fix(deps): move optional onnx extra to 1.21.0rc3 for CVE-2026-28500 mitigation

[mldangelo-oai]

Summary

• bump the optional ONNX extra from the vulnerable 1.20.1 line to 1.21.0rc3 across exposed extras
• refresh the ONNX lock entry and document the security-motivated dependency move in [Unreleased]
• verify that onnx.hub is no longer present in the resolved package, removing the vulnerable API flagged by CVE-2026-28500

QA

• uv lock --check
• uv sync --extra all-ci
• uv run --extra onnx pytest tests/scanners/test_onnx_scanner.py tests/scanners/test_onnx_dependency_handling.py -q
• uv run ruff check modelaudit/ tests/
• uv run ruff format --check modelaudit/ tests/
• uv run mypy modelaudit/
• uv run pytest -n auto -m "not slow and not integration" --maxfail=1
• direct CLI smoke on a generated benign ONNX model: exit 0, no issues
• direct CLI smoke on malformed ONNX input: exit 1 with ONNX parsing failure

Note

This uses an ONNX release candidate because the advisory currently lists no patched stable release for <=1.20.1.

Summary by CodeRabbit

• Security
  • Updated the optional ONNX dependency to address CVE-2026-28500 by removing the affected module, improving safety for deployments that include ONNX.
  • The dependency version was temporarily bumped across optional extras to ensure the vulnerable module is no longer present; users relying on those extras should upgrade to receive the fix.

[coderabbitai]

Warning

Rate limit exceeded

@mldangelo-oai has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 3 minutes and 29 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: afd7a2b0-5fac-4b03-acda-3271252e950c

📥 Commits

Reviewing files that changed from the base of the PR and between 8f697d2 and 1eb44e5.

📒 Files selected for processing (1)

• CHANGELOG.md

Walkthrough

The pull request bumps the optional ONNX requirement to 1.21.0rc3 across multiple extras in pyproject.toml and adds a Changed note to CHANGELOG.md documenting the removal of the vulnerable onnx.hub module (CVE-2026-28500).

Changes

Cohort / File(s)	Summary
Documentation CHANGELOG.md	Added a ### Changed entry under ## [Unreleased] documenting the ONNX upgrade to 1.21.0rc3 and the removal of the vulnerable onnx.hub module (CVE-2026-28500).
Dependency Configuration pyproject.toml	Updated ONNX constraint from onnx>=1.12.0,<2.0; python_version < '3.13' to onnx>=1.21.0rc3,<2.0; python_version < '3.13' across extras: tensorflow, numpy1, all-ci, and all (inline comments added).

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

🐇 I hopped through lines of text tonight,
Bumped ONNX up to set things right,
The naughty hub has lost its place,
CVE tucked into a safer space,
Little rabbit hums, secure and light. 🥕

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: bumping the ONNX dependency to mitigate a specific CVE vulnerability.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/dependabot-onnx-cve-2026-28500

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@pyproject.toml`:
- Line 67: Replace the RC dependency pin in the onnx entries so they target the
stable 1.21.0 release (e.g., change the dependency declared as "onnx =
[\"onnx>=1.21.0rc3,<2.0; python_version < '3.13'\"]" to require the stable
1.21.0 instead) or, if you must keep the RC temporarily, add an inline comment
next to each "onnx = ..." entry documenting the RC risk window and that
CVE-2026-28500 relates to onnx.hub which this codebase does not use (we only use
onnx.load, onnx.mapping, onnx.helper, onnx.numpy_helper, onnx.TensorProto);
update all four occurrences to be consistent.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: f50f0d9f-01f7-4751-985b-7a5846e04dad

📥 Commits

Reviewing files that changed from the base of the PR and between d19d6fd and 59bd597.

⛔ Files ignored due to path filters (1)

• uv.lock is excluded by !**/*.lock

📒 Files selected for processing (2)

• CHANGELOG.md
• pyproject.toml