b5" } },
     { url = "https://files.pythonhosted.org/packages/ee/3e/f180102b73157592ab48a160711771728bbbdc77f6a0510a6a7a2ca18818/ray-2.52.1-cp310-cp310-manylinux2014_x86_64.whl", upload-time = 2025-11-28T02:22:15Z, size = 72083695, hashes = { sha256 = "b3f9e61b799fb3cc8fd7077a3d2eb676ddfef7db644f6b6a2b657c5c3214cf19" } },
     { url = "https://files.pythonhosted.org/packages/0b/c6/ae42db4bc9efd221643abad28d0fcdeecc31d49728f07eb27d2b1e4fcebc/ray-2.52.1-cp311-cp311-manylinux2014_aarch64.whl", upload-time = 2025-11-28T02:22:30Z, size = 71373439, hashes = { sha256 = "2b57ef272a2a0a0dbae6d18d70aa541eab620b4fe3b44d50466d3a533c16f9d9" } },
     { url = "https://files.pythonhosted.org/packages/40/5e/b000aa0e8189b37a8f2dfb4f589bb78105e9c451ad75424d4e67f03c5c79/ray-2.52.1-cp311-cp311-manylinux2014_x86_64.whl", upload-time = 2025-11-28T02:22:35Z, size = 72201688, hashes = { sha256 = "a5a3c268d45060c50cd029979ecc5f1eaaec040b19fa88dd4fe9e927d19ff13e" } },
     { url = "https://files.pythonhosted.org/packages/63/9f/a019b66f1d716cfed89edfa6c597c9bffe4eab559042a8495a9c2b2c82ab/ray-2.52.1-cp312-cp312-manylinux2014_aarch64.whl", upload-time = 2025-11-28T02:22:51Z, size = 71412116, hashes = { sha256 = "08eb8f5fd55292ba6bee363a32491136a5e54af54e007f81e0603986fbea41a4" } },
     { url = "https://files.pythonhosted.org/packages/d7/a5/eaea6f080953dfe1506c4d7b7e16a46536b6ebc9f39703683e0c94e115e0/ray-2.52.1-cp312-cp312-manylinux2014_x86_64.whl", upload-time = 2025-11-28T02:22:56Z, size = 72267230, hashes = { sha256 = "843c0108ad72bb7fc6c23a22e29e6099546a5eaad3ad675c78a146d9080f6ec6" } },
     { url = "https://files.pythonhosted.org/packages/7c/35/5f354584dfbc38e0851f9284f905798060d7fca98c9e9da42838296515b7/ray-2.52.1-cp313-cp313-manylinux2014_aarch64.whl", upload-time = 2025-11-28T02:23:11Z, size = 71319629, hashes = { sha256 = "e3826aeb4e4399de0c6885bd8be7ce2f629fa0010f0013f1183e0726b3d25e40" } },
     { url = "https://files.pythonhosted.org/packages/a0/a0/b5e0099e1b1b3dc2e4c6c78a6630fd97ed2706cd47daba4d7872897cfe86/ray-2.52.1-cp313-cp313-manylinux2014_x86_64.whl", upload-time = 2025-11-28T02:23:17Z, size = 72181309, hashes = { sha256 = "bbe492c780a39a64bd3d0766cad10d54cf12222df88d287ec2d8f2d52de37c79" } },
 ]
3578-3578: ⚠️ Critical: ray cp312-aarch64 wheel does not exist in upstream.

Line 3578 pins ray-2.52.1-cp312-cp312-manylinux2014_aarch64.whl, but ray 2.52.1 does not publish aarch64 wheels for Python 3.12. Per PyPI/upstream documentation (confirmed in past review), aarch64 wheels exist only for cp310, cp311, and cp313. This URL will fail on aarch64+Python 3.12 systems, breaking multi-arch container builds.

Recommended fix: Remove the cp312-aarch64 wheel and optionally add an sdist fallback for aarch64 builds:
     { url = "https://files.pythonhosted.org/packages/63/9f/a019b66f1d716cfed89edfa6c597c9bffe4eab559042a8495a9c2b2c82ab/ray-2.52.1-cp312-cp312-manylinux2014_aarch64.whl", upload-time = 2025-11-28T02:22:51Z, size = 71412116, hashes = { sha256 = "08eb8f5fd55292ba6bee363a32491136a5e54af54e007f81e0603986fbea41a4" } },
Alternatively, if aarch64+Python 3.12 support is required, either:

Pin ray to a version that publishes cp312-aarch64 wheels, or

Gate ray on x86_64 only (adding platform_machine == 'x86_64' to the marker), or

Add a matching sdist entry for source builds on unsupported platforms.

