From 1c20cf5dfd22141e6c848421e811298630b0dcac Mon Sep 17 00:00:00 2001
From: "Wilkins, Emily (Counterpointe Solutions)"
 <80470879+ewilkins-csi@users.noreply.github.com>
Date: Tue, 7 May 2024 10:03:38 -0500
Subject: [PATCH] Resolve SageMaker CVEs

Resolves CVE-2024-34072 and CVE-2024-34073 by upgrading SageMaker to >=
2.218.0.  There was previously an upper cap on the version that was
ostensibly for Python 3.11.4 compatibility, but it looks like 2.218
supports Python 3.11.4.
---
 .../pyproject.toml                                              | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/extensions/aissemble-extensions-model-training-api-sagemaker/pyproject.toml b/extensions/aissemble-extensions-model-training-api-sagemaker/pyproject.toml
index 754b08ee6..94d61a2f9 100644
--- a/extensions/aissemble-extensions-model-training-api-sagemaker/pyproject.toml
+++ b/extensions/aissemble-extensions-model-training-api-sagemaker/pyproject.toml
@@ -16,7 +16,7 @@ pydantic = ">=1.8.0,<2.0.0"
 kubernetes = ">=26.1.0"
 urllib3 = "^1.26.18"
 krausening = ">=19"
-sagemaker = ">2.173.0, <=2.182.0"
+sagemaker = ">=2.218.0"
 mlflow = "^2.3.1"
 
 [tool.poetry.group.dev.dependencies]