Skip to content

Commit 53ced64

Browse files
Catherine Balajadiafacebook-github-bot
Catherine Balajadia
authored andcommitted
[3PRe] [Thorough review needed] Fix vulnerability- pypi/upgrade transformers reference from 3.4.0-transitional (vuln) to 4.41.2 (less vuln)
Summary: The 3P Library Vulnerability Remediation Team is dedicated to remediating high-risk external libraries at Meta using both manual and automated processes. Older versions of this library have been identified as risky, and this diff stack is intended to upgrade the library to a recommended version. ----------- We kindly request your help with the diff review. Please commandeer this diff stack if specific merges need to be added or if there are any build or dependency failures. ----------- General change: 1. Update library reference to old library to newer version in bzl 2. Update import reference to old library to the newer version in actual codes ________________ TPMS: https://fburl.com/third_party_metadata/e12wxl9w Vulnerability Information: CVE-2023-2800 ( cvss3=4.7 ) https://www.internalfb.com/intern/vulnerability_management/vulnerabilities/CVE-2023-2800 CVE-2023-6730 ( cvss3=8.8 ) https://www.internalfb.com/intern/vulnerability_management/vulnerabilities/CVE-2023-6730 CVE-2023-7018 ( cvss3=7.8 ) https://www.internalfb.com/intern/vulnerability_management/vulnerabilities/CVE-2023-7018 CVE-2024-11392 ( cvss3=8.8 ) https://www.internalfb.com/intern/vulnerability_management/vulnerabilities/CVE-2024-11392 CVE-2024-11393 ( cvss3=8.8 ) https://www.internalfb.com/intern/vulnerability_management/vulnerabilities/CVE-2024-11393 CVE-2024-11394 ( cvss3=8.8 ) https://www.internalfb.com/intern/vulnerability_management/vulnerabilities/CVE-2024-11394 CVE-2024-3568 ( cvss3=3.4 ) https://www.internalfb.com/intern/vulnerability_management/vulnerabilities/CVE-2024-3568 SNYK-PYTHON-TRANSFORMERS-3092483 ( cvss3=5.4 ) https://www.internalfb.com/intern/vulnerability_management/vulnerabilities/SNYK-PYTHON-TRANSFORMERS-3092483 SNYK-PYTHON-TRANSFORMERS-6220003 ( cvss3=6.5 ) https://www.internalfb.com/intern/vulnerability_management/vulnerabilities/SNYK-PYTHON-TRANSFORMERS-6220003 Reviewed By: ebsmothers Differential Revision: D71058400 fbshipit-source-id: 77a291aea93f46340ce2dc1e4b8e8845c377f3f5
1 parent 3c541ee commit 53ced64

File tree

1 file changed

+6
-6
lines changed

1 file changed

+6
-6
lines changed

mmf/modules/hf_layers.py

+6-6
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,8 @@
88
from torch import nn, Tensor
99

1010
try:
11-
from transformers3.modeling_bert import (
11+
from transformers.modeling_utils import PreTrainedModel
12+
from transformers.models.bert.modeling_bert import (
1213
BertAttention,
1314
BertEmbeddings,
1415
BertEncoder,
@@ -18,17 +19,17 @@
1819
BertSelfAttention,
1920
BertSelfOutput,
2021
)
21-
from transformers3.modeling_roberta import (
22+
from transformers.models.roberta.modeling_roberta import (
2223
RobertaAttention,
2324
RobertaEmbeddings,
2425
RobertaEncoder,
2526
RobertaLayer,
2627
RobertaModel,
2728
RobertaSelfAttention,
2829
)
29-
from transformers3.modeling_utils import PreTrainedModel
3030
except ImportError:
31-
from transformers.modeling_bert import (
31+
from transformers.modeling_utils import PreTrainedModel
32+
from transformers.models.bert.modeling_bert import (
3233
BertAttention,
3334
BertEmbeddings,
3435
BertEncoder,
@@ -38,15 +39,14 @@
3839
BertSelfAttention,
3940
BertSelfOutput,
4041
)
41-
from transformers.modeling_roberta import (
42+
from transformers.models.roberta.modeling_roberta import (
4243
RobertaAttention,
4344
RobertaEmbeddings,
4445
RobertaEncoder,
4546
RobertaLayer,
4647
RobertaModel,
4748
RobertaSelfAttention,
4849
)
49-
from transformers.modeling_utils import PreTrainedModel
5050

5151

5252
patch_functions = [

0 commit comments

Comments
 (0)