Verify whether this wheel URL exists on PyPI:
#!/bin/bash
# Check if the cp312-aarch64 wheel exists
curl -I -s "https://files.pythonhosted.org/packages/63/9f/a019b66f1d716cfed89edfa6c597c9bffe4eab559042a8495a9c2b2c82ab/ray-2.52.1-cp312-cp312-manylinux2014_aarch64.whl" | head -1
jupyter/tensorflow/ubi9-python-3.12/pylock.toml (1)

4488-4509: Clarify the intentionality of the ray 2.52.1 upgrade.

A past reviewer flagged (lines 4489–4509) that ray was upgraded from 2.47.1 to 2.52.1, which appears unrelated to the codeflare-sdk CVE fix and was likely incidental to lock file regeneration. Verify and document whether this upgrade is intentional or should be reverted to keep the PR focused on the CVE fix. If the upgrade is intentional, explain why it's necessary and confirm compatibility.
runtimes/rocm-pytorch/ubi9-python-3.12/pyproject.toml (1)
24-24: Missing platform guard for codeflare-sdk on ppc64le/s390x (previously flagged).

Despite prior review comment, the platform guard remains absent. This dependency will fail installation on ppc64le/s390x architectures where wheels are unavailable. Update to match the constraint used in runtimes/datascience/ubi9-python-3.12/pyproject.toml:
-    "codeflare-sdk~=0.33.0",
+    "codeflare-sdk~=0.33.0; platform_machine != 'ppc64le' and platform_machine != 's390x'",
jupyter/rocm/tensorflow/ubi9-python-3.12/pyproject.toml (1)
28-28: Missing platform guard for codeflare-sdk on ppc64le/s390x (previously flagged).

Despite prior review, the platform guard remains absent. Add the constraint to prevent installation attempts where wheels are unavailable:
-    "codeflare-sdk~=0.33.0",
+    "codeflare-sdk~=0.33.0; platform_machine != 'ppc64le' and platform_machine != 's390x'",
jupyter/tensorflow/ubi9-python-3.12/pyproject.toml (1)
25-25: Missing platform guard for codeflare-sdk (critical issue—previously flagged).

This image builds for ppc64le/s390x architectures (as evidenced by PR commentary on platform-specific failures). Without the platform guard, builds will fail on these architectures where codeflare-sdk wheels are unavailable. Update to match the constraint in runtimes/datascience/ubi9-python-3.12/pyproject.toml:
-    "codeflare-sdk~=0.33.0",
+    "codeflare-sdk~=0.33.0; platform_machine != 'ppc64le' and platform_machine != 's390x'",
jupyter/rocm/pytorch/ubi9-python-3.12/pyproject.toml (1)
25-25: Missing platform guard for codeflare-sdk on ppc64le/s390x (previously flagged).

Add the platform constraint to prevent installation on unsupported architectures:
-    "codeflare-sdk~=0.33.0",
+    "codeflare-sdk~=0.33.0; platform_machine != 'ppc64le' and platform_machine != 's390x'",
Verify the current state across all pyproject.toml files:
#!/bin/bash
# Check if platform guards are consistently applied across all codeflare-sdk entries
echo "=== Checking codeflare-sdk declarations ==="
rg -n 'codeflare-sdk' --type toml -A 0 -B 0 jupyter/*/ubi9-python-3.12/pyproject.toml runtimes/*/ubi9-python-3.12/pyproject.toml

echo ""
echo "=== Reference: datascience environment (should have guard) ==="
rg -n 'codeflare-sdk' --type toml runtimes/datascience/ubi9-python-3.12/pyproject.toml
runtimes/tensorflow/ubi9-python-3.12/pylock.toml (1)

3900-3920: 🔴 CRITICAL: Ray entry still has non-linux wheels under linux-only marker (UNRESOLVED from prior review).

The marker specifies sys_platform == 'linux' but the wheels list contains 7 non-linux wheels:

macOS (4): cp310/cp311/cp312/cp313 → macosx_12_0_arm64

Windows (3): cp310/cp311/cp312 → win_amd64

The marker-wheel mismatch was flagged in prior review comments (as supposedly addressed in commit 691d7d3), but the issue persists. When pip resolves on a Linux system, it should only see manylinux wheels (x86_64 and aarch64), not macOS or Windows wheels.

Remove all 7 non-linux wheels, keeping only the 8 manylinux wheels (manylinux2014_aarch64 and manylinux2014_x86_64 for cp310–cp313).

