add llm finetuning handson colab

[olachinkei]

add llm finetuning handson example

[review-notebook-app[bot]]

Check out this pull request on 

See visual diffs & provide feedback on Jupyter Notebooks.

---

Powered by ReviewNB

[github-actions[bot]]

Thanks for contributing to wandb/examples! We appreciate your efforts in opening a PR for the examples repository. Our goal is to ensure a smooth and enjoyable experience for you 😎.

Guidelines

The examples repo is regularly tested against the ever-evolving ML stack. To facilitate our work, please adhere to the following guidelines:

• Notebook naming: You can use a combination of snakecase and CamelCase for your notebook name. Avoid using spaces (replace them with `) and special characters (&%$?`). For example:

  Cool_Keras_integration_example_with_weights_and_biases.ipynb 

  is acceptable, but

  Cool Keras Example with W&B.ipynb

  is not. Avoid spaces and the & character. To refer to W&B, you can use: weights_and_biases or just wandb (it's our library, after all!)

• Managing dependencies within the notebook: You may need to set up dependencies to ensure that your code works. Please avoid the following practices:

  • Docker-related activities. If Docker installation is required, consider adding a full example with the corresponding Dockerfile to the wandb/examples/examples folder (where non-Colab examples reside).
  • Using pip install as the primary method to install packages. When calling pip in a cell, avoid performing other tasks. We automatically filter these types of cells, and executing other actions might break the automatic testing of the notebooks. For example,

    pip install -qU wandb transformers gpt4

    is acceptable, but

    pip install -qU wandb
    import wandb

    is not.

  • Installing packages from a GitHub branch. Although it's acceptable 😎 to directly obtain the latest bleeding-edge libraries from GitHub, did you know that you can install them like this:

  !pip install -q git+https://github.com/huggingface/transformers

  You don't need to clone, then cd into the repo and install it in editable mode.

  • Avoid referencing specific Colab directories. Google Colab has a /content directory where everything resides. Avoid explicitly referencing this directory because we test our notebooks with pure Jupyter (without Colab). Instead, use relative paths to make the notebook reproducible.

• The Jupyter notebook file .ipynb is nothing more than a JSON file with primarily two types of cells: markdown and code. There is also a bunch of other metadata specific to Google Colab. We have a set of tools to ensure proper notebook formatting. These tools can be found at wandb/nb_helpers.

Before merging, wait for a maintainer to clean and format the notebooks you're adding. You can tag @tcapelle.

Before marking the PR as ready for review, please run your notebook one more time. Restart the Colab and run all. We will provide you with links to open the Colabs below

The following colabs were changed -colabs/llm-finetuning-handson/Alpaca_finetunning_with_WandB.ipynb

