Skip to content

Commit

Permalink
Some fixes for security issue (#1094)
Browse files Browse the repository at this point in the history
* Fix some security issue

* Change back version for transformers

* Add some comments
  • Loading branch information
EmmaQiaoCh authored Jan 15, 2024
1 parent 67b789a commit d0e6311
Showing 1 changed file with 5 additions and 1 deletion.
6 changes: 5 additions & 1 deletion docker/dockerfile.merlin
Original file line number Diff line number Diff line change
Expand Up @@ -169,6 +169,9 @@ RUN ARCH=$([ "${TARGETARCH}" = "arm64" ] && echo "sbsa" || echo "x86_64") && \
apt-key adv --fetch-keys https://developer.download.nvidia.com/compute/cuda/repos/ubuntu2204/${ARCH}/3bf863cc.pub && \
add-apt-repository "deb https://developer.download.nvidia.com/compute/cuda/repos/ubuntu2204/${ARCH}/ /" && \
apt install -y --no-install-recommends \
# Add libc and libc-bin for security issue VE-2023-4911
libc6 \
libc-bin \
ca-certificates \
clang-format \
curl \
Expand Down Expand Up @@ -300,8 +303,9 @@ COPY --chown=1000:1000 --from=dlfw /usr/local/lib/python${PYTHON_VERSION}/dist-p
COPY --chown=1000:1000 --from=dlfw /usr/local/lib/python${PYTHON_VERSION}/dist-packages/cubinlinker-*.dist-info /usr/local/lib/python${PYTHON_VERSION}/dist-packages/cubinlinker.dist-info/

# There 'Illegal instruction' error, add env 'LIGHTFM_NO_CFLAGS' to workaround
# Add pyarrow-hotfix for https://github.com/advisories/GHSA-5wvp-7f3h-6wmm
ENV LIGHTFM_NO_CFLAGS=1
RUN pip install --no-cache-dir jupyterlab notebook pydot testbook numpy==1.22.4 lightfm
RUN pip install --no-cache-dir jupyterlab notebook pydot testbook numpy==1.22.4 lightfm pyarrow-hotfix

ENV JUPYTER_CONFIG_DIR=/tmp/.jupyter
ENV JUPYTER_DATA_DIR=/tmp/.jupyter
Expand Down

0 comments on commit d0e6311

Please sign in to comment.