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between d71f2f1 and 278d107.

📒 Files selected for processing (36)

.tekton/odh-base-image-cuda-12-8-py312-c9s-pull-request.yaml (1 hunks)
.tekton/odh-base-image-cuda-12-8-py312-c9s-push.yaml (1 hunks)
.tekton/odh-base-image-cuda-py312-c9s-pull-request.yaml (1 hunks)
.tekton/odh-workbench-jupyter-pytorch-rocm-py312-ubi9-pull-request.yaml (1 hunks)
.tekton/odh-workbench-jupyter-trustyai-cpu-py312-ubi9-pull-request.yaml (1 hunks)
codeserver/ubi9-python-3.12/devel_env_setup.sh (2 hunks)
codeserver/ubi9-python-3.12/get_code_server_rpm.sh (1 hunks)
jupyter/datascience/ubi9-python-3.12/pylock.toml (2 hunks)
jupyter/datascience/ubi9-python-3.12/pyproject.toml (1 hunks)
jupyter/pytorch/ubi9-python-3.12/pylock.toml (2 hunks)
jupyter/pytorch/ubi9-python-3.12/pyproject.toml (1 hunks)
jupyter/rocm/pytorch/ubi9-python-3.12/pylock.toml (2 hunks)
jupyter/rocm/pytorch/ubi9-python-3.12/pyproject.toml (1 hunks)
jupyter/rocm/tensorflow/ubi9-python-3.12/pylock.toml (2 hunks)
jupyter/rocm/tensorflow/ubi9-python-3.12/pyproject.toml (1 hunks)
jupyter/tensorflow/ubi9-python-3.12/pylock.toml (2 hunks)
jupyter/tensorflow/ubi9-python-3.12/pyproject.toml (1 hunks)
jupyter/trustyai/ubi9-python-3.12/pylock.toml (2 hunks)
jupyter/trustyai/ubi9-python-3.12/pyproject.toml (1 hunks)
manifests/base/jupyter-datascience-notebook-imagestream.yaml (1 hunks)
manifests/base/jupyter-pytorch-llmcompressor-imagestream.yaml (1 hunks)
manifests/base/jupyter-pytorch-notebook-imagestream.yaml (1 hunks)
manifests/base/jupyter-rocm-pytorch-notebook-imagestream.yaml (1 hunks)
manifests/base/jupyter-rocm-tensorflow-notebook-imagestream.yaml (1 hunks)
manifests/base/jupyter-tensorflow-notebook-imagestream.yaml (1 hunks)
manifests/base/jupyter-trustyai-notebook-imagestream.yaml (1 hunks)
runtimes/datascience/ubi9-python-3.12/pylock.toml (3 hunks)
runtimes/datascience/ubi9-python-3.12/pyproject.toml (1 hunks)
runtimes/pytorch/ubi9-python-3.12/pylock.toml (3 hunks)
runtimes/pytorch/ubi9-python-3.12/pyproject.toml (1 hunks)
runtimes/rocm-pytorch/ubi9-python-3.12/pylock.toml (3 hunks)
runtimes/rocm-pytorch/ubi9-python-3.12/pyproject.toml (1 hunks)
runtimes/rocm-tensorflow/ubi9-python-3.12/pylock.toml (2 hunks)
runtimes/rocm-tensorflow/ubi9-python-3.12/pyproject.toml (1 hunks)
runtimes/tensorflow/ubi9-python-3.12/pylock.toml (3 hunks)
runtimes/tensorflow/ubi9-python-3.12/pyproject.toml (1 hunks)

✅ Files skipped from review due to trivial changes (1)

jupyter/rocm/pytorch/ubi9-python-3.12/pylock.toml

🚧 Files skipped from review as they are similar to previous changes (19)

runtimes/tensorflow/ubi9-python-3.12/pyproject.toml
.tekton/odh-workbench-jupyter-pytorch-rocm-py312-ubi9-pull-request.yaml
.tekton/odh-base-image-cuda-12-8-py312-c9s-pull-request.yaml
manifests/base/jupyter-pytorch-notebook-imagestream.yaml
codeserver/ubi9-python-3.12/devel_env_setup.sh
codeserver/ubi9-python-3.12/get_code_server_rpm.sh
runtimes/pytorch/ubi9-python-3.12/pyproject.toml
manifests/base/jupyter-datascience-notebook-imagestream.yaml
manifests/base/jupyter-rocm-pytorch-notebook-imagestream.yaml
.tekton/odh-base-image-cuda-12-8-py312-c9s-push.yaml
.tekton/odh-base-image-cuda-py312-c9s-pull-request.yaml
runtimes/rocm-tensorflow/ubi9-python-3.12/pyproject.toml
manifests/base/jupyter-pytorch-llmcompressor-imagestream.yaml
.tekton/odh-workbench-jupyter-trustyai-cpu-py312-ubi9-pull-request.yaml
jupyter/datascience/ubi9-python-3.12/pyproject.toml
runtimes/datascience/ubi9-python-3.12/pyproject.toml
manifests/base/jupyter-rocm-tensorflow-notebook-imagestream.yaml
jupyter/pytorch/ubi9-python-3.12/pyproject.toml
jupyter/trustyai/ubi9-python-3.12/pyproject.toml

