6ac561235c
Improve dataset manifest installation ( #5447 )
...
Extracted from #5083
Related #5096
- Improved dataset manifest docs
- Dataset manifest requirements are now installed in the server image
- Package dependencies are aligned with the server
3 years ago
c9f214a894
Unify error handling with the cloud storage ( #5389 )
...
Added a general solution for checking bucket and file status instead of
checking in all places. Exception information has become more
user-friendly.
3 years ago
487c60ce2b
SDK: Add an adapter layer that presents a CVAT task as a torchvision dataset ( #5417 )
3 years ago
82adde42aa
Refactor resource import export tests ( #5429 )
...
Extracted some enhancements from
https://github.com/opencv/cvat/pull/4819
- Extracted common s3 manipulations in tests
- Refactored import/export tests to be more clear
3 years ago
0a032b3236
Migrate to using pathlib in most of the SDK ( #5435 )
...
For user-facing functions, keep accepting `str` paths to maintain
compatibility and flexibility, but add support for arbitrary path-like
objects. For internal functions (in `downloading.py` and
`uploading.py`), don't bother and require `pathlib.Path`.
The only code that isn't converted is build-time code (e.g. `setup.py`)
and code that came from openapi-generator.
3 years ago
5441c4ee67
Fix isort version output in the workflow ( #5436 )
...
`isort --version` prints a large banner, which, after shell processing,
is collapsed into one line, and the result is an unreadable mess. Use
`--version-number` instead, which prints just the number.
3 years ago
4e97c243d6
Refactor OPA tests ( #5373 )
...
- OPA tests are now autogenerated
- Updated invocation docs
3 years ago
03dd995bc3
Update README.md
3 years ago
c26590c043
Update authentication documentation ( #5342 )
...
User authorization documentation updated:
- Screenshots
- Procedure descriptions
- Links
3 years ago
481630e719
Migrate tests/python to from os.path to pathlib ( #5426 )
...
`pathlib` improves code readability and type safety. It is already used
in some of the tests; convert all remaining `os.path` usage to `pathlib`
equivalents.
3 years ago
3f9ab7cf68
Fix loss of rotation in CVAT format ( #5407 )
...
Fix https://github.com/opencv/cvat/issues/4378
3 years ago
cacb99735f
Add job access checks for model invocations ( #5392 )
...
Fixes #4996
- Added job access checks for model launches in the interactive mode
3 years ago
192fd72680
Fix creation of tasks with Git repositories via the SDK ( #5409 )
...
Fixes #4365
3 years ago
8b13a2c485
3D Performance issue fixed: Multiple selection the same object or null ( #5411 )
...
Related #3438
3 years ago
c49fe70083
Fix an "export was not found" webpack warning in canvas3d.ts ( #5419 )
...
The cause of the warning is explained here:
https://devblogs.microsoft.com/typescript/announcing-typescript-3-8-beta/#type-only-imports-exports
Add a webpack configuration option to treat such warnings as errors, to
prevent any more of them from appearing in the future.
<!-- Raised an issue to propose your change
(https://github.com/cvat-ai/cvat/issues ).
It helps to avoid duplication of efforts from multiple independent
contributors.
Discuss your ideas with maintainers to be sure that changes will be
approved and merged.
Read the
[CONTRIBUTION](https://github.com/cvat-ai/cvat/blob/develop/CONTRIBUTING.md )
guide. -->
<!-- Provide a general summary of your changes in the Title above -->
### Motivation and context
<!-- Why is this change required? What problem does it solve? If it
fixes an open
issue, please link to the issue here. Describe your changes in detail,
add
screenshots. -->
Warnings are annoying.
### How has this been tested?
<!-- Please describe in detail how you tested your changes.
Include details of your testing environment, and the tests you ran to
see how your change affects other areas of the code, etc. -->
### Checklist
<!-- Go over all the following points, and put an `x` in all the boxes
that apply.
If an item isn't applicable by a reason then ~~explicitly
strikethrough~~ the whole
line. If you don't do that github will show an incorrect process for the
pull request.
