SDK-90: Upgrade trivy-action to @0.35.0 to fix vulnerability

[benglewis]

User description

Motivation

• Upgrade the Trivy GitHub Action to a patched release to resolve the reported vulnerability in older action versions.

Description

• Update .github/workflows/deploy-docker-image.yaml to use aquasecurity/trivy-action@0.35.0 while preserving the existing Trivy cache, DB repository, and scan configuration, and include feature tag SDK-90.

Testing

• Ran source .venv/bin/activate && ruff check . and source .venv/bin/activate && ruff format . --check which passed, parsed the updated workflow with python + yaml.safe_load successfully, and attempted pytest which failed to collect integration tests because required credentials (AWS_ACCESS_KEY, GCP_CREDENTIALS, HUGGINGFACE_ACCESS_TOKEN) are not set in this environment.

---

Codex Task

---

Generated description

Below is a concise technical summary of the changes proposed in this PR:
Upgrade the Trivy GitHub Action to aquasecurity/trivy-action@0.35.0 and tag the deploy workflow with SDK-90 while keeping the established cache, DB, and scan configuration. Raise the dependency floors (e.g., requests, transformers, pytest, uv, authlib, cryptography) and document the vulnerability process so that the dependency graph and vulnerability guide reflect the patched releases.

Topic	Details
Dependency hardening	Harden dependency policy by raising the floors of requests, transformers, pytest, uv, authlib, cryptography, and related packages in the dependency metadata and lockfile, codifying the update steps in VULNERABILITIES.md, and pointing the deploy workflow at aquasecurity/trivy-action@0.35.0 with the SDK-90 feature tag while preserving Trivy caching and configuration. Modified files (4) .github/workflows/deploy-docker-image.yaml VULNERABILITIES.md pyproject.toml uv.lock Latest Contributors(2) User Commit Date blewis@hirundo.io SDK-87: Migrate to `uv... February 11, 2026 github-actions[bot] v0.2.3.post2 (#210) February 05, 2026
LLM utility defaults	Improve LLM run handling by restricting target_utilities to CustomUtility instances with list defaults, and add regression tests that cover BiasRunInfo.to_run_info behavior as well as the Hugging Face pipeline loader for both text and multimodal runs via get_hf_pipeline_for_run_given_model. Modified files (3) hirundo/unlearning_llm.py tests/unlearning-llm/llm_pipeline_transformers_test.py tests/unlearning-llm/test_bias_run_info_utilities.py Latest Contributors(1) User Commit Date blewis@hirundo.io SDK-79: Add LLM behavi... February 04, 2026

This pull request is reviewed by Baz. Review like a pro on (Baz).

[baz-reviewer]

Spec Reviewer Report    📪 ✅

Checkout in Baz

The identified requirement is met for this ticket:

Upgrade trivy-action to @0.35.0 to fix vulnerability

1 met requirement

#	Requirement	Explanation
1	Use trivy-action @0.35.0 in workflow	The workflow now references aquasecurity/trivy-action@0.35.0 and still supplies the same TRIVY_DB_REPOSITORY, cache, and scan settings that preceded the change. evidence deploy-docker-image.yaml:88-97 shows new action version plus unchanged env/trivy-config input/cache/severity/timeout.

Note: Some optional integrations are missing, so it might not be possible to check some of the requirements.
For best results, make sure the following are integrated: Figma

---

Used resources:
Hash: 5a5183c | Ticket: link

To rerun the Spec Reviewer, comment "baz rerun spec review".

[ddishi]

👍

[ddishi]

LGTM :)

[mishana]

LGTM3

[baz-reviewer]

Since llm_pipeline_transformers_test.py doesn’t match the repo’s tests/test_*.py naming convention and there’s no pytest.ini/pyproject.toml python_files override, can we rename it to test_llm_pipeline_transformers.py?

_{Finding type: AI Coding Guidelines | Severity: 🟢 Low}

---

Prompt for AI Agents:

Before applying, verify this suggestion against the current code. In
tests/unlearning-llm/llm_pipeline_transformers_test.py around the module-level test
definitions, rename this test file to match the repo convention `test_*.py` (for
example, `tests/unlearning-llm/test_llm_pipeline_transformers.py`). After renaming,
search the repository for any references to the old filename (e.g., in documentation,
tooling, or CI scripts) and update them accordingly. Ensure pytest still discovers and
runs both existing test cases after the rename.

[baz-reviewer]

llm is a 3-character variable name in new test code, but AGENTS.md asks to avoid 1–3 character identifiers (no acronym exception is documented) — should we rename it to something descriptive like llm_model or model_under_test?

_{Finding type: AI Coding Guidelines | Severity: 🟢 Low}

---

Prompt for AI Agents:

Before applying, verify this suggestion against the current code. In
tests/unlearning-llm/llm_pipeline_transformers_test.py around lines 115-121, rename the
3-character variable `llm` to a descriptive name that complies with the repo rule (e.g.,
`llm_model` or `model_under_test`). Update all references in this test (including the
call to `get_hf_pipeline_for_run_given_model(llm, "run-123", ...)`) so the code still
behaves identically. Also scan the rest of the file for any other remaining `llm` usages
introduced by this hunk and rename them consistently.

[baz-reviewer]

AutoModelForImageTextToText is imported, but v5.0.0rc3 doesn’t export it from transformers.models.auto.modeling_auto, so with transformers>=5.0.0rc3 the test will fail on import instead of validating the multimodal branch—should we switch the test to the v5 loader or gate it on the supported API?

_{Finding type: Breaking Changes | Severity: 🟢 Low}

---

Prompt for AI Agents:

Before applying, verify this suggestion against the current code. In
tests/unlearning-llm/llm_pipeline_transformers_test.py around lines 174-240, in
test_multimodal_pipeline_uses_image_text_loader_when_model_type_matches, remove the
direct import of AutoModelForImageTextToText from transformers.models.auto.modeling_auto
(lines 200-203) since v5.0.0rc3 doesn’t export it and the test fails before
assertions. Refactor this test to use a loader/class that exists in v5 (e.g., pick the
appropriate AutoModel* loader supported for the multimodal mapping from
MODEL_FOR_IMAGE_TEXT_TO_TEXT_MAPPING_NAMES) or gate/skip the test when the required
symbol isn’t present (using hasattr/import guard) so the multimodal branch is still
validated when the API supports it.

[baz-reviewer]

Since hirundo[transformers] enforces transformers>=5.0.0rc3 but the pipeline still calls AutoModelForImageTextToText.from_pretrained, should we validate the right v5 multimodal loader API before bumping the minimum version?

_{Finding type: Breaking Changes | Severity: 🔴 High}

---

Prompt for AI Agents:

Before applying, verify this suggestion against the current code. In pyproject.toml
around lines 54-58 and in the model loading logic that builds the Hugging Face pipeline
(specifically `get_hf_pipeline_for_run_given_model()`), the transformers minimum bump to
>=5.0.0rc3 breaks multimodal handling because v5.0.0rc3 exposes
`MODEL_FOR_IMAGE_TEXT_TO_TEXT_MAPPING_NAMES` but `AutoModelForImageTextToText` may not
exist. Refactor the multimodal branch to detect the transformers API/feature before
calling the Auto class (e.g., check for the existence of the expected auto loader or use
the provided mapping name constants to select the correct loader), and add a clear
fallback/explicit error if the API isn’t available. After the change, add/adjust a
regression test that simulates multimodal image-text-to-text config loading under
transformers>=5.0.0rc3 to ensure the pipeline is created instead of crashing.

[ddishi]

LGTM :)
One small comment

[ddishi]

Probably by mistake :)

Suggested change

	"h11>=0.16.0",
	# ⬆️ Required to fix vulnerability GHSA-vqfr-h8mv-ghfj
	"requests>=2.33.0",
	# ⬆️ Required to fix vulnerability GHSA-vqfr-h8mv-ghfj
	# ⬆️ Required to fix vulnerability CVE-2026-25645
	"h11>=0.16.0",
	# ⬆️ Required to fix vulnerability GHSA-vqfr-h8mv-ghfj
	"requests>=2.33.0",
	# ⬆️ Required to fix vulnerability CVE-2026-25645

[eliran-hirundo]

LGTM