Skip to content

Update nltk to 3.9.3#924

Open
Okal (okal) wants to merge 1 commit intoairbytehq:mainfrom
okal:okal/fix-upgrade-nltk-to-3.9.3-addresses-CVE-2025-14009
Open

Update nltk to 3.9.3#924
Okal (okal) wants to merge 1 commit intoairbytehq:mainfrom
okal:okal/fix-upgrade-nltk-to-3.9.3-addresses-CVE-2025-14009

Conversation

@okal
Copy link

@okal Okal (okal) commented Feb 26, 2026
edited by coderabbitai bot
Loading

Fixes CVE-2025-14009 present in nltk <= 3.9.2, resolved in 3.9.3. Closes #923.

Summary by CodeRabbit

  • Chores
    • Updated optional dependency version to improve compatibility and stability.

@github-actions github-actions bot added the community PRs from community contributors label Feb 26, 2026
@coderabbitai
Copy link
Contributor

coderabbitai bot commented Feb 26, 2026

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 7f41401 and 0cc5808.

⛔ Files ignored due to path filters (1)
  • poetry.lock is excluded by !**/*.lock
📒 Files selected for processing (1)
  • pyproject.toml
📝 Walkthrough

Walkthrough

The pyproject.toml file has been updated to bump the optional nltk dependency from version 3.9.1 to 3.9.3. This addresses a critical vulnerability identified by the team's dependabot scanner. No other dependencies or public APIs are affected.

Changes

Cohort / File(s) Summary
Dependency Update
pyproject.toml		 Updated nltk version from 3.9.1 to 3.9.3 to resolve a critical security vulnerability.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately and concisely summarizes the main change: updating the nltk dependency to version 3.9.3.
Linked Issues check ✅ Passed The PR directly addresses issue #923 by upgrading nltk to 3.9.3, which remediates the reported CVE-2025-14009 vulnerability.
Out of Scope Changes check ✅ Passed All changes are scoped to updating the nltk dependency version in pyproject.toml, with no unrelated modifications present.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] approved these changes

Assignees

No one assigned

Labels

community PRs from community contributors

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

NLTK dependency vulnerability

1 participant

@okal