From 6e59d3c1cfb690e80de1570c4bef7d205700b654 Mon Sep 17 00:00:00 2001
From: wistuba <marwistu@amazon.com>
Date: Tue, 2 Jul 2024 15:16:27 +0200
Subject: [PATCH] Address Security Issues with Dependencies (#555)

---
 .github/workflows/run_unit_tests.yml          |  2 +-
 doc/requirements.txt                          | 10 +++----
 pyproject.toml                                |  6 ++---
 requirements.txt                              | 26 +++++++++----------
 src/renate/__init__.py                        |  2 +-
 .../updaters/avalanche/model_updater.py       |  8 +++---
 src/renate/updaters/experimental/er.py        |  6 ++---
 src/renate/updaters/model_updater.py          |  6 ++---
 .../benchmark/test_experimentation_config.py  |  6 ++---
 9 files changed, 37 insertions(+), 35 deletions(-)

diff --git a/.github/workflows/run_unit_tests.yml b/.github/workflows/run_unit_tests.yml
index 5842e0e3..1ed3d280 100644
--- a/.github/workflows/run_unit_tests.yml
+++ b/.github/workflows/run_unit_tests.yml
@@ -11,7 +11,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        python-version: ["3.8", "3.9"]
+        python-version: ["3.8", "3.9", "3.10"]
 
     steps:
       - name: Checkout
diff --git a/doc/requirements.txt b/doc/requirements.txt
index c85b1e92..cc805761 100644
--- a/doc/requirements.txt
+++ b/doc/requirements.txt
@@ -1,10 +1,10 @@
-docutils==0.20.1
-Sphinx==7.2.6
+docutils==0.21.2
+Sphinx==7.3.7
 sphinx-copybutton==0.5.2
-sphinx-hoverxref==1.3.0
+sphinx-hoverxref==1.4.0
 sphinxext-opengraph==0.9.1
-pydata-sphinx-theme==0.14.4
-sphinx-autodoc-typehints==1.25.2
+pydata-sphinx-theme==0.15.4
+sphinx-autodoc-typehints==2.2.2
 sphinx-paramlinks==0.6.0
 
 # Temporarily added
diff --git a/pyproject.toml b/pyproject.toml
index d11f6740..4393432f 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -25,13 +25,13 @@ benchmark = [
     "wild-time-data==0.1.1",
 ]
 dev = [
-    "black==23.12.0",
+    "black==24.4.2",
     "avalanche_lib==0.3.1",
     "wild-time-data==0.1.1",
     "torch>=1.10.0, <1.12.2",
     # PyTest Dependencies
-    "pytest==7.4.3",
-    "pytest-cov==4.1.0",
+    "pytest==8.2.2",
+    "pytest-cov==5.0.0",
     "pytest-helpers-namespace==2021.12.29",
     ]
 
diff --git a/requirements.txt b/requirements.txt
index 6eb08184..1731581a 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,17 +1,17 @@
-numpy>=1.17.2, <1.26.3
+numpy>=1.17.2, <2.0.1
 torch>=1.10.0, <1.13.2
-pandas>=1.4.0, <2.1.5
-boto3>=1.26.0, <1.34.3
-requests>=2.31.0, <2.31.1
-sagemaker>=2.112.0, <2.200.2
-syne-tune[aws,gpsearchers]>=0.6.0, <0.10.1
-pytorch-lightning>=1.8.0, <1.9.5
-Pillow>=10.2, <10.2.1
+pandas>=1.4.0, <2.2.3
+boto3>=1.26.0, <1.34.138
+requests>=2.32.0, <2.32.4
+sagemaker>=2.218.0, <2.224.3
+syne-tune[aws,gpsearchers]>=0.6.0, <0.13.1
+pytorch-lightning>=1.8.0, <1.9.6
+Pillow>=10.3.0, <10.4.1
 tabulate>=0.9.0, <0.9.1
 tensorboardX>=2.5.0, <2.6.3
 torchmetrics>=0.11.0, <0.11.5
-torchvision>=0.13.0, <0.16.3
-deepspeed>=0.9.0, <0.12.6
-datasets>=2.9.0, <2.15.1
-transformers>=4.36.0, <4.36.3
-scipy>=1.10.0, <1.12.1
+torchvision>=0.13.0, <0.18.2
+deepspeed>=0.9.0, <0.14.5
+datasets>=2.9.0, <2.20.1
+transformers>=4.38.0, <4.42.4
+scipy>=1.10.0, <1.14.1
diff --git a/src/renate/__init__.py b/src/renate/__init__.py
index 77746254..afd713d7 100644
--- a/src/renate/__init__.py
+++ b/src/renate/__init__.py
@@ -14,4 +14,4 @@
     _renate_logger.addHandler(_handler)
     _renate_logger.propagate = False
 