If you're unsure about any of these, don't hesitate to ask. We're here
to help! -->
- [x] I submit my changes into the `develop` branch
- ~~[ ] I have added a description of my changes into
[CHANGELOG](https://github.com/cvat-ai/cvat/blob/develop/CHANGELOG.md )
file~~
- ~~[ ] I have updated the [documentation](
https://github.com/cvat-ai/cvat/blob/develop/README.md#documentation )
accordingly~~
- ~~[ ] I have added tests to cover my changes~~
- ~~[ ] I have linked related issues ([read github docs](
https://help.github.com/en/github/managing-your-work-on-github/linking-a-pull-request-to-an-issue#linking-a-pull-request-to-an-issue-using-a-keyword ))~~
- ~~[ ] I have increased versions of npm packages if it is necessary
([cvat-canvas](https://github.com/cvat-ai/cvat/tree/develop/cvat-canvas#versioning ),
[cvat-core](https://github.com/cvat-ai/cvat/tree/develop/cvat-core#versioning ),
[cvat-data](https://github.com/cvat-ai/cvat/tree/develop/cvat-data#versioning )
and
[cvat-ui](https://github.com/cvat-ai/cvat/tree/develop/cvat-ui#versioning ))~~
### License
- [x] I submit _my code changes_ under the same [MIT License](
https://github.com/cvat-ai/cvat/blob/develop/LICENSE ) that covers the
project.
Feel free to contact the maintainers if that's a concern.
3 years ago
dcf1ac2d86
Bump decode-uri-component from 0.2.0 to 0.2.2 ( #5421 )
3 years ago
2a2c43f6b1
Try to catch / workaround 5215 ( #5216 )
...
Fixes #5215
It's not really clear how the error can be obtained, but this PR adds a
workaround for the problem. There are 2 possible ways to get the
`message` parameter - from an error and from the operation status.
- Our status messages are always represented by a string, no any other
values is assigned.
- rq is trickier here - it receives rq data and [decodes
it](https://github.com/rq/rq/blob/master/rq/job.py#L603-L609 ) if there
is an error, but the operations can leave None as the `exc_info` value.
Maybe [this issue](https://github.com/rq/rq/issues/1633 ) is relevant
here.
3 years ago
d4788ee61e
Multiple fixes in 3D drawing, see description ( #5410 )
...
### Motivation and context
Related #3438
- When dblclick one of sideviews during drawing - UI is broken
- When mouseleave sideviews during drawing - bbox disappears, need to
draw again
- Sometimes multiple draw boxes exist on view
Example:
3 years ago
9b0d963d1a
Fix REST API tests ( #5416 )
...
Fixed REST API tests after merging #5408 and #5396 to develop
Co-authored-by: Boris Sekachev <sekachev.bs@gmail.com>
Co-authored-by: Nikita Manovich <nikita@cvat.ai>
3 years ago
966f2e4efd
Added note about use of existing PVs to store CVAT data ( #5413 )
3 years ago
673ecefbc3
Remove old CLI tests from unit test docs ( #5415 )
3 years ago
3e1ccc8602
Fix exception when run export for an empty task ( #5396 )
...
Fix https://github.com/opencv/cvat/issues/5245
The PR contains a simple fix. Just return BAD REQUEST if somebody tries
to export a task without data. It doesn't make sense. But a more complex
fix will require changing a massive amount of code. It doesn't make any
sense to support such a weird scenario.
3 years ago
c0bf27c5ee
[Documentation] links on readme.md page fixed ( #5406 )
3 years ago
772f0cd117
Adjusted initial camera position, enabled 'Reset zoom' option for 3D canvas ( #5395 )
3 years ago
01fec6fb72
Fix chart not being upgradable ( #5371 )
3 years ago
6f6db4d554
Helm: fix secrets for non-default release name ( #5403 )
3 years ago
0943de9d6f
Update test guide with SDK/CLI info ( #5402 )
...
Follow up for #5394
The existing text wont work in a clean repo. This PR adds missing info.
3 years ago
f405c4acac
Fix missing source tag in project annotations ( #5408 )
3 years ago
785edcb272
Allow dragging 3D canvas in IDLE mode ( #5385 )
3 years ago
00228ab7bb
Fix several issues with testing system ( #5394 )
...
Fix https://github.com/opencv/cvat/issues/5214
1. Stable names for containers (_ vs -)
2. Improve documentation
3 years ago
19b2643e69
Allowed to upload `.xml` and `.json` annotation files from UI ( #5386 )
...
<!-- Raised an issue to propose your change
(https://github.com/cvat-ai/cvat/issues ).
It helps to avoid duplication of efforts from multiple independent
contributors.
Discuss your ideas with maintainers to be sure that changes will be
approved and merged.
Read the
[CONTRIBUTION](https://github.com/cvat-ai/cvat/blob/develop/CONTRIBUTING.md )
guide. -->
<!-- Provide a general summary of your changes in the Title above -->
### Motivation and context
<!-- Why is this change required? What problem does it solve? If it
fixes an open
issue, please link to the issue here. Describe your changes in detail,
add
screenshots. -->
Resolved #5274
+ Fixed typo in tests
### How has this been tested?
<!-- Please describe in detail how you tested your changes.
Include details of your testing environment, and the tests you ran to
see how your change affects other areas of the code, etc. -->
### Checklist
<!-- Go over all the following points, and put an `x` in all the boxes
that apply.
If an item isn't applicable by a reason then ~~explicitly
strikethrough~~ the whole
line. If you don't do that github will show an incorrect process for the
pull request.
If you're unsure about any of these, don't hesitate to ask. We're here
to help! -->
- [x] I submit my changes into the `develop` branch
- [x] I have added a description of my changes into
[CHANGELOG](https://github.com/cvat-ai/cvat/blob/develop/CHANGELOG.md )
file
- [ ] I have updated the [documentation](
https://github.com/cvat-ai/cvat/blob/develop/README.md#documentation )
accordingly
- [x] I have added tests to cover my changes
- [x] I have linked related issues ([read github docs](
https://help.github.com/en/github/managing-your-work-on-github/linking-a-pull-request-to-an-issue#linking-a-pull-request-to-an-issue-using-a-keyword ))
- [x] I have increased versions of npm packages if it is necessary
([cvat-canvas](https://github.com/cvat-ai/cvat/tree/develop/cvat-canvas#versioning ),
[cvat-core](https://github.com/cvat-ai/cvat/tree/develop/cvat-core#versioning ),
[cvat-data](https://github.com/cvat-ai/cvat/tree/develop/cvat-data#versioning )
and
[cvat-ui](https://github.com/cvat-ai/cvat/tree/develop/cvat-ui#versioning ))
### License
- [x] I submit _my code changes_ under the same [MIT License](
https://github.com/cvat-ai/cvat/blob/develop/LICENSE ) that covers the
project.
Feel free to contact the maintainers if that's a concern.
3 years ago
d8c5051933
Update s3fs mount command ( #5390 )
3 years ago
e0e9e27c3a
Update docs about k8s deployment ( #5388 )
3 years ago
6f09c777f2
Fixed FBRS runtime dimension error on images with alpha channel ( #5384 )
3 years ago
ca83d3c925
Fix attaching manifest file with custom name ( #5377 )
...
<!-- Raised an issue to propose your change
(https://github.com/cvat-ai/cvat/issues ).
It helps to avoid duplication of efforts from multiple independent
contributors.
Discuss your ideas with maintainers to be sure that changes will be
approved and merged.
Read the
[CONTRIBUTION](https://github.com/cvat-ai/cvat/blob/develop/CONTRIBUTING.md )
guide. -->
<!-- Provide a general summary of your changes in the Title above -->
### Motivation and context
<!-- Why is this change required? What problem does it solve? If it
fixes an open
issue, please link to the issue here. Describe your changes in detail,
add
screenshots. -->
Closes #5361
### How has this been tested?
<!-- Please describe in detail how you tested your changes.
Include details of your testing environment, and the tests you ran to
see how your change affects other areas of the code, etc. -->
Updated existing cypress test
### Checklist
<!-- Go over all the following points, and put an `x` in all the boxes
that apply.
If an item isn't applicable by a reason then ~~explicitly
strikethrough~~ the whole
line. If you don't do that github will show an incorrect process for the
pull request.
If you're unsure about any of these, don't hesitate to ask. We're here
to help! -->
- [x] I submit my changes into the `develop` branch
- [x] I have added a description of my changes into
[CHANGELOG](https://github.com/cvat-ai/cvat/blob/develop/CHANGELOG.md )
file
~~- [ ] I have updated the [documentation](
https://github.com/cvat-ai/cvat/blob/develop/README.md#documentation )
accordingly~~
- [x] I have added tests to cover my changes
- [x] I have linked related issues ([read github docs](
https://help.github.com/en/github/managing-your-work-on-github/linking-a-pull-request-to-an-issue#linking-a-pull-request-to-an-issue-using-a-keyword ))
- [x] I have increased versions of npm packages if it is necessary
([cvat-canvas](https://github.com/cvat-ai/cvat/tree/develop/cvat-canvas#versioning ),
[cvat-core](https://github.com/cvat-ai/cvat/tree/develop/cvat-core#versioning ),
[cvat-data](https://github.com/cvat-ai/cvat/tree/develop/cvat-data#versioning )
and
[cvat-ui](https://github.com/cvat-ai/cvat/tree/develop/cvat-ui#versioning ))
### License
- [x] I submit _my code changes_ under the same [MIT License](
https://github.com/cvat-ai/cvat/blob/develop/LICENSE ) that covers the
project.
