UV Security fixes

[ktangsali]

PhysicsNeMo Pull Request

Description

Checklist

• I am familiar with the Contributing Guidelines.
• New or existing tests cover these changes.
• The documentation is up to date with these changes.
• The CHANGELOG.md is up to date with these changes.
• An issue is linked to this pull request.
• If I am implementing a new model or modifying any existing model, I have followed the Models Implementation Coding Standards.

Dependencies

Review Process

All PRs are reviewed by the PhysicsNeMo team before merging.

Depending on which files are changed, GitHub may automatically assign a maintainer for review.

We are also testing AI-based code review tools (e.g., Greptile), which may add automated comments with a confidence score.
This score reflects the AI’s assessment of merge readiness and is not a qualitative judgment of your work, nor is
it an indication that the PR will be accepted / rejected.

AI-generated feedback should be reviewed critically for usefulness.
You are not required to respond to every AI comment, but they are intended to help both authors and reviewers.
Please react to Greptile comments with 👍 or 👎 to provide feedback on their accuracy.

[copy-pr-bot]

This pull request requires additional validation before any workflows can run on NVIDIA's runners.

Pull request vetters can view their responsibilities here.

Contributors can view more details about this message here.

[greptile-apps]

Greptile Summary

This PR performs a sweep of dependency security fixes across the repository: uv is bumped to 0.11.14 (GHSA-82j2-j2ch-gfr8), GitPython to >=3.1.49, urllib3 to >=2.7.0 (CVE-2026-44432), mlflow to >=3.11.0, gdown to >=5.2.2, pillow to >=12.2.0, and the PyTorch floor is raised to >=2.10.0 (CVE-2025-32434 / CVE-2026-24747).

• Dockerfile & uv.lock: uv, GitPython, and urllib3 are updated to patched versions; the lock file is consistently regenerated.
• pyproject.toml: torch/torchvision floors raised to 2.10.0/0.25.0; urllib3>=2.7.0 added as a direct dependency to force the transitive CVE fix into all consumers.
• requirements.txt files (22 examples): mlflow, gdown, pillow, pyarrow lower bounds raised for security; TensorFlow removed from sintering_physics managed deps and documented as a manual install in the README.

Important Files Changed

Filename	Overview
Dockerfile	Bumps uv from 0.10.3 to 0.11.14 to pick up the rustls-webpki GHSA-82j2-j2ch-gfr8 fix; change is safe.
pyproject.toml	Raises torch floor to >=2.10.0, torchvision to >=0.25.0, GitPython to >=3.1.49, adds urllib3>=2.7.0 as a direct dep (transitive CVE workaround), and pins mlflow>=3.11.0 in utils-extras.
uv.lock	Lock file updated to reflect gitpython 3.1.50, urllib3 2.7.0, and mlflow>=3.11.0 across all extras; consistent with pyproject.toml changes.
examples/reservoir_simulation/xmgn/requirements.txt	Unpins torch (==2.4.0 → >=2.10.0) and updates PyG find-links URL to torch-2.10.0+cu128, but the open-ended torch constraint means torch 2.11+ could be installed while only 2.10.0 PyG wheels are available, causing extension install failures.
examples/additive_manufacturing/sintering_physics/requirements.txt	Removes tensorflow from requirements.txt; the README now documents it as a manual install step to avoid pulling it into the managed dependency graph.
examples/additive_manufacturing/sintering_physics/README.md	Adds explicit pip install instructions for requirements.txt and documents TensorFlow as a separate manual install with version bounds.
examples/cfd/flow_reconstruction_diffusion/requirements.txt	Bumps pillow from >=10.3.0 to >=12.2.0 for security fixes; straightforward version floor raise.
examples/cfd/external_aerodynamics/globe/airfrans/requirements.txt	Changes mlflow from compatible-release ~=3.10.0 to open-ended >=3.11.0; relaxes the upper bound but ensures security fix version is met.

Comments Outside Diff (2)

1. examples/reservoir_simulation/xmgn/requirements.txt, line 7-10 (link)

   PyG wheel URL pinned to torch 2.10.0 while torch is open-ended

   The --find-links page at data.pyg.org/whl/torch-2.10.0+cu128.html only lists wheels built against torch 2.10.0 (e.g. torch_scatter-*+pt210cu128-*.whl). If torch>=2.10.0 resolves to 2.11+ (which satisfies the constraint), pip/uv will find no compatible prebuilt wheels for torch-scatter, torch-sparse, etc. and the install will fail. The previous file pinned torch==2.4.0 to exactly match the find-links URL; the same discipline is needed here — either pin torch==2.10.0 or add a matching find-links URL for every torch version you wish to support.

2. pyproject.toml, line 33-35 (link)

   urllib3 pinned as a direct dependency to address a transitive CVE

   urllib3 is a transitive dependency (pulled in by requests, botocore, etc.) and is not used directly by nvidia-physicsnemo. Declaring it as a first-class project dependency so that the resolver picks up a minimum version is a common workaround, but it exports urllib3 as a formal public dependency of the library, which could surprise downstream consumers who have their own version constraints. A lighter alternative for a library is to note the advisory in the security policy or changelog and leave the transitive pin to application-layer uv.lock/pip-tools lockfiles instead of pyproject.toml.

   Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!

_{Reviews (1): Last reviewed commit: "Merge branch '2.1.0-rc' into security-fi..." | Re-trigger Greptile}