cve vulnerability on main

[dorotat-nv]

Description

Addressing CVE vulnerability GHSA-g4r7-86gm-pgqc
It is introduced in requirements_eval.txt (NeMo) by lm_eval package, which depends on sqlitedict (all versions have critical vulnerability).

Type of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Refactor
• Documentation update
• Other (please describe): vulnerability

CI Pipeline Configuration

Configure CI behavior by applying the relevant labels:

• SKIP_CI - Skip all continuous integration tests
• INCLUDE_NOTEBOOKS_TESTS - Execute notebook validation tests in pytest
• INCLUDE_SLOW_TESTS - Execute tests labelled as slow in pytest for extensive testing

Note

By default, the notebooks validation tests are skipped unless explicitly enabled.

Usage

TODO: Add code snippet

Pre-submit Checklist

• I have tested these changes locally
• I have updated the documentation accordingly
• I have added/updated tests as needed
• All existing tests pass successfully

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 85.93%. Comparing base (82bb20a) to head (3a06ea7).
⚠️ Report is 519 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #709   +/-   ##
=======================================
  Coverage   85.93%   85.93%           
=======================================
  Files         120      120           
  Lines        7310     7310           
=======================================
  Hits         6282     6282           
  Misses       1028     1028           

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[trvachov]

Thank you for proactive fixing this!