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (32)

GitHub Check: build (jupyter-datascience-ubi9-python-3.12, 3.12, linux/ppc64le, false) / build
GitHub Check: build (codeserver-ubi9-python-3.12, 3.12, linux/arm64, false) / build
GitHub Check: build (runtime-cuda-pytorch-ubi9-python-3.12, 3.12, linux/amd64, false) / build
GitHub Check: build (codeserver-ubi9-python-3.12, 3.12, linux/amd64, false) / build
GitHub Check: build (jupyter-trustyai-ubi9-python-3.12, 3.12, linux/amd64, false) / build
GitHub Check: build (runtime-datascience-ubi9-python-3.12, 3.12, linux/s390x, false) / build
GitHub Check: build (cuda-jupyter-tensorflow-ubi9-python-3.12, 3.12, linux/arm64, false) / build
GitHub Check: build (runtime-datascience-ubi9-python-3.12, 3.12, linux/amd64, false) / build
GitHub Check: build (runtime-cuda-tensorflow-ubi9-python-3.12, 3.12, linux/amd64, false) / build
GitHub Check: build (jupyter-datascience-ubi9-python-3.12, 3.12, linux/amd64, false) / build
GitHub Check: build (rocm-jupyter-tensorflow-ubi9-python-3.12, 3.12, linux/amd64, false) / build
GitHub Check: build (rocm-runtime-pytorch-ubi9-python-3.12, 3.12, linux/amd64, false) / build
GitHub Check: build (cuda-jupyter-tensorflow-ubi9-python-3.12, 3.12, linux/amd64, false) / build
GitHub Check: build (rocm-runtime-tensorflow-ubi9-python-3.12, 3.12, linux/amd64, false) / build
GitHub Check: build (runtime-cuda-tensorflow-ubi9-python-3.12, 3.12, linux/arm64, false) / build
GitHub Check: build (cuda-jupyter-pytorch-ubi9-python-3.12, 3.12, linux/amd64, false) / build
GitHub Check: build (rocm-jupyter-pytorch-ubi9-python-3.12, 3.12, linux/amd64, false) / build
GitHub Check: Red Hat Konflux / odh-workbench-jupyter-tensorflow-rocm-py312-ubi9-on-pull-request
GitHub Check: Red Hat Konflux / odh-workbench-codeserver-datascience-cpu-py312-ubi9-on-pull-request
GitHub Check: Red Hat Konflux / odh-pipeline-runtime-datascience-cpu-py312-ubi9-on-pull-request
GitHub Check: Red Hat Konflux / odh-pipeline-runtime-tensorflow-cuda-py312-ubi9-on-pull-request
GitHub Check: Red Hat Konflux / odh-pipeline-runtime-pytorch-cuda-py312-ubi9-on-pull-request
GitHub Check: Red Hat Konflux / odh-workbench-jupyter-datascience-cpu-py312-ubi9-on-pull-request
GitHub Check: Red Hat Konflux / odh-workbench-jupyter-pytorch-rocm-py312-ubi9-on-pull-request
GitHub Check: Red Hat Konflux / odh-base-image-cuda-12-8-py312-c9s-on-pull-request
GitHub Check: Red Hat Konflux / odh-pipeline-runtime-tensorflow-rocm-py312-ubi9-on-pull-request
GitHub Check: Red Hat Konflux / odh-workbench-jupyter-trustyai-cpu-py312-ubi9-on-pull-request
GitHub Check: Red Hat Konflux / odh-workbench-jupyter-tensorflow-cuda-py312-ubi9-on-pull-request
GitHub Check: Red Hat Konflux / odh-base-image-cuda-py312-c9s-on-pull-request
GitHub Check: Red Hat Konflux / odh-pipeline-runtime-pytorch-rocm-py312-ubi9-on-pull-request
GitHub Check: Red Hat Konflux / odh-workbench-jupyter-pytorch-cuda-py312-ubi9-on-pull-request
GitHub Check: validation-of-sw-versions-in-imagestreams

🔇 Additional comments (21)

runtimes/datascience/ubi9-python-3.12/pylock.toml (1)

583-586: ✅ codeflare-sdk version bump correctly applied.

