feat(deps)!: migrate to transformers 5.x (fix nightly CVE-2026-4372)#68
Conversation
Nightly CI failed 2026-07-02..04 on the supply-chain pip-audit gate: transformers CVE-2026-4372 (critical from_pretrained RCE, fixed in 5.3.0) dropped, and check_pip_audit fails closed on its UNKNOWN OSV severity. The old transformers<5.0.0 pin could not reach the fix. Raise the core floor to transformers>=5.3.0,<6.0.0 and cascade the co-dependencies it requires: torch>=2.4.0, huggingface_hub>=1.3.0,<2.0.0, peft>=0.19.0, accelerate>=1.4.0, datasets>=4.7.0,<6.0.0, trl>=1.0.0, requests>=2.32.2 (trl 1.0 pulls the accelerate>=1.4 / datasets>=4.7 floor; datasets 4.7 pulls requests>=2.32.2). BREAKING CHANGE: drops transformers 4.x and Intel Mac (x86_64) support — the latter has no torch>=2.4 wheel on PyPI. Apple Silicon, Linux and Windows are unaffected. - code: drop safe_serialization=True from the 3 save_pretrained sites (removed in tf5; safetensors is the enforced default). Rename torch_dtype= -> dtype= at the export/synthetic from_pretrained sites (deprecated alias in tf5). Refresh the stale trl-pin comment in trainer.py. - ci: rebuild nightly test-min-deps floor to a co-installable tf5 set. - security: remove BOTH now-inert transformers suppressions from pip_audit_ignores.yaml — CVE-2026-1839 (fixed 5.0.0rc3) and PYSEC-2025-217 / CVE-2025-14929 (OSV last-affected 5.0.0rc0); update supply-chain advisory count to zero transformers (EN+TR). - docs: README prerequisite (torch>=2.4, Intel Mac drop) + installation.md Intel Mac note (EN+TR); CHANGELOG. - bump to 0.9.0rc1. Reviewed via 4 parallel review agents (correctness, dep-resolution, docs/security, conventions); their findings (requests floor, second inert suppression, torch_dtype rename, installation-guide gap) are folded in. Validated locally: 8 stdlib doc/version guards pass; nightly test-latest-deps already green on tf5.13. Full pytest/ruff/pip-audit and the min-deps floor resolution remain CI-gated. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Reviewer's GuideMigrates ForgeLM to transformers 5.x by raising dependency floors, updating nightly min-deps CI, adapting model load/save call sites to the new API, and cleaning up pip-audit ignores and documentation to reflect the new security posture and platform support (including dropping Intel macOS x86_64). Sequence diagram for nightly min-deps CI with transformers 5 and updated pip-audit ignoressequenceDiagram
actor GitHubActions
participant pip
participant check_pip_audit_py as check_pip_audit.py
participant pip_audit
participant tools_pip_audit_ignores_yaml as tools/pip_audit_ignores.yaml
GitHubActions->>pip: pip install "torch==2.4.0" "transformers==5.3.0" "huggingface_hub==1.3.0" "peft==0.19.0" "accelerate==1.4.0" "datasets==4.7.0" "trl==1.0.0"
GitHubActions->>check_pip_audit_py: python check_pip_audit.py
check_pip_audit_py->>pip_audit: run pip-audit
pip_audit->>tools_pip_audit_ignores_yaml: load ignores
tools_pip_audit_ignores_yaml-->>pip_audit: no transformers entries
pip_audit-->>GitHubActions: report zero transformers advisories under transformers>=5.3.0 floor
File-Level Changes
Tips and commandsInteracting with Sourcery
Customizing Your ExperienceAccess your dashboard to:
Getting Help
|
📝 WalkthroughWalkthroughRaises the project’s minimum ML dependency floors, updates Transformers 5.x call sites, removes obsolete pip-audit suppressions, and refreshes release and installation docs to match the new compatibility baseline. ChangesTransformers 5 dependency floor migration
Estimated code review effort: 3 (Moderate) | ~25 minutes Possibly related PRs
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Comment |
There was a problem hiding this comment.