Feel free to contact the maintainers if that's a concern.
Co-authored-by: Nikita Manovich <nikita@cvat.ai>
3 years ago
2c63b6c7eb
Bump dependency versions to fix compatibility with Python 3.10 ( #5380 )
...
* rq 1.5.1 uses `collections.Iterable` (long deprecated and deleted in
Python 3.10). 1.5.2 fixes this issue. To avoid potential regressions,
don't bump the version further.
* av 8.0.2 was built with old Cython, which generates C code
incompatible with Python 3.10. The newest version is av 10.0.0, but that
drops support for FFmpeg<4.3, which would make it unbuildable using the
default Ubuntu 20.04 FFmpeg packages. To avoid that problem, use the
previous version, 9.2.0.
<!-- Raised an issue to propose your change
(https://github.com/cvat-ai/cvat/issues ).
It helps to avoid duplication of efforts from multiple independent
contributors.
Discuss your ideas with maintainers to be sure that changes will be
approved and merged.
Read the
[CONTRIBUTION](https://github.com/cvat-ai/cvat/blob/develop/CONTRIBUTING.md )
guide. -->
<!-- Provide a general summary of your changes in the Title above -->
### Motivation and context
<!-- Why is this change required? What problem does it solve? If it
fixes an open
issue, please link to the issue here. Describe your changes in detail,
add
screenshots. -->
This makes it possible to run CVAT on Python 3.10.
Fixes #5262 .
### How has this been tested?
<!-- Please describe in detail how you tested your changes.
Include details of your testing environment, and the tests you ran to
see how your change affects other areas of the code, etc. -->
I'm relying on CI.
### Checklist
<!-- Go over all the following points, and put an `x` in all the boxes
that apply.
If an item isn't applicable by a reason then ~~explicitly
strikethrough~~ the whole
line. If you don't do that github will show an incorrect process for the
pull request.
If you're unsure about any of these, don't hesitate to ask. We're here
to help! -->
- [x] I submit my changes into the `develop` branch
- ~~[ ] I have added a description of my changes into
[CHANGELOG](https://github.com/cvat-ai/cvat/blob/develop/CHANGELOG.md )
file~~
- ~~[ ] I have updated the [documentation](
https://github.com/cvat-ai/cvat/blob/develop/README.md#documentation )
accordingly~~
- ~~[ ] I have added tests to cover my changes~~
- [x] I have linked related issues ([read github docs](
https://help.github.com/en/github/managing-your-work-on-github/linking-a-pull-request-to-an-issue#linking-a-pull-request-to-an-issue-using-a-keyword ))
- ~~[ ] I have increased versions of npm packages if it is necessary
([cvat-canvas](https://github.com/cvat-ai/cvat/tree/develop/cvat-canvas#versioning ),
[cvat-core](https://github.com/cvat-ai/cvat/tree/develop/cvat-core#versioning ),
[cvat-data](https://github.com/cvat-ai/cvat/tree/develop/cvat-data#versioning )
and
[cvat-ui](https://github.com/cvat-ai/cvat/tree/develop/cvat-ui#versioning ))~~
### License
- [x] I submit _my code changes_ under the same [MIT License](
https://github.com/cvat-ai/cvat/blob/develop/LICENSE ) that covers the
project.
Feel free to contact the maintainers if that's a concern.
3 years ago
bfa00b12de
Added missing migration for shape type == Mask ( #5376 )
...
PR https://github.com/opencv/cvat/pull/4543 didn't add a new migration.
The migration wasn't critical. At least it was not led to any problems.
3 years ago
38193ff792
SDK: add a utility function for atomically writing a file ( #5372 )
3 years ago
460df331e4
Implemented propagate backward ( #5355 )
...
<!-- Raised an issue to propose your change
(https://github.com/cvat-ai/cvat/issues ).
It helps to avoid duplication of efforts from multiple independent
contributors.
Discuss your ideas with maintainers to be sure that changes will be
approved and merged.