The update from 0.32.2 to 0.33.0 to address CVE-2025-62593 is properly reflected in both sdist and wheel entries, with correct URLs, hashes, and metadata. Platform constraints (excluding ppc64le/s390x) are preserved.

jupyter/trustyai/ubi9-python-3.12/pylock.toml (3)

3931-3949: Ray 2.52.1 correctly addresses CVE-2025-62593 with manylinux2014_aarch64 wheels.

Ray 2.52.1 is the correct version to remediate CVE-2025-62593 (critical RCE in ray < 2.52.0). The lock file properly includes manylinux2014_aarch64 wheels (not manylinux_2_34_aarch64), which resolves the previous build failures on aarch64 systems with UBI9's glibc 2.34. This aligns with the resolution tracked in prior review iterations.

657-662: Hashes verified against PyPI: Both the codeflare-sdk 0.33.0 sdist and wheel SHA256 hashes match the official PyPI release. No issues detected.

3929-3949: All wheel hashes for ray 2.52.1 match the official PyPI release.

CVE-2025-62593 is a confirmed critical RCE vulnerability in Ray's dashboard affecting versions < 2.52.0, fixed in ray 2.52.0 and carried forward in 2.52.1. All 14 wheel entries (cp310, cp311, cp312, cp313 across macOS, manylinux2014_aarch64, manylinux2014_x86_64, and Windows) have been verified against PyPI and the hashes are correct.

jupyter/tensorflow/ubi9-python-3.12/pylock.toml (1)

684-691: codeflare-sdk version bump looks correct.

The version update to 0.33.0 with corresponding sdist and wheel hash updates aligns with the PR objective to address CVE-2025-62593.

runtimes/pytorch/ubi9-python-3.12/pylock.toml (2)

588-593: CVE-2025-62593 fix properly applied via codeflare-sdk 0.33.0 bump.

The codeflare-sdk version is correctly updated to 0.33.0 with matching PyPI package metadata and checksums. This addresses the stated CVE objective.

3731-3750: Verify ray 2.52.1 wheel availability matches target platforms.

ray 2.52.1 is included as a transitive dependency (likely from the codeflare-sdk 0.33.0 update). The lockfile includes wheels for standard platforms (manylinux2014_aarch64, manylinux2014_x86_64, etc.), but PR comments noted earlier gaps for manylinux_2_34_aarch64. Confirm that the lockfile regeneration completed properly and that the wheel selection is compatible with the target container environments (e.g., UBI9 glibc baseline).

jupyter/pytorch/ubi9-python-3.12/pylock.toml (1)

4319-4339: Ray 2.52.1 correctly addresses CVE-2025-62593.

Ray 2.52.1 includes the fix for CVE-2025-62593 (the minimum fixed version is 2.52.0). The upgrade is appropriate and necessary to address the critical DNS-rebinding RCE vulnerability in the Ray dashboard.

manifests/base/jupyter-trustyai-notebook-imagestream.yaml (1)

44-44: Version annotation update is correct.

The metadata annotation documenting Codeflare-SDK version bump from 0.32 to 0.33 aligns with the actual dependency upgrade in downstream images.

manifests/base/jupyter-tensorflow-notebook-imagestream.yaml (1)

45-45: Version annotation update is correct.

The metadata annotation documenting Codeflare-SDK version bump from 0.32 to 0.33 aligns with the actual dependency upgrade in downstream images.

runtimes/tensorflow/ubi9-python-3.12/pylock.toml (2)

580-587: Verify the click version downgrade.

Click has been downgraded from 8.3.1 to 8.2.1. In a PR focused on a security fix, downgrading a transitive dependency is unusual. Clarify whether this is an intentional transitive dependency requirement from codeflare-sdk 0.33.0 or an unintended side effect during lockfile regeneration.

594-601: Codeflare-SDK bump aligns with PR objective.

Version upgraded to 0.33.0 as intended to address CVE-2025-62593. Marker and wheel metadata are correct.

runtimes/rocm-tensorflow/ubi9-python-3.12/pylock.toml (2)

560-572: ✅ codeflare-sdk 0.33.0 and click 8.2.1 updates look good.

The entries correctly reference valid versions with architecture-independent wheels (py3-none-any.whl). The bump to codeflare-sdk 0.33.0 aligns with the PR objective to address CVE-2025-62593 (Ray vulnerability). Previous invalid version references are not present.