Hey - I've left some high level feedback:
- Now that
trlis pinned at>=1.0.0,<2.0.0, consider simplifying_get_training_args_for_typeby either dropping themax_seq_lengthfallback or explicitly keying off the installedtrlversion instead of attribute probing, which will make the logic clearer and easier to maintain if the API changes again. - Given that Intel macOS (x86_64) is now an unsupported platform due to the
torch>=2.4.0requirement, you might want to add a small runtime/platform check (e.g., early in the CLI entrypoint) to fail fast with a clear error message rather than relying solely on documentation and pip’s resolution behavior.
Prompt for AI Agents
Please address the comments from this code review:
## Overall Comments
- Now that `trl` is pinned at `>=1.0.0,<2.0.0`, consider simplifying `_get_training_args_for_type` by either dropping the `max_seq_length` fallback or explicitly keying off the installed `trl` version instead of attribute probing, which will make the logic clearer and easier to maintain if the API changes again.
- Given that Intel macOS (x86_64) is now an unsupported platform due to the `torch>=2.4.0` requirement, you might want to add a small runtime/platform check (e.g., early in the CLI entrypoint) to fail fast with a clear error message rather than relying solely on documentation and pip’s resolution behavior.Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.
There was a problem hiding this comment.
Code Review
This pull request implements a breaking dependency migration to transformers 5.x (specifically transformers>=5.3.0,<6.0.0), which cascades several co-dependency updates including torch>=2.4.0 and trl>=1.0.0. Due to the torch upgrade, support for Intel Macs (x86_64) is dropped. The migration resolves CVE-2026-4372, allowing the removal of two previously suppressed advisories from tools/pip_audit_ignores.yaml. Code changes adapt to transformers 5.x by renaming torch_dtype to dtype and removing the deprecated safe_serialization keyword argument from model-saving sites. There are no review comments to evaluate, and I have no additional feedback to provide.
Important
The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.
…rmers suppressions The v0.9.0 transformers-5 migration removed both transformers advisories (CVE-2026-1839, PYSEC-2025-217) from tools/pip_audit_ignores.yaml — pip-audit no longer reports either under the transformers>=5.3.0 pin. The structural loader/indexing smoke test asserted CVE-2026-1839 was still present; point it at a still-present torch entry (PYSEC-2025-191) instead. Fixes the sole test failure in PR #68 (2845 passed, 1 failed on tf5). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Per PR #68 review: with the trl>=1.0.0,<2.0.0 floor from the transformers-5 migration, SFTConfig always exposes `max_length` (the `max_seq_length` name was retired after trl 0.12.x), so the fallback branch was unreachable dead code. Drive `max_length` directly, but KEEP the runtime signature check + hard-fail so a future trl that removes/hides the parameter still fails loud rather than silently dropping the configured sequence-length cap (docs/standards/error-handling.md "no silent failures"). The hard-fail error message still names both parameters, so the two future-proofing regression tests are unaffected. Removes the now-obsolete legacy-trl-0.12.x test (that path is below the supported floor). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
There was a problem hiding this comment.
🧹 Nitpick comments (1)
forgelm/trainer.py (1)
607-642: 📐 Maintainability & Code Quality | 🔵 Trivial | 💤 Low valueVerified against trl behavior — correct migration.
Confirmed
max_lengthhas been the sequence-length parameter inSFTConfigsince trl 0.13 (withmax_seq_lengthremoved in 0.20.0) and remains present in the pinnedtrl>=1.0.0,<2.0.0range. The runtime signature check plus hard-fail on absence correctly implements the "no silent failures" contract, and matches the accompanying tests (test_sft_config_uses_max_length_on_modern_trl,test_sft_config_raises_when_neither_seqlen_param_exposed,test_sft_config_raises_when_seqlen_only_in_kwargs).One minor note: unlike the other trainer types (
orpo,dpo,simpo,kto,grpo), which callself._apply_max_length(kwargs), the SFT branch inlineskwargs["max_length"] = self.config.model.max_lengthdirectly (Line 641) instead of reusing the helper. This is intentional given the extra signature verification, but could be tightened for consistency if desired.🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@forgelm/trainer.py` around lines 607 - 642, The SFT branch in _get_training_args_for_type is duplicating max-length assignment logic instead of using the shared _apply_max_length helper like the other trainer types. After the SFTConfig signature check, route the max-length setup through self._apply_max_length(kwargs) so the SFT path stays consistent with the orpo/dpo/simpo/kto/grpo branches while preserving the existing runtime validation.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Nitpick comments:
In `@forgelm/trainer.py`:
- Around line 607-642: The SFT branch in _get_training_args_for_type is
duplicating max-length assignment logic instead of using the shared
_apply_max_length helper like the other trainer types. After the SFTConfig
signature check, route the max-length setup through
self._apply_max_length(kwargs) so the SFT path stays consistent with the
orpo/dpo/simpo/kto/grpo branches while preserving the existing runtime
validation.
