build(deps): remove dependency constraint on safetensors (#443)

### Summary Removes a constraint on `safetensors` from version `0.0.38` that was preventing us from resolving a low CVE in `transformers`.
Unstructured-IO · Jul 24, 2024 · d5502d0 · d5502d0
1 parent 119e9bd
commit d5502d0
Show file tree

Hide file tree

Showing 8 changed files with 19 additions and 20 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 0.0.75
+
+* Remove constraint on `safetensors` that preventing us from bumping `transformers`.
+
 ## 0.0.74
 
 * Bump to `unstructured` 0.15.0

diff --git a/prepline_general/api/app.py b/prepline_general/api/app.py
@@ -13,7 +13,7 @@
 app = FastAPI(
     title="Unstructured Pipeline API",
     summary="Partition documents with the Unstructured library",
-    version="0.0.74",
+    version="0.0.75",
     docs_url="/general/docs",
     openapi_url="/general/openapi.json",
     servers=[

diff --git a/prepline_general/api/general.py b/prepline_general/api/general.py
@@ -649,7 +649,7 @@ def return_content_type(filename: str):
 
 
 @router.get("/general/v0/general", include_in_schema=False)
-@router.get("/general/v0.0.74/general", include_in_schema=False)
+@router.get("/general/v0.0.75/general", include_in_schema=False)
 async def handle_invalid_get_request():
     raise HTTPException(
         status_code=status.HTTP_405_METHOD_NOT_ALLOWED, detail="Only POST requests are supported."
@@ -664,7 +664,7 @@ async def handle_invalid_get_request():
     description="Description",
     operation_id="partition_parameters",
 )
-@router.post("/general/v0.0.74/general", include_in_schema=False)
+@router.post("/general/v0.0.75/general", include_in_schema=False)
 def general_partition(
     request: Request,
     # cannot use annotated type here because of a bug described here:

diff --git a/preprocessing-pipeline-family.yaml b/preprocessing-pipeline-family.yaml
@@ -1,2 +1,2 @@
 name: general
-version: 0.0.74
+version: 0.0.75
diff --git a/requirements/base.in b/requirements/base.in
@@ -12,4 +12,3 @@ backoff
 pypdf
 pycryptodome
 psutil
-
diff --git a/requirements/base.txt b/requirements/base.txt
@@ -120,7 +120,7 @@ httpx==0.27.0
     # via
     #   fastapi
     #   unstructured-client
-huggingface-hub==0.24.0
+huggingface-hub==0.24.2
     # via
     #   timm
     #   tokenizers
@@ -245,7 +245,7 @@ pdfminer-six==20231228
     #   unstructured
 pdfplumber==0.11.2
     # via layoutparser
-pikepdf==9.0.0
+pikepdf==9.1.0
     # via unstructured
 pillow==10.4.0
     # via
@@ -367,9 +367,8 @@ rich==13.7.1
     # via typer
 rsa==4.9
     # via google-auth
-safetensors==0.3.2
+safetensors==0.4.3
     # via
-    #   -c requirements/constraints.in
     #   timm
     #   transformers
 scipy==1.14.0
@@ -399,7 +398,7 @@ timm==1.0.7
     # via
     #   effdet
     #   unstructured-inference
-tokenizers==0.15.2
+tokenizers==0.19.1
     # via transformers
 torch==2.3.1
     # via
@@ -418,7 +417,7 @@ tqdm==4.66.4
     #   nltk
     #   transformers
     #   unstructured
-transformers==4.37.1
+transformers==4.43.1
     # via unstructured-inference
 typer==0.12.3
     # via fastapi-cli

diff --git a/requirements/constraints.in b/requirements/constraints.in
@@ -3,6 +3,4 @@
 # extras. Putting a dependency here will only affect dependency sets that contain them -- in other
 # words, if something does not require a constraint, it will not be installed.
 ####################################################################################################
-# Note(austin) - preventing a build error with 0.3.3
-safetensors<0.3.3
 numpy<2.0.0
diff --git a/requirements/test.txt b/requirements/test.txt
@@ -250,7 +250,7 @@ httpx==0.27.0
     #   fastapi
     #   jupyterlab
     #   unstructured-client
-huggingface-hub==0.24.0
+huggingface-hub==0.24.2
     # via
     #   -r requirements/base.txt
     #   timm
@@ -566,7 +566,7 @@ pdfplumber==0.11.2
     #   layoutparser
 pexpect==4.9.0
     # via ipython
-pikepdf==9.0.0
+pikepdf==9.1.0
     # via
     #   -r requirements/base.txt
     #   unstructured
@@ -805,17 +805,16 @@ rich==13.7.1
     # via
     #   -r requirements/base.txt
     #   typer
-rpds-py==0.19.0
+rpds-py==0.19.1
     # via
     #   jsonschema
     #   referencing
 rsa==4.9
     # via
     #   -r requirements/base.txt
     #   google-auth
-safetensors==0.3.2
+safetensors==0.4.3
     # via
-    #   -c requirements/constraints.in
     #   -r requirements/base.txt
     #   timm
     #   transformers
@@ -874,7 +873,7 @@ timm==1.0.7
     #   unstructured-inference
 tinycss2==1.3.0
     # via nbconvert
-tokenizers==0.15.2
+tokenizers==0.19.1
     # via
     #   -r requirements/base.txt
     #   transformers
@@ -930,7 +929,7 @@ traitlets==5.14.3
     #   nbconvert
     #   nbformat
     #   qtconsole
-transformers==4.37.1
+transformers==4.43.1
     # via
     #   -r requirements/base.txt
     #   unstructured-inference