3298-3315: ✅ ray 2.52.1 multi-architecture wheels properly address prior arch-lock concerns.

The update to ray 2.52.1 includes wheels for multiple architectures (arm64, aarch64, x86_64, win_amd64) and Python versions (3.10–3.13), resolving the prior issue where arch-specific pins broke non-x86 builds. This version patches CVE-2025-62593, which was fixed in ray 2.52.0.

jupyter/datascience/ubi9-python-3.12/pylock.toml (2)

673-676: codeflare-sdk CVE-2025-62593 fix approved.

The update from 0.32.2 → 0.33.0 correctly addresses the stated CVE objective. Hashes, upload timestamps, and distribution URLs are consistent with PyPI metadata for this release.

4162-4180: Verify ray 2.52.1 transitive bump is intentional and compatible.

Ray was upgraded from 2.47.1 → 2.52.1 (a 5-minor-version jump). Per PR comments, ray 2.52.1 lacks wheels for manylinux_2_34_aarch64, which caused downstream build failures in other environments. This lock file includes only manylinux2014 wheels (aarch64, x86_64) and standard platforms; confirm:

Whether 2.52.1 is the version required/pinned by codeflare-sdk 0.33.0, or if it is a separate/optional upgrade.

Whether manylinux2014 coverage is sufficient for this ubi9-python-3.12 environment, and whether aarch64 platform compatibility is required here.

If any downstream or platform-specific constraints need adjustment (e.g., tool.uv.required-environments if applicable).

jupyter/rocm/tensorflow/ubi9-python-3.12/pylock.toml (2)

666-669: Lockfile metadata for codeflare-sdk 0.33.0 is correctly updated.

The sdist and wheel distributions, hashes, timestamps, and sizes are all consistent with the CVE-fix objective (codeflare-sdk 0.32.2 → 0.33.0). The metadata regeneration looks accurate.

3943-3960: Ray 2.52.1 wheel metadata is correctly regenerated and includes aarch64 support.

The ray bump from 2.47.1 to 2.52.1 is a transitive dependency update from codeflare-sdk 0.33.0. All wheel distributions include manylinux2014_aarch64 variants for CPython 3.10–3.13, resolving prior concerns about aarch64 wheel availability. The metadata regeneration (URLs, hashes, timestamps, sizes) is consistent and correctly formatted.

runtimes/rocm-pytorch/ubi9-python-3.12/pylock.toml (3)

574-580: Verify click version downgrade from 8.3.1 to 8.2.1.

The lock file shows a downgrade of click (8.3.1 → 8.2.1), which is unusual during a routine dependency refresh. This may indicate a compatibility constraint introduced by the codeflare-sdk or ray updates, but the reason is not documented.

Please confirm this is intentional and not a lock file regeneration artifact.

589-593: codeflare-sdk 0.33.0 update looks good.

The version bump to 0.33.0 aligns with the PR objective to address CVE-2025-62593. Distribution URLs, hashes, and timestamps are updated correctly.

3605-3625: No action needed. Ray 2.52.1 manylinux2014_aarch64 wheels are now available on PyPI for CPython 3.10, 3.11, 3.12, and 3.13. The lock file entries are correct.

coderabbitai · 2025-12-15T16:06:02Z

jupyter/pytorch/ubi9-python-3.12/pylock.toml


 [[packages]]
 name = "codeflare-sdk"
-version = "0.32.2"
+version = "0.33.0"
 marker = "implementation_name == 'cpython' and sys_platform == 'linux'"
-sdist = { url = "https://files.pythonhosted.org/packages/b3/59/22314bdbd39741cfbaebb9cd225b6036f0c7a5e9a84822f7e756bf415431/codeflare_sdk-0.32.2.tar.gz", upload-time = 2025-11-11T17:12:45Z, size = 152072, hashes = { sha256 = "918434c599effa779601eee8f200879516c39ada289f1a935973f96c947caf0f" } }
-wheels = [{ url = "https://files.pythonhosted.org/packages/7e/0a/25a411ad52433d3c56344d391c09ade8316ec735359086323202019c3a34/codeflare_sdk-0.32.2-py3-none-any.whl", upload-time = 2025-11-11T17:12:44Z, size = 220792, hashes = { sha256 = "0b0c2ca34820c3f96246643697b90a95eb7f1b5d5b8a6e2b4e7f41a311f90f65" } }]
+sdist = { url = "https://files.pythonhosted.org/packages/1a/e6/27b0e645b5f0fd81171bce6e9ccf1613dd62cc9c2451b977efe44224a0a8/codeflare_sdk-0.33.0.tar.gz", upload-time = 2025-12-08T10:21:46Z, size = 154082, hashes = { sha256 = "a8d0a838b4ec197e91a547b8011425c1b1af8768f8cf2346365adfa24622ed48" } }
+wheels = [{ url = "https://files.pythonhosted.org/packages/5c/44/4915baa541355d9247d9fa9239e374e56ff0e665f1e167a8f53dcb40821e/codeflare_sdk-0.33.0-py3-none-any.whl", upload-time = 2025-12-08T10:21:45Z, size = 222827, hashes = { sha256 = "3cd834410053e745ad1afa1edba7577a9ea909690c00b6e724d63f64b83f9ca2" } }]



⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🌐 Web query:

CVE-2025-62593 Ray vulnerability

💡 Result:

Summary — CVE-2025-62593

What: A critical remote-code-execution (RCE) vuln in the Ray AI compute engine that allows code execution against a developer’s Ray instance via a browser-based DNS-rebinding attack combined with a weak User‑Agent check. [1][2]

Affected versions: ray < 2.52.0. [1][2]

Attack details: Exploitable from network (attacker-controlled webpage or malvertising) against developers running Ray who visit the page using Firefox or Safari; the code relied on User‑Agent starting with “Mozilla”, which can be modified per the fetch spec, enabling the bypass plus DNS rebinding to reach Ray’s unauthenticated endpoints. [1][2]

Severity: CVSS v4.0 score 9.4 (Critical). [2]

Fix: Patched in Ray 2.52.0 (see upstream commit/advisory). Upgrade to 2.52.0 or later. [2][3]

Actions to take (concise)

Upgrade any Ray installations to >= 2.52.0 immediately. [2][3]

If you must delay, do not run developer-facing Ray instances exposed to untrusted networks/browsers; restrict access (local firewall, bind to localhost or internal interfaces) and avoid visiting untrusted sites while Ray is running. [1][2]

Review the GitHub advisory and commit for technical details and mitigation/cherry-pick patches. [3]

Sources
[1] NVD entry for CVE-2025-62593.
[2] OpenCVE / vulnerability aggregators summarizing CVE-2025-62593 (CVSS 4.0=9.4, patched in 2.52.0).
[3] Ray Project GitHub commit / security advisory that patches the issue.

🏁 Script executed:

# Search the lockfile for Ray version to confirm 2.52.1 rg "name = \"ray\"" jupyter/pytorch/ubi9-python-3.12/pylock.toml -A 5

Repository: opendatahub-io/notebooks

Length of output: 810

🌐 Web query:

codeflare-sdk 0.33.0 release notes changelog

💡 Result:

Summary for codeflare-sdk v0.33.0

Release: v0.33.0 — published Dec 8, 2025. [1][2]

Main change listed in the release notes: "Update Ray to v2.52.1 for RHOAI 3.2." [1]

Packages published on PyPI: codeflare_sdk-0.33.0 (wheel and sdist). [2]

Sources
[1] project-codeflare/codeflare-sdk — Releases (v0.33.0).
[2] codeflare-sdk on PyPI — release files for 0.33.0.

Clarify CVE attribution: CVE-2025-62593 fix is in Ray 2.52.1, not codeflare-sdk.

CVE-2025-62593 is a critical RCE vulnerability in Ray affecting versions < 2.52.0, fixed in Ray 2.52.0+. The PR description implies the codeflare-sdk 0.33.0 upgrade addresses this CVE, but the actual fix is the Ray 2.52.1 upgrade. Codeflare-sdk 0.33.0 is a compatibility bump specifically released to support Ray 2.52.1 for RHOAI 3.2, not a direct CVE fix. Update the PR description to clarify that the CVE fix is in Ray 2.52.1, with codeflare-sdk 0.33.0 updated for compatibility.

openshift-ci · 2025-12-15T16:21:28Z

@ysok: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

github-actions bot added the review-requested GitHub Bot creates notification on #pr-review-ai-ide-team slack channel label Dec 4, 2025

openshift-ci bot requested review from atheo89 and daniellutz December 4, 2025 20:12

openshift-ci bot added size/xl and removed size/xl labels Dec 4, 2025

ide-developer approved these changes Dec 4, 2025

View reviewed changes

openshift-ci bot assigned ide-developer Dec 4, 2025

openshift-ci bot added the lgtm label Dec 4, 2025

coderabbitai bot reviewed Dec 4, 2025

View reviewed changes

jupyter/tensorflow/ubi9-python-3.12/pylock.toml Show resolved Hide resolved

jupyter/trustyai/ubi9-python-3.12/pylock.toml Show resolved Hide resolved

runtimes/rocm-tensorflow/ubi9-python-3.12/pylock.toml Outdated Show resolved Hide resolved

