From b0d4dd256d76e6e0bfedc6e7add11c463e6632a5 Mon Sep 17 00:00:00 2001 From: Greyson LaLonde Date: Mon, 11 May 2026 22:31:56 +0800 Subject: [PATCH] fix(deps): patch gitpython, langchain-core; ignore unpatched paramiko CVE --- .github/workflows/vulnerability-scan.yml | 6 +++-- lib/crewai-tools/pyproject.toml | 2 +- pyproject.toml | 7 ++--- uv.lock | 33 +++++++++++++++++------- 4 files changed, 32 insertions(+), 16 deletions(-) diff --git a/.github/workflows/vulnerability-scan.yml b/.github/workflows/vulnerability-scan.yml index df340ec22..bf61b8e83 100644 --- a/.github/workflows/vulnerability-scan.yml +++ b/.github/workflows/vulnerability-scan.yml @@ -46,9 +46,11 @@ jobs: - name: Run pip-audit run: | uv run pip-audit --desc --aliases --skip-editable --format json --output pip-audit-report.json \ - --ignore-vuln CVE-2026-3219 + --ignore-vuln CVE-2026-3219 \ + --ignore-vuln GHSA-r374-rxx8-8654 # Ignored CVEs: - # CVE-2026-3219 - pip 26.0.1 (GHSA-58qw-9mgm-455v): no fix available, archive handling issue + # CVE-2026-3219 - pip 26.0.1 (GHSA-58qw-9mgm-455v): no fix available, archive handling issue + # GHSA-r374-rxx8-8654 - paramiko 4.0.0 (SHA-1 in rsakey.py): no fix available; transitive via composio-core continue-on-error: true - name: Display results diff --git a/lib/crewai-tools/pyproject.toml b/lib/crewai-tools/pyproject.toml index 3be31b812..049c998cb 100644 --- a/lib/crewai-tools/pyproject.toml +++ b/lib/crewai-tools/pyproject.toml @@ -107,7 +107,7 @@ stagehand = [ "stagehand>=0.4.1", ] github = [ - "gitpython>=3.1.47,<4", + "gitpython>=3.1.50,<4", "PyGithub==1.59.1", ] rag = [ diff --git a/pyproject.toml b/pyproject.toml index 1b999259b..500371670 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -176,13 +176,14 @@ exclude-newer = "3 days" # onnxruntime 1.24+ dropped Python 3.10 wheels; cap it so qdrant[fastembed] resolves on 3.10. # fastembed 0.7.x and docling 2.63 cap pillow<12; the removed APIs don't affect them. # langchain-core <1.2.31 has GHSA-926x-3r5x-gfhw and is required by langchain-text-splitters 1.1.2+. +# langchain-core 1.0.0-1.3.2 has GHSA-pjwx-r37v-7724 (unsafe deserialization via broad load() allowlists); force 1.3.3+. # langchain-text-splitters <1.1.2 has GHSA-fv5p-p927-qmxr (SSRF bypass in split_text_from_url). # transformers 4.57.6 has CVE-2026-1839; force 5.4+ (docling 2.84 allows huggingface-hub>=1). # cryptography 46.0.6 has CVE-2026-39892; force 46.0.7+. # pypdf <6.10.2 has GHSA-4pxv-j86v-mhcw, GHSA-7gw9-cf7v-778f, GHSA-x284-j5p8-9c5p; force 6.10.2+. # uv <0.11.6 has GHSA-pjjw-68hj-v9mw; force 0.11.6+. # python-multipart <0.0.27 has GHSA-pp6c-gr5w-3c5g (DoS via unbounded multipart headers). -# gitpython <3.1.49 has GHSA-v87r-6q3f-2j67 (newline injection -> RCE via core.hooksPath). +# gitpython <3.1.50 has GHSA-mv93-w799-cj2w (config_writer newline injection bypassing the 3.1.49 patch -> RCE via core.hooksPath). # langsmith <0.7.31 has GHSA-rr7j-v2q5-chgv (streaming token redaction bypass); force 0.7.31+. # authlib <1.6.11 has GHSA-jj8c-mmj3-mmgv (CSRF bypass in cache-based state storage). # litellm 1.83.8+ hard-pins openai==2.24.0, missing openai.types.responses used by crewai; @@ -192,7 +193,7 @@ override-dependencies = [ "rich>=13.7.1", "onnxruntime<1.24; python_version < '3.11'", "pillow>=12.1.1", - "langchain-core>=1.2.31,<2", + "langchain-core>=1.3.3,<2", "langchain-text-splitters>=1.1.2,<2", "urllib3>=2.6.3", "transformers>=5.4.0; python_version >= '3.10'", @@ -200,7 +201,7 @@ override-dependencies = [ "pypdf>=6.10.2,<7", "uv>=0.11.6,<1", "python-multipart>=0.0.27,<1", - "gitpython>=3.1.49,<4", + "gitpython>=3.1.50,<4", "langsmith>=0.7.31,<0.8", "authlib>=1.6.11", ] diff --git a/uv.lock b/uv.lock index cc09ffa23..44fd9d3f8 100644 --- a/uv.lock +++ b/uv.lock @@ -13,7 +13,7 @@ resolution-markers = [ ] [options] -exclude-newer = "2026-05-05T14:00:48.273047Z" +exclude-newer = "2026-05-08T14:22:14.71884Z" exclude-newer-span = "P3D" [manifest] @@ -28,8 +28,8 @@ members = [ overrides = [ { name = "authlib", specifier = ">=1.6.11" }, { name = "cryptography", specifier = ">=46.0.7" }, - { name = "gitpython", specifier = ">=3.1.49,<4" }, - { name = "langchain-core", specifier = ">=1.2.31,<2" }, + { name = "gitpython", specifier = ">=3.1.50,<4" }, + { name = "langchain-core", specifier = ">=1.3.3,<2" }, { name = "langchain-text-splitters", specifier = ">=1.1.2,<2" }, { name = "langsmith", specifier = ">=0.7.31,<0.8" }, { name = "onnxruntime", marker = "python_full_version < '3.11'", specifier = "<1.24" }, @@ -1707,7 +1707,7 @@ requires-dist = [ { name = "e2b-code-interpreter", marker = "extra == 'e2b'", specifier = "~=2.6.0" }, { name = "exa-py", marker = "extra == 'exa-py'", specifier = ">=1.8.7" }, { name = "firecrawl-py", marker = "extra == 'firecrawl-py'", specifier = ">=1.8.0" }, - { name = "gitpython", marker = "extra == 'github'", specifier = ">=3.1.47,<4" }, + { name = "gitpython", marker = "extra == 'github'", specifier = ">=3.1.50,<4" }, { name = "hyperbrowser", marker = "extra == 'hyperbrowser'", specifier = ">=0.18.0" }, { name = "langchain-apify", marker = "extra == 'apify'", specifier = ">=0.1.2,<1.0.0" }, { name = "linkup-sdk", marker = "extra == 'linkup-sdk'", specifier = ">=0.2.2" }, @@ -2700,14 +2700,14 @@ wheels = [ [[package]] name = "gitpython" -version = "3.1.49" +version = "3.1.50" source = { registry = "https://pypi.org/simple" } dependencies = [ { name = "gitdb" }, ] -sdist = { url = "https://files.pythonhosted.org/packages/e1/63/210aaa302d6a0a78daa67c5c15bbac2cad361722841278b0209b6da20855/gitpython-3.1.49.tar.gz", hash = "sha256:42f9399c9eb33fc581014bedd76049dfbaf6375aa2a5754575966387280315e1", size = 219367, upload-time = "2026-04-29T00:31:20.478Z" } +sdist = { url = "https://files.pythonhosted.org/packages/33/f6/354ae6491228b5eb40e10d89c4d13c651fe1cf7556e35ebdded50cff57ce/gitpython-3.1.50.tar.gz", hash = "sha256:80da2d12504d52e1f998772dc5baf6e553f8d2fcfe1fcc226c9d9a2ee3372dcc", size = 219798, upload-time = "2026-05-06T04:01:26.571Z" } wheels = [ - { url = "https://files.pythonhosted.org/packages/fd/6f/b842bfa6f21d6f87c57f9abf7194225e55279d96d869775e19e9f7236fc5/gitpython-3.1.49-py3-none-any.whl", hash = "sha256:024b0422d7f84d15cd794844e029ffebd4c5d42a7eb9b936b458697ef550a02c", size = 212190, upload-time = "2026-04-29T00:31:18.412Z" }, + { url = "https://files.pythonhosted.org/packages/20/7a/1c6e3562dfd8950adbb11ffbc65d21e7c89d01a6e4f137fa981056de25c5/gitpython-3.1.50-py3-none-any.whl", hash = "sha256:d352abe2908d07355014abdd21ddf798c2a961469239afec4962e9da884858f9", size = 212507, upload-time = "2026-05-06T04:01:23.799Z" }, ] [[package]] @@ -3835,10 +3835,11 @@ wheels = [ [[package]] name = "langchain-core" -version = "1.3.0" +version = "1.3.3" source = { registry = "https://pypi.org/simple" } dependencies = [ { name = "jsonpatch" }, + { name = "langchain-protocol" }, { name = "langsmith" }, { name = "packaging" }, { name = "pydantic" }, @@ -3847,9 +3848,21 @@ dependencies = [ { name = "typing-extensions" }, { name = "uuid-utils" }, ] -sdist = { url = "https://files.pythonhosted.org/packages/92/fe/20190232d9b513242899dbb0c2bb77e31b4d61e343743adbe90ebc2603d2/langchain_core-1.3.0.tar.gz", hash = "sha256:14a39f528bf459aa3aa40d0a7f7f1bae7520d435ef991ae14a4ceb74d8c49046", size = 860755, upload-time = "2026-04-17T14:51:38.298Z" } +sdist = { url = "https://files.pythonhosted.org/packages/d3/ae/8b74458fc3850ec3d150eb9f45e857db129dafa801fb5cf173dfc9f8bbf3/langchain_core-1.3.3.tar.gz", hash = "sha256:fa510a5db8efdc0c6ff41c0939fb5c00a0183c11f6b84233e892e3227ff69182", size = 915041, upload-time = "2026-05-05T19:02:36.612Z" } wheels = [ - { url = "https://files.pythonhosted.org/packages/f8/e2/dbfa347aa072a6dc4cd38d6f9ebfc730b4c14c258c47f480f4c5c546f177/langchain_core-1.3.0-py3-none-any.whl", hash = "sha256:baf16ee028475df177b9ab8869a751c79406d64a6f12125b93802991b566cced", size = 515140, upload-time = "2026-04-17T14:51:36.274Z" }, + { url = "https://files.pythonhosted.org/packages/1f/01/4771b7ab2af1d1aba5b710bd8f13d9225c609425214b357590a17b01be77/langchain_core-1.3.3-py3-none-any.whl", hash = "sha256:18aae8506f37da7f74398492279a7d6efcee4f8e23c4c41c7af080eeb7ef7bd1", size = 543857, upload-time = "2026-05-05T19:02:34.52Z" }, +] + +[[package]] +name = "langchain-protocol" +version = "0.0.15" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "typing-extensions" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/4f/24/9777489d6fbbee64af0c8f96d4f840239c408cf694f3394672807dafc490/langchain_protocol-0.0.15.tar.gz", hash = "sha256:9ab2d11ee73944754f10e037e717098d3a6796f0e58afa9cadda6154e7655ade", size = 5862, upload-time = "2026-05-01T22:30:04.748Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/1d/7a/9c97a7b9cbe4c5dc6a44cdb1545450c28f0c8ce89b9c1f0ee7fbad896263/langchain_protocol-0.0.15-py3-none-any.whl", hash = "sha256:461eb794358f83d5e42635a5797799ffec7b4702314e34edf73ac21e75d3ef79", size = 6982, upload-time = "2026-05-01T22:30:03.877Z" }, ] [[package]]