Read the
[CONTRIBUTION](https://github.com/cvat-ai/cvat/blob/develop/CONTRIBUTING.md )
guide. -->
<!-- Provide a general summary of your changes in the Title above -->
### Motivation and context
Resolved #2998
<img width="428" alt="image"
src="https://user-images.githubusercontent.com/40690378/203806586-1367477b-cfff-46f1-947b-d0292cd6f02e.png ">
### How has this been tested?
<!-- Please describe in detail how you tested your changes.
Include details of your testing environment, and the tests you ran to
see how your change affects other areas of the code, etc. -->
### Checklist
<!-- Go over all the following points, and put an `x` in all the boxes
that apply.
If an item isn't applicable by a reason then ~~explicitly
strikethrough~~ the whole
line. If you don't do that github will show an incorrect process for the
pull request.
If you're unsure about any of these, don't hesitate to ask. We're here
to help! -->
- [x] I submit my changes into the `develop` branch
- [x] I have added a description of my changes into
[CHANGELOG](https://github.com/cvat-ai/cvat/blob/develop/CHANGELOG.md )
file
- [ ] I have updated the [documentation](
https://github.com/cvat-ai/cvat/blob/develop/README.md#documentation )
accordingly
- [x] I have added tests to cover my changes
- [x] I have linked related issues ([read github docs](
https://help.github.com/en/github/managing-your-work-on-github/linking-a-pull-request-to-an-issue#linking-a-pull-request-to-an-issue-using-a-keyword ))
- [x] I have increased versions of npm packages if it is necessary
([cvat-canvas](https://github.com/cvat-ai/cvat/tree/develop/cvat-canvas#versioning ),
[cvat-core](https://github.com/cvat-ai/cvat/tree/develop/cvat-core#versioning ),
[cvat-data](https://github.com/cvat-ai/cvat/tree/develop/cvat-data#versioning )
and
[cvat-ui](https://github.com/cvat-ai/cvat/tree/develop/cvat-ui#versioning ))
### License
- [x] I submit _my code changes_ under the same [MIT License](
https://github.com/cvat-ai/cvat/blob/develop/LICENSE ) that covers the
project.
Feel free to contact the maintainers if that's a concern.
3 years ago
2ecd8c7b0c
Test webhooks sender: wait for delivery response ( #5365 )
3 years ago
0a16cfce5b
SDK: add a high-level method to download task data chunks ( #5356 )
3 years ago
85b5547541
Make the server proxy's properties visible to static analysis ( #5345 )
...
Currently, all properties of the server proxy object are created using
`Object.defineProperties` in the constructor, which means that IDEs like
VS Code can't analyze the file's static structure to determine what
properties there are and what types they have. Consequently, things like
autocomplete and go-to-definition don't work.
Fix that by removing the `ServerProxy` class altogether and exporting an
anonymous object with all properties defined statically.
3 years ago
968b575ac3
Videos link updated, contacts updated ( #5357 )
...
Link to the old videos removed as there were changes made in CVAT
interface and now these videos are a bit confusing Links to playlists of
the updated videos were added with the description what these videos
contact Contacts sections updated
General proofreading
3 years ago
279f01b53b
Fix: Can't dump annotations with objects type is track from several jobs ( #5250 )
3 years ago
dde9f610df
[Documentation] Broken links fixed ( #5348 )
3 years ago
90ca4018a0
Added cypress test to create a task with only bounding boxes ( #5346 )
3 years ago
0786d05f6b
Bump pillow from 9.0.1 to 9.3.0 in /tests/python ( #5341 )
3 years ago
8705e2366c
Added force logout on CVAT app start if token is missing ( #5331 )
3 years ago
08dd27d993
Fix missed token with using social account authentication ( #5344 )
3 years ago
bc079c3129
Bump tensorflow from 2.8.1 to 2.9.3 in /cvat/requirements ( #5338 )
...
Bumps [tensorflow](https://github.com/tensorflow/tensorflow ) from 2.8.1
to 2.9.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tensorflow/tensorflow/releases ">tensorflow's
releases</a>.</em></p>
<blockquote>
<h2>TensorFlow 2.9.3</h2>
<h1>Release 2.9.3</h1>
<p>This release introduces several vulnerability fixes:</p>
<ul>
<li>Fixes an overflow in <code>tf.keras.losses.poisson</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41887 ">CVE-2022-41887</a>)</li>
<li>Fixes a heap OOB failure in
<code>ThreadUnsafeUnigramCandidateSampler</code> caused by missing
validation (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41880 ">CVE-2022-41880</a>)</li>
<li>Fixes a segfault in <code>ndarray_tensor_bridge</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41884 ">CVE-2022-41884</a>)</li>
<li>Fixes an overflow in <code>FusedResizeAndPadConv2D</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41885 ">CVE-2022-41885</a>)</li>
<li>Fixes a overflow in <code>ImageProjectiveTransformV2</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41886 ">CVE-2022-41886</a>)</li>
<li>Fixes an FPE in
<code>tf.image.generate_bounding_box_proposals</code> on GPU (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41888 ">CVE-2022-41888</a>)</li>
<li>Fixes a segfault in <code>pywrap_tfe_src</code> caused by invalid
attributes (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41889 ">CVE-2022-41889</a>)</li>
<li>Fixes a <code>CHECK</code> fail in <code>BCast</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41890 ">CVE-2022-41890</a>)</li>
<li>Fixes a segfault in <code>TensorListConcat</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41891 ">CVE-2022-41891</a>)</li>
<li>Fixes a <code>CHECK_EQ</code> fail in <code>TensorListResize</code>
(<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41893 ">CVE-2022-41893</a>)</li>
<li>Fixes an overflow in <code>CONV_3D_TRANSPOSE</code> on TFLite (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41894 ">CVE-2022-41894</a>)</li>
<li>Fixes a heap OOB in <code>MirrorPadGrad</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41895 ">CVE-2022-41895</a>)</li>
<li>Fixes a crash in <code>Mfcc</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41896 ">CVE-2022-41896</a>)</li>
<li>Fixes a heap OOB in <code>FractionalMaxPoolGrad</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41897 ">CVE-2022-41897</a>)</li>
<li>Fixes a <code>CHECK</code> fail in
<code>SparseFillEmptyRowsGrad</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41898 ">CVE-2022-41898</a>)</li>
<li>Fixes a <code>CHECK</code> fail in <code>SdcaOptimizer</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41899 ">CVE-2022-41899</a>)</li>
<li>Fixes a heap OOB in <code>FractionalAvgPool</code> and
<code>FractionalMaxPool</code>(<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41900 ">CVE-2022-41900</a>)</li>
<li>Fixes a <code>CHECK_EQ</code> in <code>SparseMatrixNNZ</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41901 ">CVE-2022-41901</a>)</li>
<li>Fixes an OOB write in grappler (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41902 ">CVE-2022-41902</a>)</li>
<li>Fixes a overflow in <code>ResizeNearestNeighborGrad</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41907 ">CVE-2022-41907</a>)</li>
<li>Fixes a <code>CHECK</code> fail in <code>PyFunc</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41908 ">CVE-2022-41908</a>)</li>
<li>Fixes a segfault in <code>CompositeTensorVariantToComponents</code>
(<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41909 ">CVE-2022-41909</a>)</li>
<li>Fixes a invalid char to bool conversion in printing a tensor (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41911 ">CVE-2022-41911</a>)</li>
<li>Fixes a heap overflow in <code>QuantizeAndDequantizeV2</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41910 ">CVE-2022-41910</a>)</li>
<li>Fixes a <code>CHECK</code> failure in <code>SobolSample</code> via
missing validation (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35935 ">CVE-2022-35935</a>)</li>
<li>Fixes a <code>CHECK</code> fail in <code>TensorListScatter</code>
and <code>TensorListScatterV2</code> in eager mode (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35935 ">CVE-2022-35935</a>)</li>
</ul>
<h2>TensorFlow 2.9.2</h2>
<h1>Release 2.9.2</h1>
<p>This releases introduces several vulnerability fixes:</p>
<ul>
<li>Fixes a <code>CHECK</code> failure in tf.reshape caused by overflows
(<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35934 ">CVE-2022-35934</a>)</li>
<li>Fixes a <code>CHECK</code> failure in <code>SobolSample</code>
caused by missing validation (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35935 ">CVE-2022-35935</a>)</li>
<li>Fixes an OOB read in <code>Gather_nd</code> op in TF Lite (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35937 ">CVE-2022-35937</a>)</li>