[socket-security[bot]]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
pypi/accelerate@0.28.0	environment, eval, filesystem, network, shell, unsafe	+2528	18.5 GB	Thomwolf, lysandre, muellerzr
pypi/aiohttp@3.8.6	environment, eval, filesystem, network, shell, unsafe	+34	31.7 MB	Andrew.Svetlov, fafhrd, webknjaz
pypi/alembic@1.12.0	environment, eval, filesystem, network, shell	0	5.95 MB	CaselIT
pypi/altair@5.1.2	environment, eval, filesystem, network Transitive: shell, unsafe	+798	4.38 GB	Jake.Vanderplas, bgranger, binste, ...3 more
pypi/anyio@4.0.0	environment, eval, filesystem, network, shell, unsafe	+810	4.61 GB	Thomas.Grainger, agronholm, njs, ...1 more
pypi/argon2-cffi-bindings@21.2.0	environment, unsafe	0	4.03 MB	hynek
pypi/argon2-cffi@23.1.0	environment	0	136 kB	hynek
pypi/asttokens@2.4.0	environment, eval, network Transitive: filesystem, shell, unsafe	+769	4.26 GB	alexmojaki, dsagal
pypi/async-lru@2.0.4	None	0	49.2 kB	Andrew.Svetlov, hellysmile
pypi/attrs@23.1.0	environment, eval, filesystem, shell, unsafe Transitive: network	+832	4.33 GB	hynek
pypi/babel@2.13.0	environment, eval, filesystem, shell, unsafe Transitive: network	+769	4.29 GB	akx, babel, cmlenz, ...2 more
pypi/beautifulsoup4@4.12.2	environment, eval, filesystem, network, unsafe	0	1.87 MB	leonard
pypi/bitsandbytes@0.43.0	environment, eval, filesystem, network, shell, unsafe	0	304 MB	Titus-von-Koeller, timdettmers
pypi/bleach@6.1.0	environment, eval, filesystem	0	871 kB	gguthe-moz, willhelm
pypi/blinker@1.6.3	unsafe	0	80.8 kB
pypi/bokeh@3.3.0	environment, eval, filesystem, network, shell	0	31.2 MB	bigreddot, ianthomas23
pypi/boltons@23.0.0	environment, eval, filesystem, network	0	684 kB	mahmoud
pypi/bottleneck@1.3.7	environment, eval, filesystem, shell, unsafe Transitive: network	+769	4.26 GB	RdB91, kwgoodman, qwhelan
pypi/certipy@0.1.3	filesystem Transitive: environment, eval, network, shell, unsafe	+767	4.26 GB	tgmachina
pypi/cffi@1.16.0	environment, eval, filesystem, network, shell, unsafe	0	2.15 MB	Armin.Rigo, alexgaynor, fijal, ...5 more
pypi/charset-normalizer@3.3.0	environment, eval, filesystem Transitive: network, shell, unsafe	+830	4.35 GB	Ousret
pypi/click@8.1.7	environment, eval, filesystem, network, shell	0	923 kB
pypi/cloudpickle@3.0.0	environment, unsafe	0	69.9 kB	Kyle.Kelley, antoine, holdenk, ...6 more
pypi/comm@0.1.4	filesystem	0	19.5 kB	jasongrout, martinRenou, mbussonn
pypi/conda-package-handling@2.2.0	environment, filesystem, shell Transitive: eval, network, unsafe	+775	4.27 GB	jezdez, joeforker
pypi/conda-package-streaming@0.9.0	filesystem, network Transitive: environment, eval, shell, unsafe	+772	4.26 GB	joeforker
pypi/contourpy@1.1.1	environment, eval, filesystem, shell, unsafe	0	16.1 MB	ianthomas23
pypi/cryptography@41.0.4	environment, eval, filesystem, network, shell, unsafe	+836	4.62 GB	reaperhulk
pypi/ctranslate2@4.1.0	filesystem	0	131 MB	guillaumekln, natsegal, nguyendc
pypi/cycler@0.12.1	Transitive: environment, eval, filesystem, network, shell, unsafe	+769	4.26 GB	QuLogic, matthew.brett, mdboom2
pypi/cython@3.0.4	environment, eval, filesystem, network, shell, unsafe	0	12 MB	matthew.brett, robertwb, scoder
pypi/cytoolz@0.12.2	environment, eval, filesystem, shell, unsafe	0	9.13 MB	eriknw
