Skip to content

[AAASM-4169] 📝 (deps): Document dev-only accepted-risk for nltk Dependabot #27#218

Merged
Chisanan232 merged 1 commit into
masterfrom
v0.0.1/AAASM-4169/nltk_dependabot_high
Jul 5, 2026
Merged

[AAASM-4169] 📝 (deps): Document dev-only accepted-risk for nltk Dependabot #27#218
Chisanan232 merged 1 commit into
masterfrom
v0.0.1/AAASM-4169/nltk_dependabot_high

Conversation

@Chisanan232

Copy link
Copy Markdown
Contributor

Description

Resolves the outcome for Dependabot alert #27 (HIGH)nltk <=3.9.4 URL-encoded path traversal in nltk.data.load() (first_patched_version: none).

Path chosen: documented accepted-risk (no lock/runtime change).

I first attempted the real fix: uv lock --upgrade-package llama-index-core (0.14.22 → 0.14.23) and uv lock --upgrade-package nltk. Neither drops the vulnerable nltk — 3.9.4 is the latest release on PyPI and no patched version exists, and the newer llama-index-core still pulls the same nltk edge. The llama-index bump alone fixes nothing, so I reverted the lock churn to keep this change minimal.

This PR instead documents the accepted-risk with an inline # AAASM-4169: comment next to the existing llama-index-core pin in pyproject.toml, mirroring the established AAASM-*: dev/test-only comment pattern.

Why this is not runtime-exploitable

  • nltk enters uv.lock only transitively via llama-index-core, which is declared in [dependency-groups].testnot in runtime [project].dependencies (pydantic/httpx/typing-extensions/grpcio/protobuf only).
  • Not in the published wheel's install-requires.
  • Never imported anywhere in agent_assembly/ (grep import nltk → zero). Present solely for importorskip-guarded LlamaIndex integration tests in CI.
  • The vulnerable nltk.data.load code path is never invoked by the SDK or its tests.

Type of Change

  • 📚 Documentation update

Breaking Changes

  • No

No change to runtime [project].dependencies; no change to uv.lock.

Related Issues

Testing

  • No tests required (comment-only change to pyproject.toml)

Validation on this branch:

  • uv sync — clean; uv.lock unchanged (uv-lock pre-commit hook passed).
  • .venv/bin/python -m pytest test/750 passed, 17 skipped, 1 rerun (skips pre-existing: native _core not built, optional frameworks absent).
  • .venv/bin/mypy agent_assembly — 4 pre-existing baseline errors only (agent_assembly._core import-not-found ×3, grpc missing-stubs ×1); pre-commit mypy hook runs with --ignore-missing-imports and passes.

Recommended follow-up (engineer's call — not done in this PR)

Dismiss Dependabot alert #27 as dev/test-only. I did not auto-dismiss it. To dismiss:

gh api -X PATCH repos/ai-agent-assembly/python-sdk/dependabot/alerts/27 \
  -f state=dismissed -f dismissed_reason=tolerable_risk \
  -f dismissed_comment='Dev/test-only transitive via llama-index-core; not in runtime [project].dependencies or the published wheel; nltk.data.load never invoked by the SDK; no upstream patch (3.9.4 is latest, first_patched_version: none). Tracked in AAASM-4169.'

Checklist

  • Code follows project style guidelines
  • Self-review completed
  • Comments added for complex logic
  • Documentation updated if needed
  • All tests passing

🤖 Generated with Claude Code

nltk <=3.9.4 (Dependabot #27, HIGH) enters uv.lock only transitively via
llama-index-core, a dev/test-only dependency. It is never in runtime
[project].dependencies nor the published wheel, is never imported by
agent_assembly/, and the vulnerable nltk.data.load path is never invoked.
No upstream fix exists (3.9.4 is the latest release; first_patched_version:
none), so no lock upgrade removes it. Document the accepted-risk near the
llama-index-core pin; recommend Dependabot #27 dismissal as dev/test-only.

refs AAASM-4169
@codecov

codecov Bot commented Jul 5, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

@Chisanan232

Copy link
Copy Markdown
Contributor Author

Claude Code review — AAASM-4169

Verdict: approve-ready (comment-only; Pioneer sign-off yours).

  • CI: No red. Only codecov/sonarcloud finish steps pending (acceptance gates — ignorable per policy). MERGEABLE.
  • Scope: Matches ticket. Real lock remediation was attempted first and confirmed impossible — nltk 3.9.4 is the latest PyPI release (first_patched_version: none); uv lock --upgrade-package llama-index-core bumps 0.14.22→0.14.23 but keeps nltk 3.9.4. Fallback (documented accepted-risk) is the correct outcome.
  • Side-effects: None — diff is pyproject.toml comment-only (+8 lines next to the dev-group llama-index-core pin). No runtime [project].dependencies change, no uv.lock change (verified byte-unchanged). 750 tests pass.
  • Rationale confirmed: nltk is transitive via llama-index-core, which is [dependency-groups].test (dev/test-only, not runtime, not in the published wheel); nltk.data.load is never invoked by the SDK. Real exploitability is low.
  • Recommended follow-up (engineer's call): dismiss Dependabot alert ⬆ Update mkdocstrings-python requirement from <2,>=1.10.0 to >=1.10.0,<3 #27 as tolerable_risk with the reason string in the PR body.

— Claude Code review

@sonarqubecloud

sonarqubecloud Bot commented Jul 5, 2026

Copy link
Copy Markdown

@Chisanan232 Chisanan232 merged commit 42f26df into master Jul 5, 2026
29 checks passed
@Chisanan232 Chisanan232 deleted the v0.0.1/AAASM-4169/nltk_dependabot_high branch July 5, 2026 14:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant