aws · Jyothirmaikottu · Feb 5, 2026 · Feb 5, 2026 · Feb 5, 2026 · Feb 6, 2026
@@ -36,13 +36,13 @@ deep_canary_mode = false
 
 [build]
 # Add in frameworks you would like to build. By default, builds are disabled unless you specify building an image.
-# available frameworks - ["base", "vllm", "sglang", "autogluon", "huggingface_vllm", "huggingface_tensorflow", "huggingface_pytorch", "huggingface_tensorflow_trcomp", "huggingface_pytorch_trcomp", "pytorch_trcomp", "tensorflow", "pytorch", "stabilityai_pytorch"]
-build_frameworks = []
+# available frameworks - ["base", "vllm", "sglang", "autogluon", "huggingface_tensorflow", "huggingface_pytorch", "huggingface_tensorflow_trcomp", "huggingface_pytorch_trcomp", "pytorch_trcomp", "tensorflow", "pytorch", "stabilityai_pytorch"]
+build_frameworks = ["tensorflow"]
 
 
 # By default we build both training and inference containers. Set true/false values to determine which to build.
 build_training = true
-build_inference = true
+build_inference = false
 
 # Set do_build to "false" to skip builds and test the latest image built by this PR
 # Note: at least one build is required to set do_build to "false"
@@ -125,7 +125,7 @@ dlc-pr-base = ""
 
 # Standard Framework Training
 dlc-pr-pytorch-training = ""
-dlc-pr-tensorflow-2-training = ""
+dlc-pr-tensorflow-2-training = "tensorflow/training/buildspec-2-19-sm.yml"
 dlc-pr-autogluon-training = ""
 
 # ARM64 Training

@@ -5,7 +5,7 @@ framework: &FRAMEWORK tensorflow
 version: &VERSION 2.19.0
 short_version: &SHORT_VERSION "2.19"
 arch_type: x86
-autopatch_build: "True"
+autopatch_build: "False"
 
 repository_info:
   training_repository: &TRAINING_REPOSITORY

@@ -132,7 +132,7 @@ RUN wget https://www.python.org/ftp/python/$PYTHON_VERSION/Python-$PYTHON_VERSIO
 
 RUN ${PIP} --no-cache-dir install --upgrade \
     pip \
-    setuptools
+    "setuptools==81.0.0"
 
 # Some TF tools expect a "python" binary
 RUN ln -s $(which ${PYTHON}) /usr/local/bin/python \
@@ -305,6 +305,34 @@ RUN /usr/local/bin/jupyter-kernelspec remove -f python3
 # Remove ipykernel
 RUN rm -rf /usr/local/share/jupyter/kernels/python3/kernel.json
 
+# Clean up JupyterLab staging and test directories to reduce image size
+RUN rm -rf /usr/local/lib/python*/site-packages/jupyterlab/staging \
+    && rm -rf /usr/local/lib/python*/site-packages/jupyterlab/tests \
+    && rm -rf /usr/local/share/jupyter/lab/staging \
+    && rm -rf /root/.cache \
+    && rm -rf /root/.local \
+    && rm -rf /var/cache/* \
+    && rm -rf /root/.cargo/registry \
+    && rm -rf /root/.cargo/git \
+    && rm -rf /root/.rustup/toolchains/*/share/doc \
+    && rm -rf /root/.rustup/toolchains/*/share/man \
+    && rm -rf /root/.rustup/tmp \
+    && rm -rf /usr/share/doc/* \
+    && rm -rf /usr/share/man/* \
+    && rm -rf /usr/share/info/* \
+    && rm -rf /var/log/* \
+    && find /usr/local/lib/python*/site-packages -name "*.pyc" -delete \
+    && find /usr/local/lib/python*/site-packages -name "__pycache__" -type d -exec rm -rf {} + 2>/dev/null || true \
+    && find /usr/local/lib/python*/site-packages -name "tests" -type d -exec rm -rf {} + 2>/dev/null || true \
+    && find /usr/local/lib/python*/site-packages -name "test" -type d -exec rm -rf {} + 2>/dev/null || true \
+    && find /usr/local/lib/python*/site-packages -name "*.pyx" -delete \
+    && find /usr/local/lib/python*/site-packages -name "*.c" -delete \
+    && find /usr/local/lib/python*/site-packages -name "*.h" -delete \
+    && find /usr/local -name "*.a" -delete \
+    && find /usr/local/lib/python*/site-packages -type d -name "docs" -exec rm -rf {} + 2>/dev/null || true \
+    && find /usr/local/lib/python*/site-packages -type d -name "doc" -exec rm -rf {} + 2>/dev/null || true \
+    && find /usr/local/lib/python*/site-packages -type d -name "examples" -exec rm -rf {} + 2>/dev/null || true
+
 # remove tmp files
 RUN rm -rf /tmp/*
 