pypi/dask@2023.10.0	environment, eval, filesystem, network, shell, unsafe	+771	4.27 GB	fjetter, jacob.tomlinson, jakirkham, ...5 more
pypi/debugpy@1.8.0	environment, eval, filesystem, network, shell, unsafe	0	25.5 MB	int19h, kanadig, microsoft
pypi/decorator@5.1.1	eval, filesystem	0	116 kB	micheles
pypi/distributed@2023.10.0	environment, eval, filesystem, network, shell, unsafe	0	3.89 MB	fjetter, jacob.tomlinson, jakirkham, ...5 more
pypi/entrypoints@0.4	None	0	39.3 kB	takowl
pypi/et-xmlfile@1.1.0	filesystem	0	9.95 kB	CharlieX
pypi/exceptiongroup@1.1.3	environment, eval Transitive: filesystem, network, shell, unsafe	+767	4.26 GB
pypi/executing@1.2.0	environment, eval, filesystem, network Transitive: shell, unsafe	+768	4.27 GB	15r10nk, alexmojaki
pypi/fastjsonschema@2.18.1	eval, filesystem, network	0	4.53 MB	horejsek
pypi/filelock@3.13.1	unsafe	0	57.2 kB	benediktschmitt
pypi/fonttools@4.43.1	environment, eval, filesystem, network, shell, unsafe	+1081	5.62 GB	anthrotype, davelab6, just, ...3 more
pypi/frozenlist@1.4.0	environment, filesystem, unsafe	0	946 kB	Andrew.Svetlov, mj, webknjaz
pypi/fsspec@2023.9.2	environment, eval, filesystem, network, shell, unsafe	+1177	6.57 GB	mdurant, tomaugspurger
pypi/gitdb@4.0.11	environment, filesystem	0	545 kB	ByronBates, mtrier
pypi/gitpython@3.1.40	environment, eval, filesystem, network, shell Transitive: unsafe	+801	4.36 GB	ByronBates, mtrier
pypi/gmpy2@2.1.2	eval, filesystem, unsafe	0	7.3 MB	casevh
pypi/greenlet@3.0.0	environment, filesystem, shell, unsafe Transitive: eval, network	+771	4.26 GB	JaredKuolt, ambroff, bob, ...6 more
pypi/h5py@3.10.0	environment, eval, filesystem, shell, unsafe	0	35.3 MB	Thomas.Caswell, matthew.brett, scopatz, ...1 more
pypi/huggingface-hub@0.21.4	environment, eval, filesystem, network, shell, unsafe	+921	5.19 GB	Thomwolf, Wauplin, chaumond, ...1 more
pypi/idna@3.4	filesystem, network	0	1.06 MB	kjd
pypi/imagecodecs@2023.9.18	environment, filesystem, unsafe	0	129 MB	cgohlke
pypi/imageio@2.31.5	environment, eval, filesystem, network, shell Transitive: unsafe	+871	8.02 GB	Almar, FirefoxMetzger
pypi/importlib-metadata@6.8.0	environment, filesystem, unsafe Transitive: eval, network, shell	+1364	4.93 GB	barry, brettcannon, jaraco
pypi/importlib-resources@6.1.0	filesystem Transitive: environment, eval, network, shell, unsafe	+767	4.26 GB	barry, brettcannon, jaraco
pypi/ipykernel@6.25.2	environment, eval, filesystem, network, shell, unsafe	+774	4.27 GB	Kyle.Kelley, Sylvain.Corlay, bgranger, ...5 more
pypi/ipympl@0.9.3	eval, network Transitive: environment, filesystem, shell, unsafe	+769	4.26 GB	Sylvain.Corlay, blink1073, ianhi, ...1 more
pypi/ipython@8.16.1	environment, eval, filesystem, network, shell, unsafe	+813	4.94 GB	bgranger, fperez, ivanov, ...2 more
pypi/ipywidgets@8.1.1	environment, filesystem Transitive: eval, network, shell, unsafe	+767	4.26 GB	Jonathan.Frederic, Sylvain.Corlay, bgranger, ...8 more
pypi/jedi@0.19.1	environment, eval, filesystem, network, shell, unsafe	+791	4.36 GB	David.Halter
pypi/jinja2@3.1.2	environment, eval, filesystem, unsafe	0	986 kB
pypi/joblib@1.3.2	environment, eval, filesystem, network, shell, unsafe	0	11.6 MB	GaelVaroquaux, lesteve, ogrisel, ...1 more
pypi/json5@0.9.14	filesystem Transitive: environment, eval, network, shell	+2	3.01 MB	dpranke
