fix: remove CVE introduced by aiconfigurator to runtime containers (#3367)

Signed-off-by: Harrison Saturley-Hall <hsaturleyhal@nvidia.com>

fix: remove CVE introduced by aiconfigurator to runtime containers (#3367)
Signed-off-by: Harrison Saturley-Hall <hsaturleyhal@nvidia.com>
e1ed7009 · Harrison Saturley-Hall · GitHub · 8969240a · e1ed7009 · e1ed7009
Unverified Commit e1ed7009 authored Oct 03, 2025 by Harrison Saturley-Hall Committed by GitHub Oct 03, 2025
6 changed files
--- a/benchmarks/pyproject.toml
+++ b/benchmarks/pyproject.toml
@@ -40,6 +40,7 @@ classifiers = [
 ]
 dependencies = [
+    "aiconfigurator==0.2.0",
    "networkx",
    "pandas",
    "pydantic>=2",
@@ -59,6 +60,11 @@ Repository = "https://github.com/ai-dynamo/dynamo.git"
 requires = ["setuptools>=42", "wheel"]
 build-backend = "setuptools.build_meta"
+[tool.uv]
+override-dependencies = [
+    "gradio==5.47.1"
+]
 [tool.setuptools]
 packages = ["prefix_data_generator"]

--- a/container/Dockerfile
+++ b/container/Dockerfile
@@ -382,8 +382,10 @@ RUN uv pip install \
    /opt/dynamo/wheelhouse/ai_dynamo_runtime*cp312*.whl \
    /opt/dynamo/wheelhouse/ai_dynamo*any.whl \
    /opt/dynamo/wheelhouse/nixl/nixl*.whl \
-    /opt/dynamo/benchmarks && \
+    && cd /opt/dynamo/benchmarks \
-    rm -rf /opt/dynamo/benchmarks
+    && uv pip install . \
+    && cd - \
+    && rm -rf /opt/dynamo/benchmarks
 # Setup launch banner
 RUN --mount=type=bind,source=./container/launch_message.txt,target=/opt/dynamo/launch_message.txt \

--- a/container/Dockerfile.sglang
+++ b/container/Dockerfile.sglang
@@ -203,8 +203,10 @@ RUN uv pip install \
    /opt/dynamo/wheelhouse/ai_dynamo_runtime*cp312*.whl \
    /opt/dynamo/wheelhouse/ai_dynamo*any.whl \
    /opt/dynamo/wheelhouse/nixl/nixl*.whl \
-    /opt/dynamo/benchmarks && \
+    && cd /opt/dynamo/benchmarks \
-    rm -rf /opt/dynamo/benchmarks
+    && uv pip install . \
+    && cd - \
+    && rm -rf /opt/dynamo/benchmarks
 # Install common and test dependencies
 RUN --mount=type=bind,source=./container/deps/requirements.txt,target=/tmp/requirements.txt \

--- a/container/Dockerfile.trtllm
+++ b/container/Dockerfile.trtllm
@@ -238,8 +238,10 @@ RUN uv pip install \
    /opt/dynamo/wheelhouse/ai_dynamo_runtime*cp312*.whl \
    /opt/dynamo/wheelhouse/ai_dynamo*any.whl \
    /opt/dynamo/wheelhouse/nixl/nixl*.whl \
-    /opt/dynamo/benchmarks && \
+    && cd /opt/dynamo/benchmarks \
-    rm -rf /opt/dynamo/benchmarks
+    && uv pip install . \
+    && cd - \
+    && rm -rf /opt/dynamo/benchmarks
 # Install common and test dependencies
 RUN --mount=type=bind,source=./container/deps/requirements.txt,target=/tmp/requirements.txt \

--- a/container/Dockerfile.vllm
+++ b/container/Dockerfile.vllm
@@ -251,8 +251,10 @@ RUN uv pip install \
    /opt/dynamo/wheelhouse/ai_dynamo_runtime*cp312*.whl \
    /opt/dynamo/wheelhouse/ai_dynamo*any.whl \
    /opt/dynamo/wheelhouse/nixl/nixl*.whl \
-    /opt/dynamo/benchmarks && \
+    && cd /opt/dynamo/benchmarks \
-    rm -rf /opt/dynamo/benchmarks
+    && uv pip install . \
+    && cd - \
+    && rm -rf /opt/dynamo/benchmarks
 # Install common and test dependencies
 RUN --mount=type=bind,source=./container/deps/requirements.txt,target=/tmp/requirements.txt \

--- a/container/deps/requirements.txt
+++ b/container/deps/requirements.txt
@@ -2,7 +2,6 @@
 # SPDX-License-Identifier: Apache-2.0
 accelerate==1.6.0
-aiconfigurator==0.2.0
 aiofiles
 av==15.0.0
 fastapi==0.115.12