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro
Run ID: 67ce6039-5372-47d4-a350-9a4a884ddc8b
📒 Files selected for processing (2)
forgelm/trainer.pytests/test_trainer_sft_config.py
Why
Nightly CI has failed every night since 2026-07-02 on the supply-chain
pip-auditgate. Root cause: a new advisory,transformers CVE-2026-4372— a criticalAutoModelForCausalLM.from_pretrained()RCE (maliciousconfig.json_attn_implementation_internaldownloads + executes attacker code, bypassingtrust_remote_code), fixed only in transformers 5.3.0.check_pip_audit.pyfails closed on its UNKNOWN OSV severity, and the oldtransformers<5.0.0pin could not reach the fix.No code was broken — the fix is to raise the pin off the 4.x line.
What
Raise the core floor to
transformers>=5.3.0,<6.0.0and cascade the co-dependencies it requires:>=5.3.0,<6.0.0>=2.4.0,<3.0.0>=1.3.0,<2.0.0>=0.19.0,<1.0.0>=1.4.0,<2.0.0>=4.7.0,<6.0.0>=1.0.0,<2.0.0>=2.32.2,<3.0.0Code: dropped
safe_serialization=Truefrom the 3save_pretrainedsites (kwarg removed in tf5; safetensors is now the enforced default), renamedtorch_dtype=→dtype=at the export/syntheticfrom_pretrainedsites (deprecated alias in tf5), refreshed the stale trl-pin comment intrainer.py.CI: rebuilt the nightly
test-min-depsfloor to a co-installable tf5 minimum set.Security: removed both now-inert transformers suppressions from
pip_audit_ignores.yaml—CVE-2026-1839(fixed 5.0.0rc3) andPYSEC-2025-217/CVE-2025-14929(OSV last-affected 5.0.0rc0). Advisory count → zero transformers (9 torch + 1 markdown remain).torch>=2.4, for which PyPI publishes no x86_64-Darwin wheel. Apple Silicon / Linux / Windows unaffected. Documented in README + installation guide (EN+TR).Review
Reviewed via 4 independent review agents (correctness, dependency-resolution, docs/security, conventions). Every finding was verified against PyPI/OSV and folded in: the
requestsfloor, the second inert suppression, thetorch_dtype→dtyperename, and the installation-guide platform gap.Validation
test-latest-depsjob is already green on transformers 5.13 + trl 1.7.1 + peft 0.19 + datasets 5.0 — ForgeLM's code + test suite already run on tf5.pytest,ruff,forgelm --dry-run, and the min-deps floor pip resolution + real merge/save/teacher-load paths on tf5. A manualnightly.ymldispatch after merge confirms the supply-chain gate goes green.Follow-ups (out of scope, tracked separately)
numpy<2ABI preflight + its json-output.md docs (Intel Mac scenario now dropped).training.sample_packingremoval (CHANGELOG promises it for 0.9.0).pip-auditoutput for any transformers-5-specific advisories.🤖 Generated with Claude Code
Summary by Sourcery
Raise ForgeLM’s dependency floor to transformers 5.3+ to resolve CVE-2026-4372 and align the stack and CI with the new minimum versions, introducing a breaking drop of transformers 4.x and Intel macOS (x86_64) support.
Enhancements:
CI:
Documentation:
Chores:
Summary by CodeRabbit
Bug Fixes
dtypeandmax_lengthoptions.Documentation
torch>=2.4.0) and clarified Intel Mac (x86_64) isn’t supported.Chores
Tests
max_lengthhandling.