pypi/jsonpatch@1.33	filesystem	0	108 kB	skoegl
pypi/jsonschema-specifications@2023.7.1	environment, filesystem	0	60.4 kB
pypi/jsonschema@4.19.1	environment, filesystem, network, shell	+2	3.1 MB
pypi/jupyter-client@8.4.0	environment, eval, filesystem, network, shell, unsafe	+776	4.26 GB	Kyle.Kelley, MSeal, Sylvain.Corlay, ...9 more
pypi/jupyter-core@5.4.0	environment, eval, filesystem, network, shell	0	393 kB	Kyle.Kelley, MSeal, bgranger, ...10 more
pypi/jupyter-events@0.8.0	environment, filesystem	0	161 kB	zsailer
pypi/jupyter-lsp@2.2.0	environment, filesystem, network, shell	0	195 kB	krassowski
pypi/jupyter-pluto-proxy@0.1.2	filesystem	0	10 kB	yuvipanda
pypi/jupyter-server-mathjax@0.2.6	environment, eval, filesystem, network Transitive: shell, unsafe	+767	4.27 GB	vidartf, zsailer
pypi/jupyter-server-proxy@4.1.0	environment, eval, filesystem, network, shell	0	345 kB	betatim, consideRatio, irose, ...4 more
pypi/jupyter-server-terminals@0.4.4	environment, filesystem, network	0	106 kB	zsailer
pypi/jupyter-server@2.8.0	environment, eval, filesystem, network, shell	0	2.74 MB	Sylvain.Corlay, darian, datalayer, ...5 more
pypi/jupyter-telemetry@0.1.0	eval, filesystem Transitive: environment, network, shell, unsafe	+77	104 MB	blink1073, yuvipanda, zsailer
pypi/jupyterhub@4.0.2	environment, eval, filesystem, network, shell Transitive: unsafe	+776	4.82 GB	betatim, choldgraf, consideRatio, ...3 more
pypi/jupyterlab-git@0.41.0	environment, eval, filesystem, network, shell Transitive: unsafe	+802	4.38 GB
pypi/jupyterlab-pygments@0.2.2	eval, network	0	335 kB
pypi/jupyterlab-server@2.25.0	environment, filesystem, network, shell	0	333 kB
pypi/jupyterlab-widgets@3.0.9	environment, eval, filesystem, network	0	728 kB	Sylvain.Corlay, bgranger, fperez, ...5 more
pypi/jupyterlab@4.0.7	environment, eval, filesystem, network, shell	0	30.5 MB
pypi/kiwisolver@1.4.5	environment, shell, unsafe	0	8.47 MB	mdartiailh, sccolbert
pypi/lazy-loader@0.3	environment, eval, filesystem Transitive: network, shell, unsafe	+767	4.26 GB	jarrodmillman, tupui
pypi/llvmlite@0.40.1	environment, filesystem, shell, unsafe	0	129 MB	Siu.Kwan.Lam, esc, seibert
pypi/locket@1.0.0	filesystem	0	15.7 kB	michaelwilliamson
pypi/loralib@0.1.2	filesystem	0	61.5 kB	edwardjhu
pypi/lz4@4.3.2	environment, filesystem, unsafe Transitive: eval, network, shell	+769	4.27 GB	jgu, smorin
pypi/mako@1.2.4	environment, eval, filesystem, network	0	2.26 MB	CaselIT, bourke
pypi/markupsafe@2.1.3	environment, unsafe	0	142 kB
pypi/matplotlib-inline@0.1.6	network	0	24.8 kB	Sylvain.Corlay, fperez, martinRenou, ...1 more
pypi/matplotlib@3.8.0	environment, eval, filesystem, network, shell, unsafe	0	67.1 MB	ivanov, matthew.brett, mdboom2
pypi/mistune@3.0.1	filesystem	0	432 kB	lepture
pypi/mpmath@1.3.0	environment, eval, filesystem, network, unsafe Transitive: shell	+770	4.26 GB	fredrik
pypi/msgpack@1.0.6	environment, unsafe	0	2.54 MB	naoki
pypi/multidict@6.0.4	environment, filesystem, unsafe	0	621 kB	Andrew.Svetlov, webknjaz
pypi/munkres@1.1.4	environment, shell	0	44.2 kB	bmc
pypi/nbclassic@1.0.0	environment, eval, filesystem, network, shell Transitive: unsafe	+796	4.86 GB	RRosio, darian, datalayer, ...5 more
pypi/nbclient@0.8.0	environment, filesystem, shell Transitive: eval, network, unsafe	+804	4.46 GB	MSeal, Sylvain.Corlay, davidbrochart