jiridanek approved these changes Dec 5, 2025

View reviewed changes

openshift-ci bot assigned jiridanek Dec 5, 2025

openshift-ci bot added the approved label Dec 5, 2025

ysok marked this pull request as draft December 5, 2025 14:08

openshift-ci bot added the do-not-merge/work-in-progress label Dec 5, 2025

openshift-merge-robot added the needs-rebase label Dec 7, 2025

atheo89 reviewed Dec 9, 2025

View reviewed changes

jupyter/datascience/ubi9-python-3.12/pyproject.toml Outdated Show resolved Hide resolved

ysok force-pushed the RHAIENG-2200-cve-2025-62593-codeflare-sdk branch from 855e3e6 to 4cda3cd Compare December 9, 2025 13:46

openshift-ci bot removed the lgtm label Dec 9, 2025

openshift-merge-robot removed the needs-rebase label Dec 9, 2025

openshift-ci bot added size/xxl and removed size/xl labels Dec 9, 2025

ysok marked this pull request as ready for review December 9, 2025 18:54

openshift-ci bot removed the do-not-merge/work-in-progress label Dec 9, 2025

openshift-ci bot added size/xl and removed size/xl labels Dec 14, 2025

ysok force-pushed the RHAIENG-2200-cve-2025-62593-codeflare-sdk branch from f1176e2 to f296497 Compare December 14, 2025 16:10

openshift-ci bot added size/xl and removed size/xl labels Dec 14, 2025

openshift-ci bot assigned atheo89 Dec 15, 2025

openshift-ci bot added the lgtm label Dec 15, 2025

ysok force-pushed the RHAIENG-2200-cve-2025-62593-codeflare-sdk branch from f296497 to d71f2f1 Compare December 15, 2025 13:59

openshift-ci bot removed the lgtm label Dec 15, 2025

openshift-ci bot added size/xl and removed size/xl labels Dec 15, 2025

coderabbitai bot reviewed Dec 15, 2025

View reviewed changes

RHAIENG-2200 : Fixed CVE-2025-62593 by bump codeflare-sdk@main from 0…

278d107

….32.1 to 0.33.0

ysok force-pushed the RHAIENG-2200-cve-2025-62593-codeflare-sdk branch from d71f2f1 to 278d107 Compare December 15, 2025 15:59

openshift-ci bot added size/xl and removed size/xl labels Dec 15, 2025

coderabbitai bot reviewed Dec 15, 2025

View reviewed changes

RHAIENG-2443: Fixed CVE-2025-62593 by bump codeflare-sdk@main from 0.32.1 to 0.33.0 #2757

Are you sure you want to change the base?

RHAIENG-2443: Fixed CVE-2025-62593 by bump codeflare-sdk@main from 0.32.1 to 0.33.0 #2757

Conversation

ysok commented Dec 4, 2025 • edited by coderabbitai bot Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Description

How Has This Been Tested?

Merge criteria:

Summary by CodeRabbit

Release Notes

Uh oh!

coderabbitai bot commented Dec 4, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Walkthrough

Changes

Estimated code review effort

Possibly related PRs

Suggested labels

Suggested reviewers

Pre-merge checks and finishing touches

Uh oh!

coderabbitai bot left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

atheo89 commented Dec 5, 2025

Uh oh!

atheo89 commented Dec 5, 2025

Uh oh!

ysok commented Dec 5, 2025

Uh oh!

Uh oh!

ysok commented Dec 14, 2025

Uh oh!

atheo89 commented Dec 15, 2025

Uh oh!

openshift-ci-robot commented Dec 15, 2025

Uh oh!

ysok commented Dec 15, 2025

Uh oh!

openshift-ci bot commented Dec 15, 2025

Uh oh!

coderabbitai bot left a comment

Choose a reason for hiding this comment

Uh oh!

coderabbitai bot Dec 15, 2025

Choose a reason for hiding this comment

Uh oh!

coderabbitai bot left a comment

Choose a reason for hiding this comment

Uh oh!

coderabbitai bot Dec 15, 2025

Choose a reason for hiding this comment

Uh oh!

openshift-ci bot commented Dec 15, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

6 participants

ysok commented Dec 4, 2025 •

edited by coderabbitai bot

Loading

coderabbitai bot commented Dec 4, 2025 •

edited

Loading