@@ -549,37 +549,6 @@
       "reason_to_ignore": "N/A"
     }
   ],
-  "jaraco.context": [
-    {
-      "description": "jaraco.context, an open-source software package that provides some useful decorators and context managers, has a Zip Slip path traversal vulnerability in the `jaraco.context.tarball()` function starting in version 5.2.0 and prior to version 6.1.0. The vulnerability may allow attackers to extract files outside the intended extraction directory when malicious tar archives are processed. The strip_first_component filter splits the path on the first `/` and extracts the second component, while allowing `../` sequences. Paths like `dummy_dir/../../etc/passwd` become `../../etc/passwd`. Note that this suffers from a nested tarball attack as well with multi-level tar files such as `dummy_dir/inner.tar.gz`, where the inner.tar.gz includes a traversal `dummy_dir/../../config/.env` that also gets translated to `../../config/.env`. Version 6.1.0 contains a patch for the issue.",
-      "vulnerability_id": "CVE-2026-23949",
-      "name": "CVE-2026-23949",
-      "package_name": "jaraco.context",
-      "package_details": {
-        "file_path": "/usr/local/lib/python3.12/site-packages/setuptools/_vendor/jaraco.context-5.3.0.dist-info/METADATA",
-        "name": "jaraco.context",
-        "package_manager": "PYTHON",
-        "version": "5.3.0",
-        "release": null
-      },
-      "remediation": {
-        "recommendation": {
-          "text": "None Provided"
-        }
-      },
-      "cvss_v3_score": 8.6,
-      "cvss_v30_score": 0.0,
-      "cvss_v31_score": 8.6,
-      "cvss_v2_score": 0.0,
-      "cvss_v3_severity": "HIGH",
-      "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23949",
-      "source": "NVD",
-      "severity": "HIGH",
-      "status": "ACTIVE",
-      "title": "CVE-2026-23949 - jaraco.context",
-      "reason_to_ignore": "N/A"
-    }
-  ],
   "qs": [
     {
       "description": "Improper Input Validation vulnerability in qs (parse modules) allows HTTP DoS.This issue affects qs: < 6.14.1.\n\nSummaryThe arrayLimit\u00a0option in qs does not enforce limits for bracket notation (a[]=1&a[]=2), allowing attackers to cause denial-of-service via memory exhaustion. Applications using arrayLimit\u00a0for DoS protection are vulnerable.\n\nDetailsThe arrayLimit\u00a0option only checks limits for indexed notation (a[0]=1&a[1]=2) but completely bypasses it for bracket notation (a[]=1&a[]=2).\n\nVulnerable code\u00a0(lib/parse.js:159-162):\n\nif (root === '[]' && options.parseArrays) { obj = utils.combine([], leaf); // No arrayLimit check }\n\nWorking code\u00a0(lib/parse.js:175):\n\nelse if (index <= options.arrayLimit) { // Limit checked here obj = []; obj[index] = leaf; }\n\nThe bracket notation handler at line 159 uses utils.combine([], leaf)\u00a0without validating against options.arrayLimit, while indexed notation at line 175 checks index <= options.arrayLimit\u00a0before creating arrays.\n\nPoCTest 1 - Basic bypass:\n\nnpm install qs\n\nconst qs",

@@ -193,7 +193,7 @@ RUN wget https://www.python.org/ftp/python/$PYTHON_VERSION/Python-$PYTHON_VERSIO
 
 RUN ${PIP} --no-cache-dir install --upgrade \
    pip \
-   setuptools \
+   "setuptools==81.0.0" \
    wheel
 
 # Some TF tools expect a "python" binary
@@ -392,6 +392,34 @@ RUN /usr/local/bin/jupyter-kernelspec remove -f python3
 # Remove ipykernel
 RUN rm -rf /usr/local/share/jupyter/kernels/python3/kernel.json
 