pypi/nbconvert@7.9.2	environment, eval, filesystem, network, shell Transitive: unsafe	+892	4.45 GB	Kyle.Kelley, MSeal, Sylvain.Corlay, ...11 more
pypi/nbdime@3.2.1	environment, eval, filesystem, network, shell Transitive: unsafe	+779	4.29 GB	bgranger, fperez, mbussonn, ...3 more
pypi/nbformat@5.9.2	environment, filesystem, network, shell Transitive: eval, unsafe	+773	4.26 GB	Kyle.Kelley, MSeal, Sylvain.Corlay, ...10 more
pypi/nest-asyncio@1.5.8	None	0	21.2 kB	erdewit
pypi/networkx@3.2	environment, eval, filesystem, shell, unsafe Transitive: network	+1182	5.02 GB	MridulS, dschult, hagberg, ...2 more
pypi/notebook-shim@0.2.3	environment	0	48.7 kB	datalayer, jtp, zsailer
pypi/notebook@7.0.6	environment, eval, filesystem, network, shell Transitive: unsafe	+779	4.32 GB	Kyle.Kelley, RRosio, bgranger, ...15 more
pypi/numba@0.57.1	environment, eval, filesystem, network, shell, unsafe	0	14.3 MB	Siu.Kwan.Lam, esc, seibert, ...1 more
pypi/numexpr@2.8.7	environment, eval, filesystem, shell, unsafe	0	4 MB	andreabedini, falted, matthew.brett, ...1 more
pypi/numpy@1.24.4	environment, eval, filesystem, network, shell, unsafe	0	98 MB	charlesr.harris, matthew.brett, mattip, ...2 more
pypi/nvidia-cublas-cu12@12.1.3.1	unsafe	0	638 MB	nvidia
pypi/nvidia-cuda-cupti-cu12@12.1.105	shell, unsafe	0	45.4 MB	nvidia
pypi/nvidia-cuda-nvrtc-cu12@12.1.105	unsafe	0	63.8 MB	nvidia
pypi/nvidia-cuda-runtime-cu12@12.1.105	shell, unsafe	0	4.21 MB	nvidia
pypi/nvidia-cudnn-cu12@8.9.2.26	unsafe	0	1.18 GB	nvidia
pypi/nvidia-cufft-cu12@11.0.2.54	unsafe	0	194 MB	nvidia
pypi/nvidia-curand-cu12@10.3.2.106	unsafe	0	98.8 MB	nvidia
pypi/nvidia-cusolver-cu12@11.4.5.107	unsafe	0	195 MB	nvidia
pypi/nvidia-cusparse-cu12@12.1.0.106	unsafe	0	265 MB	nvidia
pypi/nvidia-nccl-cu12@2.19.3	None	0	219 MB	nvidia
pypi/nvidia-nvjitlink-cu12@12.4.99	None	0	368 MB	nvidia
pypi/nvidia-nvtx-cu12@12.1.105	unsafe	0	417 kB	nvidia
pypi/openpyxl@3.1.2	environment, filesystem, network	0	865 kB	CharlieX, eric.gazoni
pypi/overrides@7.4.0	filesystem Transitive: environment, eval, shell, unsafe	+3	669 kB	mkorpela, robotframework
pypi/packaging@23.2	environment, eval, filesystem, shell	0	2.39 MB	brettcannon, dstufft, pf_moore, ...1 more
pypi/pamela@1.1.0	environment, eval, filesystem	0	24.3 kB	minrk
pypi/pandas@2.1.1	environment, eval, filesystem, network, shell, unsafe	+767	4.28 GB	MarcoGorelli, datapythonista, jbrockmendel, ...8 more
pypi/parso@0.8.3	environment, eval, filesystem, shell, unsafe Transitive: network	+767	4.26 GB	David.Halter
pypi/partd@1.4.1	eval, filesystem, network, shell, unsafe Transitive: environment	+33	174 MB	jcrist, jrbourbeau, mrocklin, ...1 more
pypi/patsy@0.5.3	environment, eval, filesystem, unsafe Transitive: network, shell	+767	4.26 GB	mister.wardrop, njs, tcapretto
pypi/pillow@10.1.0	environment, eval, filesystem, shell, unsafe Transitive: network	+788	4.34 GB	aclark, hugovk, radarhere, ...1 more
pypi/pip@23.3	environment, eval, filesystem, network, shell	0	7.78 MB	acsbidoul, dstufft, pf_moore, ...3 more
pypi/pkgutil-resolve-name@1.3.10	None	0	11.2 kB	Thomas.Grainger
pypi/platformdirs@3.11.0	environment, shell	0	116 kB	Julian, Ofekmeister, ronny
pypi/pluggy@1.3.0	environment, filesystem, network, shell Transitive: eval, unsafe	+767	4.26 GB	The_Compiler, flub, goodboy, ...3 more
