Skip to content

Revert "Molmo Requirements (#17026)" #17189

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Revert "Molmo Requirements (#17026)" #17189

wants to merge 1 commit into from

Conversation

@russellb
Copy link
Member

@russellb russellb commented Apr 25, 2025
edited by github-actions bot
Loading

This reverts commit 47bdee4 from #17026.

This PR introduced a requirements file pinning versions of vllm and
dependencies to ones that have known security vulnerabilties. This set
off a bunch of warnings in my security dashboard for vllm. We should not
have any recommendations for installing vulnerable versions, so I
suggest this be reverted.

Signed-off-by: Russell Bryant [email protected]

@russellb
Revert "Molmo Requirements (vllm-project#17026)"
66da903 
This reverts commit 47bdee4.

This PR introduced a requirements file pinning versions of vllm and
dependencies to ones that have known security vulnerabilties. This set
off a bunch of warnings in my security dashboard for vllm. We should not
have any recommendations for installing vulnerable versions, so I
suggest this be reverted.

Signed-off-by: Russell Bryant <[email protected]>
@github-actions
Copy link

github-actions bot commented Apr 25, 2025

👋 Hi! Thank you for contributing to the vLLM project.

💬 Join our developer Slack at https://slack.vllm.ai to discuss your PR in #pr-reviews, coordinate on features in #feat- channels, or join special interest groups in #sig- channels.

Just a reminder: PRs would not trigger full CI run by default. Instead, it would only run fastcheck CI which starts running only a small and essential subset of CI tests to quickly catch errors. You can run other CI tests on top of those by going to your fastcheck build on Buildkite UI (linked in the PR checks section) and unblock them. If you do not have permission to unblock, ping simon-mo or khluu to add you in our Buildkite org.

Once the PR is approved and ready to go, your PR reviewer(s) can run CI to test the changes comprehensively before merging.

To run CI, PR reviewers can either: Add ready label to the PR or enable auto-merge.

🚀

@mergify mergify bot added documentation Improvements or additions to documentation ci/build labels Apr 25, 2025
@russellb russellb mentioned this pull request Apr 25, 2025
Merged
@russellb russellb requested a review from DarkLight1337 April 25, 2025 14:16
@russellb russellb added the security Security related issues and PRs label Apr 25, 2025
@russellb
Copy link
Member Author

russellb commented Apr 25, 2025

closed in favor of #17190 17190

@russellb russellb closed this Apr 25, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@DarkLight1337 DarkLight1337 Awaiting requested review from DarkLight1337

Assignees

No one assigned

Labels

ci/build documentation Improvements or additions to documentation security Security related issues and PRs

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@russellb