<li>Fixes a <code>CHECK</code> failure in <code>TensorListReserve</code>
caused by missing validation (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35960 ">CVE-2022-35960</a>)</li>
<li>Fixes an OOB write in <code>Scatter_nd</code> op in TF Lite (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35939 ">CVE-2022-35939</a>)</li>
<li>Fixes an integer overflow in <code>RaggedRangeOp</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35940 ">CVE-2022-35940</a>)</li>
<li>Fixes a <code>CHECK</code> failure in <code>AvgPoolOp</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35941 ">CVE-2022-35941</a>)</li>
<li>Fixes a <code>CHECK</code> failures in <code>UnbatchGradOp</code>
(<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35952 ">CVE-2022-35952</a>)</li>
<li>Fixes a segfault TFLite converter on per-channel quantized
transposed convolutions (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36027 ">CVE-2022-36027</a>)</li>
<li>Fixes a <code>CHECK</code> failures in <code>AvgPool3DGrad</code>
(<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35959 ">CVE-2022-35959</a>)</li>
<li>Fixes a <code>CHECK</code> failures in
<code>FractionalAvgPoolGrad</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35963 ">CVE-2022-35963</a>)</li>
<li>Fixes a segfault in <code>BlockLSTMGradV2</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35964 ">CVE-2022-35964</a>)</li>
<li>Fixes a segfault in <code>LowerBound</code> and
<code>UpperBound</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35965 ">CVE-2022-35965</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md ">tensorflow's
changelog</a>.</em></p>
<blockquote>
<h1>Release 2.9.3</h1>
<p>This release introduces several vulnerability fixes:</p>
<ul>
<li>Fixes an overflow in <code>tf.keras.losses.poisson</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41887 ">CVE-2022-41887</a>)</li>
<li>Fixes a heap OOB failure in
<code>ThreadUnsafeUnigramCandidateSampler</code> caused by missing
validation (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41880 ">CVE-2022-41880</a>)</li>
<li>Fixes a segfault in <code>ndarray_tensor_bridge</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41884 ">CVE-2022-41884</a>)</li>
<li>Fixes an overflow in <code>FusedResizeAndPadConv2D</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41885 ">CVE-2022-41885</a>)</li>
<li>Fixes a overflow in <code>ImageProjectiveTransformV2</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41886 ">CVE-2022-41886</a>)</li>
<li>Fixes an FPE in
<code>tf.image.generate_bounding_box_proposals</code> on GPU (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41888 ">CVE-2022-41888</a>)</li>
<li>Fixes a segfault in <code>pywrap_tfe_src</code> caused by invalid
attributes (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41889 ">CVE-2022-41889</a>)</li>
<li>Fixes a <code>CHECK</code> fail in <code>BCast</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41890 ">CVE-2022-41890</a>)</li>
<li>Fixes a segfault in <code>TensorListConcat</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41891 ">CVE-2022-41891</a>)</li>
<li>Fixes a <code>CHECK_EQ</code> fail in <code>TensorListResize</code>
(<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41893 ">CVE-2022-41893</a>)</li>
<li>Fixes an overflow in <code>CONV_3D_TRANSPOSE</code> on TFLite (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41894 ">CVE-2022-41894</a>)</li>
<li>Fixes a heap OOB in <code>MirrorPadGrad</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41895 ">CVE-2022-41895</a>)</li>
<li>Fixes a crash in <code>Mfcc</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41896 ">CVE-2022-41896</a>)</li>
<li>Fixes a heap OOB in <code>FractionalMaxPoolGrad</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41897 ">CVE-2022-41897</a>)</li>
<li>Fixes a <code>CHECK</code> fail in
<code>SparseFillEmptyRowsGrad</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41898 ">CVE-2022-41898</a>)</li>
<li>Fixes a <code>CHECK</code> fail in <code>SdcaOptimizer</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41899 ">CVE-2022-41899</a>)</li>
<li>Fixes a heap OOB in <code>FractionalAvgPool</code> and
<code>FractionalMaxPool</code>(<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41900 ">CVE-2022-41900</a>)</li>
<li>Fixes a <code>CHECK_EQ</code> in <code>SparseMatrixNNZ</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41901 ">CVE-2022-41901</a>)</li>
<li>Fixes an OOB write in grappler (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41902 ">CVE-2022-41902</a>)</li>
<li>Fixes a overflow in <code>ResizeNearestNeighborGrad</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41907 ">CVE-2022-41907</a>)</li>
<li>Fixes a <code>CHECK</code> fail in <code>PyFunc</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41908 ">CVE-2022-41908</a>)</li>