pypi/prometheus-client@0.17.1	environment, eval, filesystem, network Transitive: shell, unsafe	+2	27.9 MB	beorn7, csmarchbanks
pypi/prompt-toolkit@3.0.39	environment, eval, filesystem, network, shell	0	1.78 MB	jonathan.slenders
pypi/protobuf@4.24.3	environment, eval, filesystem, unsafe	0	2.6 MB	protobuf-packages
pypi/psutil@5.9.5	environment, eval, filesystem, network, shell, unsafe	+790	4.54 GB	billiejoex, giampaolo.rodola
pypi/pyarrow@13.0.0	environment, eval, filesystem, network, shell, unsafe	0	134 MB	Charles.Cloud, cutlerb, jorgecarleitao, ...6 more
pypi/pycosat@0.6.6	filesystem, shell, unsafe	0	277 kB	ilanschnell, joeforker, mcg1969
pypi/pycparser@2.21	environment, eval, filesystem, shell, unsafe	0	876 kB	eliben
pypi/pycurl@7.45.1	environment, eval, filesystem, network, shell, unsafe	0	947 kB	kjetilja, mfx, olegp, ...1 more
pypi/pygments@2.16.1	environment, eval, filesystem, network, shell, unsafe	0	43.1 MB	Anteru, gbrandl, mitsuhiko
pypi/pyopenssl@23.2.0	environment, filesystem, network, shell Transitive: eval, unsafe	+771	4.26 GB	exarkun, hynek, reaperhulk
pypi/pyparsing@3.1.1	environment, eval, filesystem, unsafe	+2	2.61 MB	ptmcg
pypi/pywavelets@1.4.1	environment, eval, filesystem, shell, unsafe	0	18.8 MB	aaren, fwasilew, grlee77, ...3 more
pypi/pyyaml@6.0.1	environment, eval, filesystem, network, unsafe	0	3.4 MB	ingy, nitzmahone, tinita
pypi/pyzmq@25.1.1	environment, eval, filesystem, network, shell, unsafe	0	8.02 MB	bgranger, minrk
pypi/referencing@0.30.2	environment, filesystem	0	272 kB
pypi/regex@2023.12.25	eval, filesystem, unsafe	0	3.48 MB	mrabarnett
pypi/rpds-py@0.10.6	filesystem	0	6.88 MB	Julian
pypi/rpy2@3.5.11	environment, eval, filesystem, network, shell, unsafe	0	1.25 MB	lgautier
pypi/safetensors@0.4.2	filesystem, unsafe Transitive: environment, eval, network, shell	+1730	57 GB	McPotato, Nicolas.Patry, Wauplin, ...1 more
pypi/scikit-image@0.22.0	environment, eval, filesystem, network, shell, unsafe	0	33.3 MB	Emmanuelle, grlee77, hmaarrfk, ...4 more
pypi/scikit-learn@1.3.1	environment, eval, filesystem, network, shell, unsafe	+924	5.11 GB	GaelVaroquaux, adrin, glemaitre, ...5 more
pypi/scipy@1.11.3	environment, eval, filesystem, network, shell, unsafe	0	196 MB	matthew.brett, pv, rgommers, ...3 more
pypi/seaborn@0.13.0	environment, eval, filesystem Transitive: network, shell, unsafe	+797	4.27 GB	mwaskom
pypi/send2trash@1.8.2	environment, filesystem, network Transitive: eval, shell, unsafe	+28	427 MB	arsenetar, hsoft
pypi/sentry-sdk@1.43.0	environment, eval, filesystem, network, shell, unsafe	+2261	9.06 GB	getsentry, mitsuhiko
pypi/setuptools@68.2.2	environment, eval, filesystem, network, shell, unsafe	+1455	5.05 GB	abravalheri, dstufft, jaraco
pypi/simpervisor@1.0.0	environment, eval, network, shell	0	51.1 kB	consideRatio, jupyterhub-bot, minrk, ...1 more
pypi/simplegeneric@0.8.1	filesystem	0	33.7 kB	pje
pypi/sniffio@1.3.0	eval, filesystem	0	48.1 kB
pypi/soupsieve@2.5	eval, filesystem, unsafe	0	512 kB	facelessuser
pypi/sqlalchemy@2.0.22	environment, eval, filesystem, network, shell, unsafe	0	60.7 MB	CaselIT
pypi/stack-data@0.6.2	environment, eval Transitive: filesystem, network, shell, unsafe	+770	4.26 GB	15r10nk, alexmojaki
