[smhx]

> So technically, if you are pulling the older version of pytorch-nightly (specifically 2.0.0.dev20221230), it will still pull that compromised dependency (because torch have explicit version lock to it).

All PyTorch nightlies with this dependency have been deleted

[shanipribadi]

@smhx are you sure? at the time of this comment, I was still able to download 2.0.0.dev20221230

  pip3 download torch==2.0.0.dev20221230+cpu --extra-index-url https://download.pytorch.org/whl/nightly/cpu

and on extracting the wheel, METADATA still have

  Requires-Dist: torchtriton (==2.0.0+0d7e753227) ; extra == 'dynamo'

The package dated 20221231 has pytorch-triton already (so should be safe now)

Although I guess this is low risk, because people normally would download nightlies without pinning to a particular version/date.

But in case there are people that does pin their version, and cache those vulnerable versions (locally or on their own proxies/private repositories), they could still be affected.

I recommend to get PyPA to yank the 2.0.0.dev20221230 version in pypi, and possibly amend the post to remind people to purge their caches not just on their local but also on their proxies/private repos/mirrors (mainly for the torchtriton package) and to immediately stop using any pytorch nightlies dated before Dec 31 2022 (mainly any pytorch nighlies that has a pin on torchtriton==2.0.0+0d7e753227, not just between 25 Dec to 30 Dec).

[smhx]

thanks for the heads-up, looks like we didn't yank the CPU wheels on those dates. will get to them in the next set of working hours, as its an unlikely scenario (not only do you have to install the wheel of a specific date, you also have to specify the undocumented feature flag [dynamo])