<li>Fixes a segfault in <code>CompositeTensorVariantToComponents</code>
(<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41909 ">CVE-2022-41909</a>)</li>
<li>Fixes a invalid char to bool conversion in printing a tensor (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41911 ">CVE-2022-41911</a>)</li>
<li>Fixes a heap overflow in <code>QuantizeAndDequantizeV2</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41910 ">CVE-2022-41910</a>)</li>
<li>Fixes a <code>CHECK</code> failure in <code>SobolSample</code> via
missing validation (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35935 ">CVE-2022-35935</a>)</li>
<li>Fixes a <code>CHECK</code> fail in <code>TensorListScatter</code>
and <code>TensorListScatterV2</code> in eager mode (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35935 ">CVE-2022-35935</a>)</li>
</ul>
<h1>Release 2.8.4</h1>
<p>This release introduces several vulnerability fixes:</p>
<ul>
<li>Fixes a heap OOB failure in
<code>ThreadUnsafeUnigramCandidateSampler</code> caused by missing
validation (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41880 ">CVE-2022-41880</a>)</li>
<li>Fixes a segfault in <code>ndarray_tensor_bridge</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41884 ">CVE-2022-41884</a>)</li>
<li>Fixes an overflow in <code>FusedResizeAndPadConv2D</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41885 ">CVE-2022-41885</a>)</li>
<li>Fixes a overflow in <code>ImageProjectiveTransformV2</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41886 ">CVE-2022-41886</a>)</li>
<li>Fixes an FPE in
<code>tf.image.generate_bounding_box_proposals</code> on GPU (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41888 ">CVE-2022-41888</a>)</li>
<li>Fixes a segfault in <code>pywrap_tfe_src</code> caused by invalid
attributes (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41889 ">CVE-2022-41889</a>)</li>
<li>Fixes a <code>CHECK</code> fail in <code>BCast</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41890 ">CVE-2022-41890</a>)</li>
<li>Fixes a segfault in <code>TensorListConcat</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41891 ">CVE-2022-41891</a>)</li>
<li>Fixes a <code>CHECK_EQ</code> fail in <code>TensorListResize</code>
(<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41893 ">CVE-2022-41893</a>)</li>
<li>Fixes an overflow in <code>CONV_3D_TRANSPOSE</code> on TFLite (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41894 ">CVE-2022-41894</a>)</li>
<li>Fixes a heap OOB in <code>MirrorPadGrad</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41895 ">CVE-2022-41895</a>)</li>
<li>Fixes a crash in <code>Mfcc</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41896 ">CVE-2022-41896</a>)</li>
<li>Fixes a heap OOB in <code>FractionalMaxPoolGrad</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41897 ">CVE-2022-41897</a>)</li>
<li>Fixes a <code>CHECK</code> fail in
<code>SparseFillEmptyRowsGrad</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41898 ">CVE-2022-41898</a>)</li>
<li>Fixes a <code>CHECK</code> fail in <code>SdcaOptimizer</code> (<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41899 ">CVE-2022-41899</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="a5ed5f39b6https://github-redirect.dependabot.com/tensorflow/tensorflow/issues/58584 ">#58584</a>
from tensorflow/vinila21-patch-2</li>
<li><a
href="258f9a1251cd27cfb438https://github-redirect.dependabot.com/tensorflow/tensorflow/issues/58580 ">#58580</a>
from tensorflow-jenkins/version-numbers-2.9.3-24474</li>
<li><a
href="3e75385ee6bc72c39774https://github-redirect.dependabot.com/tensorflow/tensorflow/issues/58482 ">#58482</a>
from tensorflow-jenkins/relnotes-2.9.3-25695</li>
<li><a
href="3506c90f5a8dcb48e3844f34ec8499https://github-redirect.dependabot.com/tensorflow/tensorflow/issues/58576 ">#58576</a>
from pak-laura/c2.99f03a9d3bafe902c1e6beb105b2f2417...</li>
<li><a
href="6fc67e408f5dbe90ad21https://github-redirect.dependabot.com/tensorflow/tensorflow/issues/58570 ">#58570</a>
from tensorflow/r2.9-7b174a0f2e4</li>
<li>Additional commits viewable in <a
href="https://github.com/tensorflow/tensorflow/compare/v2.8.1...v2.9.3 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the
default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as
the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as
the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the
default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the
[Security Alerts page](https://github.com/opencv/cvat/network/alerts ).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3 years ago
Maxim Zhiltsov
Maria Khrustaleva
Roman Donchenko
Nikita Manovich
Mariia Acoca
Anastasia Yasakova
Boris Sekachev
dependabot[bot]
Andrey Zhavoronkov
Kirill Lakhov
Kirill Sizov