+# Clean up JupyterLab staging and test directories to reduce image size
+RUN rm -rf /usr/local/lib/python*/site-packages/jupyterlab/staging \
+    && rm -rf /usr/local/lib/python*/site-packages/jupyterlab/tests \
+    && rm -rf /usr/local/share/jupyter/lab/staging \
+    && rm -rf /root/.cache \
+    && rm -rf /root/.local \
+    && rm -rf /var/cache/* \
+    && rm -rf /root/.cargo/registry \
+    && rm -rf /root/.cargo/git \
+    && rm -rf /root/.rustup/toolchains/*/share/doc \
+    && rm -rf /root/.rustup/toolchains/*/share/man \
+    && rm -rf /root/.rustup/tmp \
+    && rm -rf /usr/share/doc/* \
+    && rm -rf /usr/share/man/* \
+    && rm -rf /usr/share/info/* \
+    && rm -rf /var/log/* \
+    && find /usr/local/lib/python*/site-packages -name "*.pyc" -delete \
+    && find /usr/local/lib/python*/site-packages -name "__pycache__" -type d -exec rm -rf {} + 2>/dev/null || true \
+    && find /usr/local/lib/python*/site-packages -name "tests" -type d -exec rm -rf {} + 2>/dev/null || true \
+    && find /usr/local/lib/python*/site-packages -name "test" -type d -exec rm -rf {} + 2>/dev/null || true \
+    && find /usr/local/lib/python*/site-packages -name "*.pyx" -delete \
+    && find /usr/local/lib/python*/site-packages -name "*.c" -delete \
+    && find /usr/local/lib/python*/site-packages -name "*.h" -delete \
+    && find /usr/local -name "*.a" -delete \
+    && find /usr/local/lib/python*/site-packages -type d -name "docs" -exec rm -rf {} + 2>/dev/null || true \
+    && find /usr/local/lib/python*/site-packages -type d -name "doc" -exec rm -rf {} + 2>/dev/null || true \
+    && find /usr/local/lib/python*/site-packages -type d -name "examples" -exec rm -rf {} + 2>/dev/null || true
+
 # remove tmp files
 RUN rm -rf /tmp/*
 

@@ -549,37 +549,6 @@
       "reason_to_ignore": "N/A"
     }
   ],
-  "jaraco.context": [
-    {
-      "description": "jaraco.context, an open-source software package that provides some useful decorators and context managers, has a Zip Slip path traversal vulnerability in the `jaraco.context.tarball()` function starting in version 5.2.0 and prior to version 6.1.0. The vulnerability may allow attackers to extract files outside the intended extraction directory when malicious tar archives are processed. The strip_first_component filter splits the path on the first `/` and extracts the second component, while allowing `../` sequences. Paths like `dummy_dir/../../etc/passwd` become `../../etc/passwd`. Note that this suffers from a nested tarball attack as well with multi-level tar files such as `dummy_dir/inner.tar.gz`, where the inner.tar.gz includes a traversal `dummy_dir/../../config/.env` that also gets translated to `../../config/.env`. Version 6.1.0 contains a patch for the issue.",
-      "vulnerability_id": "CVE-2026-23949",
-      "name": "CVE-2026-23949",
-      "package_name": "jaraco.context",
-      "package_details": {
-        "file_path": "/usr/local/lib/python3.12/site-packages/setuptools/_vendor/jaraco.context-5.3.0.dist-info/METADATA",
-        "name": "jaraco.context",
-        "package_manager": "PYTHON",
-        "version": "5.3.0",
-        "release": null
-      },
-      "remediation": {
-        "recommendation": {
-          "text": "None Provided"
-        }
-      },
-      "cvss_v3_score": 8.6,
-      "cvss_v30_score": 0.0,
-      "cvss_v31_score": 8.6,
-      "cvss_v2_score": 0.0,
-      "cvss_v3_severity": "HIGH",
-      "source_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23949",
-      "source": "NVD",
-      "severity": "HIGH",
-      "status": "ACTIVE",
-      "title": "CVE-2026-23949 - jaraco.context",
-      "reason_to_ignore": "N/A"
-    }
-  ],
   "qs": [
     {
       "description": "Improper Input Validation vulnerability in qs (parse modules) allows HTTP DoS.This issue affects qs: < 6.14.1.\n\nSummaryThe arrayLimit\u00a0option in qs does not enforce limits for bracket notation (a[]=1&a[]=2), allowing attackers to cause denial-of-service via memory exhaustion. Applications using arrayLimit\u00a0for DoS protection are vulnerable.\n\nDetailsThe arrayLimit\u00a0option only checks limits for indexed notation (a[0]=1&a[1]=2) but completely bypasses it for bracket notation (a[]=1&a[]=2).\n\nVulnerable code\u00a0(lib/parse.js:159-162):\n\nif (root === '[]' && options.parseArrays) { obj = utils.combine([], leaf); // No arrayLimit check }\n\nWorking code\u00a0(lib/parse.js:175):\n\nelse if (index <= options.arrayLimit) { // Limit checked here obj = []; obj[index] = leaf; }\n\nThe bracket notation handler at line 159 uses utils.combine([], leaf)\u00a0without validating against options.arrayLimit, while indexed notation at line 175 checks index <= options.arrayLimit\u00a0before creating arrays.\n\nPoCTest 1 - Basic bypass:\n\nnpm install qs\n\nconst qs",