-__version__ = "0.5.1"
+__version__ = "0.5.2"
diff --git a/src/renate/updaters/avalanche/model_updater.py b/src/renate/updaters/avalanche/model_updater.py
index d1692b7f..d07e5bdc 100644
--- a/src/renate/updaters/avalanche/model_updater.py
+++ b/src/renate/updaters/avalanche/model_updater.py
@@ -79,9 +79,11 @@ def _load_learner(
             optimizer, scheduler_config = optimizer[0], scheduler_config[0]
             lr_scheduler_plugin = LRSchedulerPlugin(
                 scheduler=scheduler_config["scheduler"],
-                step_granularity="iteration"
-                if scheduler_config["interval"] == "step"
-                else scheduler_config["interval"],
+                step_granularity=(
+                    "iteration"
+                    if scheduler_config["interval"] == "step"
+                    else scheduler_config["interval"]
+                ),
             )
             plugins.append(lr_scheduler_plugin)
         else:
diff --git a/src/renate/updaters/experimental/er.py b/src/renate/updaters/experimental/er.py
index e9fe4018..708760bf 100644
--- a/src/renate/updaters/experimental/er.py
+++ b/src/renate/updaters/experimental/er.py
@@ -194,9 +194,9 @@ def _update_memory_buffer(self, step_output: STEP_OUTPUT) -> None:
         outputs = step_output["outputs"]
         metadata = {"outputs": outputs.detach().cpu()}
         for i, intermediate_representation in enumerate(step_output["intermediate_representation"]):
-            metadata[
-                f"intermediate_representation_{i}"
-            ] = intermediate_representation.detach().cpu()
+            metadata[f"intermediate_representation_{i}"] = (
+                intermediate_representation.detach().cpu()
+            )
         # Some datasets have problems using tensors as subset indices, convert to list of ints.
         train_data_idx = [int(idx) for idx in step_output["train_data_idx"]]
         dataset = Subset(self._train_dataset, train_data_idx)
diff --git a/src/renate/updaters/model_updater.py b/src/renate/updaters/model_updater.py
index 734e6229..4b768744 100644
--- a/src/renate/updaters/model_updater.py
+++ b/src/renate/updaters/model_updater.py
@@ -293,9 +293,9 @@ def __init__(
         self._learner_kwargs["mask_unused_classes"] = mask_unused_classes
         if learning_rate_scheduler is not None:
             self._learner_kwargs["learning_rate_scheduler"] = learning_rate_scheduler
-            self._learner_kwargs[
-                "learning_rate_scheduler_interval"
-            ] = learning_rate_scheduler_interval
+            self._learner_kwargs["learning_rate_scheduler_interval"] = (
+                learning_rate_scheduler_interval
+            )
         self._model = model
         self._learner_state_file: Optional[str] = None
         if input_state_folder is not None:
diff --git a/test/renate/benchmark/test_experimentation_config.py b/test/renate/benchmark/test_experimentation_config.py
index 3cd076d1..98e6a08d 100644
--- a/test/renate/benchmark/test_experimentation_config.py
+++ b/test/renate/benchmark/test_experimentation_config.py
@@ -51,9 +51,9 @@ def test_model_fn(model_name, expected_model_class):
         num_outputs=2,
         num_hidden_layers=1 if model_name == "MultiLayerPerceptron" else None,
         hidden_size=1 if model_name == "MultiLayerPerceptron" else None,
-        pretrained_model_name_or_path="distilbert-base-uncased"
-        if model_name == "HuggingFaceTransformer"
-        else None,
+        pretrained_model_name_or_path=(
+            "distilbert-base-uncased" if model_name == "HuggingFaceTransformer" else None
+        ),
     )
     assert isinstance(model, expected_model_class)