sync: upstream v0.9.0-rc2#258
Conversation
…1670) Signed-off-by: Guangya Liu <gyliu513@gmail.com>
* Pin :latest image tags and enable strict presubmit check Pin GPU manifest images to specific versions (vllm/vllm-openai:v0.21.0, lmsysorg/sglang:v0.5.12) so the check-latest-tags script passes in strict mode. Flip the presubmit target from check-latest-tags (warn-only) to check-latest-tags-strict so :latest regressions block merge. Fix the grep pattern in check-latest-tags.sh to also detect an image: key at column 0 in YAML files, where the previous pattern required leading whitespace. Resolves llm-d#1568 Signed-off-by: Jonathan Wrede <wrede.jonathan00@gmail.com> * Allow :latest for llm-d-owned images in tag check External images are pinned because llm-d does not control their release cadence, and unannounced API or behavior changes there have repeatedly broken PR CI. Images owned by the llm-d project track :latest on main so cross-component regressions surface in normal PR runs rather than later. The check now fails only on :latest for external images and skips images under ghcr.io/llm-d and quay.io/llm-d. Signed-off-by: Jonathan Wrede <wrede.jonathan00@gmail.com> --------- Signed-off-by: Jonathan Wrede <wrede.jonathan00@gmail.com>
Signed-off-by: llm-d-router-release-notes[bot] <287676111+llm-d-router-release-notes[bot]@users.noreply.github.com> Co-authored-by: llm-d-router-release-notes[bot] <287676111+llm-d-router-release-notes[bot]@users.noreply.github.com>
…#1675) * release: configure and pass LATENCY_PREDICTOR_TAG via Makefile Signed-off-by: Cong Liu <conliu@google.com> * Apply suggestions from code review Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> Signed-off-by: Cong Liu <conliu@google.com> --------- Signed-off-by: Cong Liu <conliu@google.com> Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
📝 WalkthroughWalkthroughThe PR pins external container images ( Estimated code review effort🎯 3 (Moderate) | ⏱️ ~20 minutes 🚥 Pre-merge checks | ✅ 9 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (9 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. Comment |
There was a problem hiding this comment.
Actionable comments posted: 2
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In @.github/ISSUE_TEMPLATE/new-release.md:
- Around line 114-124: The release template in the new-release.md issue template
instructs contributors to send unreleased and potentially embargoed release
notes to external third-party LLM services (Gemini, Copilot, ChatGPT), creating
a data exposure vulnerability. Remove or replace the instruction block (the
numbered list item mentioning "Summarize the release notes using an LLM of your
choice") with a safer alternative that either omits the LLM summarization step
entirely, restricts it to only already-published content, or recommends using
internal tools only. This prevents sensitive pre-release information from being
transmitted to external services before official publication.
In `@Makefile`:
- Line 352: The CHART variable in the helm-push target is unquoted when
interpolated into the shell command passed to hack/push-chart.sh, creating a
shell injection vulnerability. Quote the CHART variable assignment using double
quotes (similar to how other variables like HELM and YQ are already quoted in
the same line) to prevent shell metacharacters from being interpreted as
commands.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Central YAML (base), Organization UI (inherited)
Review profile: CHILL
Plan: Enterprise
Run ID: 0e71baf0-b06d-4d61-b6cc-3f8467b62e7d
📒 Files selected for processing (13)
.github/ISSUE_TEMPLATE/new-release.mdMakefileconfig/manifests/sglang/gpu-deployment.yamlconfig/manifests/vllm/gpu-deployment.yamlconfig/manifests/vllm/gpu-grpc-deployment.yamlconfig/manifests/vllm/gpu-multilora-deployment.yamlconfig/manifests/vllm/gpu-prefix-cache-deployment.yamlpkg/epp/framework/plugins/requestcontrol/dataproducer/preciseprefixcache/producer.gopkg/epp/framework/plugins/scheduling/profilehandler/disagg/disagg_profile_handler.gopkg/epp/framework/plugins/scheduling/profilehandler/disagg/pd_profile_handler.gopkg/epp/framework/plugins/scheduling/scorer/preciseprefixcache/precise_prefix_cache.gorelease-notes.d/unreleased/1657.mdscripts/check-latest-tags.sh
| 1. Summarize the release notes using an LLM of your choice (e.g., Gemini, Copilot, ChatGPT). Provide the newly compiled release notes block from `RELEASE-NOTES.md` (or the unreleased fragments in `release-notes.d/unreleased/`) with the following prompt: | ||
|
|
||
| ```text | ||
| Please summarize these release notes into three clear sections: | ||
| 1. Highlights (key features, performance wins, bug fixes) | ||
| 2. Upgrade Steps & Deprecations (configuration changes, deprecated flags/metrics) | ||
| 3. Known Issues (if any, otherwise omit) | ||
| ``` | ||
|
|
||
| Review the generated content, edit it if necessary to ensure accuracy, and then copy and prepend this summary at the very top of the release description box on GitHub. | ||
| 1. If this is a release candidate, select the "This is a pre-release" checkbox. |
There was a problem hiding this comment.