pypi/statsmodels@0.14.0	environment, eval, filesystem, network, shell, unsafe	+776	4.35 GB	Skipper.Seabold, bashtage, josefpktd, ...2 more
pypi/sympy@1.12	environment, eval, filesystem, shell, unsafe	0	27.5 MB	Aaron.Meurer, certik, oscarbenjamin
pypi/tables@3.9.1	environment, eval, filesystem, network, shell, unsafe	+789	4.46 GB	andreabedini, antonio.valentino, falted, ...4 more
pypi/tblib@2.0.0	environment, eval, shell, unsafe	0	123 kB	ionel
pypi/terminado@0.17.1	environment, eval, filesystem, network Transitive: shell, unsafe	+768	4.26 GB	darian, jasongrout, takowl
pypi/threadpoolctl@3.2.0	environment, eval, shell	0	129 kB	jeremiedbb, ogrisel, tommoral
pypi/tifffile@2023.9.26	environment, filesystem, shell, unsafe Transitive: eval, network	+158	1.79 GB	cgohlke
pypi/tokenizers@0.15.2	environment, filesystem, network, unsafe Transitive: eval, shell	+805	4.44 GB	ArthurZucker, McPotato, Nicolas.Patry, ...1 more
pypi/toolz@0.12.0	environment, eval, filesystem, shell, unsafe	0	274 kB	eigenhombre, eriknw, mrocklin
pypi/torch@2.2.1	environment, eval, filesystem, network, shell, unsafe	+822	6.47 GB	atalman, facebook, malfet, ...2 more
pypi/tqdm@4.66.1	environment, eval, filesystem, network, shell Transitive: unsafe	+845	4.3 GB	casper.dcl, tqdm
pypi/traitlets@5.11.2	environment, eval, filesystem, shell, unsafe Transitive: network	+767	4.26 GB	Jonathan.Frederic, Kyle.Kelley, Sylvain.Corlay, ...9 more
pypi/triton@2.2.0	environment, eval, filesystem, network, shell, unsafe	+788	5.89 GB	ptillet
pypi/truststore@0.8.0	environment, network	0	58.2 kB	SethMichaelLarson, davisagli
pypi/types-python-dateutil@2.8.19.14	None	0	27.2 kB	typeshed_bot
pypi/typing-extensions@4.8.0	environment, eval, filesystem, shell, unsafe	+3	914 kB	JelleZijlstra, guido, hauntsaninja, ...3 more
pypi/typing-utils@0.1.0	filesystem Transitive: environment, eval, network, shell, unsafe	+767	4.26 GB	bojiang
pypi/tzdata@2023.3	filesystem	0	583 kB	belopolsky, pganssle
pypi/tzlocal@5.1	environment, filesystem, network, shell Transitive: eval, unsafe	+820	4.37 GB	agronholm, regebro
pypi/urllib3@2.0.7	environment, eval, filesystem, network, shell, unsafe	+77	135 MB	SethMichaelLarson, shazow
pypi/wandb@0.16.4	environment, eval, filesystem, network, shell, unsafe	+1453	8.76 GB	KyleWandb, benwandb, dannygoldstein, ...4 more
pypi/wcwidth@0.2.8	environment, filesystem, network, shell Transitive: eval, unsafe	+769	4.26 GB	jquast
pypi/websocket-client@1.6.4	environment, eval, filesystem, network Transitive: shell, unsafe	+902	4.4 GB	engin33r, liris, ukwksk
pypi/wheel@0.41.2	environment, eval, filesystem, shell, unsafe Transitive: network	+767	4.26 GB	agronholm, joeforker, natefoo
pypi/widgetsnbextension@4.0.9	environment, eval, filesystem, network	0	10 MB	Jonathan.Frederic, Sylvain.Corlay, itayd, ...3 more
pypi/xlrd@2.0.1	filesystem Transitive: environment, eval, network, shell, unsafe	+767	4.26 GB	carthorse-python-excel, chrisw, sjmachin
pypi/xyzservices@2023.10.0	environment, filesystem, network	0	1.81 MB	darribas, martinfleis
pypi/yarl@1.9.2	environment, unsafe	0	1.06 MB	Andrew.Svetlov, webknjaz
pypi/zict@3.0.0	filesystem, unsafe	0	135 kB	jrbourbeau, mrocklin
pypi/zipp@3.17.0	eval, filesystem, unsafe Transitive: environment, network, shell	+774	4.26 GB	jaraco
pypi/zstandard@0.21.0	environment, eval, filesystem, shell, unsafe	0	11.5 MB	indygreg

View full report↗︎

[socket-security[bot]]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source
CVE	pypi/jupyter-lsp@2.2.0	CVE: GHSA-4qhp-652w-c22x Unsecured endpoints in the jupyter-lsp server extension (HIGH) Affected versions: <= 2.2.1 Patched version: 2.2.2	colabs/llm-finetuning-handson/requirements.txt
Critical CVE	pypi/pyarrow@13.0.0	CVE: GHSA-5wvp-7f3h-6wmm PyArrow: Arbitrary code execution when loading a malicious data file (CRITICAL) Affected versions: >= 0.14.0, < 14.0.1 Patched version: 14.0.1	colabs/llm-finetuning-handson/requirements.txt
CVE	pypi/cryptography@41.0.4	CVE: GHSA-6vqw-3v5j-54x4 cryptography NULL pointer dereference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override (HIGH) Affected versions: >= 38.0.0, < 42.0.4 Patched version: 42.0.4	colabs/llm-finetuning-handson/requirements.txt
CVE	pypi/cryptography@41.0.4	CVE: GHSA-3ww4-gg4f-jr7f Python Cryptography package vulnerable to Bleichenbacher timing oracle attack (HIGH) Affected versions: < 42.0.0 Patched version: 42.0.0	colabs/llm-finetuning-handson/requirements.txt
CVE	pypi/aiohttp@3.8.6	CVE: GHSA-q3qx-c6g2-7pw2 aiohttp's ClientSession is vulnerable to CRLF injection via version (HIGH) Affected versions: < 3.9.0 Patched version: 3.9.0	colabs/llm-finetuning-handson/requirements.txt
CVE	pypi/jupyterlab@4.0.7	CVE: GHSA-44cc-43rp-5947 JupyterLab vulnerable to potential authentication and CSRF tokens leak (HIGH) Affected versions: >= 4.0.0, <= 4.0.10 Patched version: 4.0.11	colabs/llm-finetuning-handson/requirements.txt
CVE	pypi/notebook@7.0.6	CVE: GHSA-44cc-43rp-5947 JupyterLab vulnerable to potential authentication and CSRF tokens leak (HIGH) Affected versions: >= 7.0.0, <= 7.0.6 Patched version: 7.0.7	colabs/llm-finetuning-handson/requirements.txt
CVE	pypi/jupyterhub@4.0.2	CVE: GHSA-7r3h-4ph8-w38g Cross site scripting (XSS) in JupyterHub via Self-XSS leveraged by Cookie Tossing (HIGH) Affected versions: < 4.1.0 Patched version: 4.1.0	colabs/llm-finetuning-handson/requirements.txt
Critical CVE	pypi/jupyter-server-proxy@4.1.0	CVE: GHSA-w3vc-fx9p-wp4v Jupyter Server Proxy's Websocket Proxying does not require authentication (CRITICAL) Affected versions: >= 4.0.0, < 4.1.1 Patched version: 4.1.1	colabs/llm-finetuning-handson/requirements.txt

View full report↗︎

Next steps

What is a CVE?

Contains a high severity Common Vulnerability and Exposure (CVE).

Remove or replace dependencies that include known high severity CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies.

What is a critical CVE?

Contains a Critical Common Vulnerability and Exposure (CVE).

Remove or replace dependencies that include known critical CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore pypi/jupyter-lsp@2.2.0
• @SocketSecurity ignore pypi/pyarrow@13.0.0
• @SocketSecurity ignore pypi/cryptography@41.0.4
• @SocketSecurity ignore pypi/aiohttp@3.8.6
• @SocketSecurity ignore pypi/jupyterlab@4.0.7
• @SocketSecurity ignore pypi/notebook@7.0.6
• @SocketSecurity ignore pypi/jupyterhub@4.0.2
• @SocketSecurity ignore pypi/jupyter-server-proxy@4.1.0