Release template instructs external LLM use on unreleased notes, creating data-exposure risk (CWE-200).
This workflow can disclose embargoed/security-sensitive release content to third-party services before publication.
Patch
- 1. Summarize the release notes using an LLM of your choice (e.g., Gemini, Copilot, ChatGPT). Provide the newly compiled release notes block from `RELEASE-NOTES.md` (or the unreleased fragments in `release-notes.d/unreleased/`) with the following prompt:
+ 1. Summarize release notes only after removing confidential/embargoed/security-sensitive details. Prefer approved internal tooling; do not paste unreleased sensitive content into third-party LLM services.
+ Use the following prompt with sanitized content:As per coding guidelines, "**/.github/**: ... controls CI/CD, code review ownership, and repository behavior. Changes here have outsized security impact."
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In @.github/ISSUE_TEMPLATE/new-release.md around lines 114 - 124, The release
template in the new-release.md issue template instructs contributors to send
unreleased and potentially embargoed release notes to external third-party LLM
services (Gemini, Copilot, ChatGPT), creating a data exposure vulnerability.
Remove or replace the instruction block (the numbered list item mentioning
"Summarize the release notes using an LLM of your choice") with a safer
alternative that either omits the LLM summarization step entirely, restricts it
to only already-published content, or recommends using internal tools only. This
prevents sensitive pre-release information from being transmitted to external
services before official publication.
Source: Coding guidelines
| helm-push: yq helm-install ## Package and push a specified Helm chart. Usage: make helm-push CHART=<chart_name> | ||
| @if [ -z "$(CHART)" ]; then echo "Error: CHART variable is required (e.g. CHART=llm-d-router-standalone)"; exit 1; fi | ||
| CHART=$(CHART) EXTRA_TAG="$(EXTRA_TAG)" CHART_SUFFIX="$(CHART_SUFFIX)" EPP_RELEASE_IMAGE_REPOSITORY="$(EPP_RELEASE_IMAGE_REPOSITORY)" YQ="$(YQ)" HELM="$(HELM)" ./hack/push-chart.sh | ||
| CHART=$(CHART) EXTRA_TAG="$(EXTRA_TAG)" CHART_SUFFIX="$(CHART_SUFFIX)" EPP_RELEASE_IMAGE_REPOSITORY="$(EPP_RELEASE_IMAGE_REPOSITORY)" LATENCY_PREDICTOR_TAG="$(LATENCY_PREDICTOR_TAG)" YQ="$(YQ)" HELM="$(HELM)" ./hack/push-chart.sh |
There was a problem hiding this comment.
Unquoted CHART in helm-push enables shell injection (CWE-78).
CHART=$(CHART) is unquoted while interpolated into a shell command line. A crafted value like make helm-push CHART='x; touch /tmp/pwned #' can execute unintended commands in release environments.
Patch
- CHART=$(CHART) EXTRA_TAG="$(EXTRA_TAG)" CHART_SUFFIX="$(CHART_SUFFIX)" EPP_RELEASE_IMAGE_REPOSITORY="$(EPP_RELEASE_IMAGE_REPOSITORY)" LATENCY_PREDICTOR_TAG="$(LATENCY_PREDICTOR_TAG)" YQ="$(YQ)" HELM="$(HELM)" ./hack/push-chart.sh
+ CHART="$(CHART)" EXTRA_TAG="$(EXTRA_TAG)" CHART_SUFFIX="$(CHART_SUFFIX)" EPP_RELEASE_IMAGE_REPOSITORY="$(EPP_RELEASE_IMAGE_REPOSITORY)" LATENCY_PREDICTOR_TAG="$(LATENCY_PREDICTOR_TAG)" YQ="$(YQ)" HELM="$(HELM)" ./hack/push-chart.shAs per coding guidelines, "**/Makefile: ... Quote shell variables in targets".
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@Makefile` at line 352, The CHART variable in the helm-push target is unquoted
when interpolated into the shell command passed to hack/push-chart.sh, creating
a shell injection vulnerability. Quote the CHART variable assignment using
double quotes (similar to how other variables like HELM and YQ are already
quoted in the same line) to prevent shell metacharacters from being interpreted
as commands.
Source: Coding guidelines
last batch of commits in upstream llm-d-router v0.9.0-rc.2
Summary by CodeRabbit
Release Notes
Configuration
Improvements