Merge branch 'master' into Add-isort-functionality

Author: ParagEkbote

.gitignore

@@ -37,4 +37,5 @@ src/sagemaker/modules/train/container_drivers/sourcecode.json
 src/sagemaker/modules/train/container_drivers/distributed.json
 tests/data/**/_repack_model.py
 tests/data/experiment/sagemaker-dev-1.0.tar.gz
-src/sagemaker/serve/tmp_workspace
+src/sagemaker/serve/tmp_workspace
+test-examples

CHANGELOG.md

@@ -1,5 +1,32 @@
 # Changelog
 
+## v2.248.1 (2025-07-16)
+
+### Bug Fixes and Other Changes
+
+ * Nova training support
+
+## v2.248.0 (2025-07-15)
+
+### Features
+
+ * integrate amtviz for visualization of tuning jobs
+
+### Bug Fixes and Other Changes
+
+ * build(deps): bump requests in /tests/data/serve_resources/mlflow/pytorch
+ * build(deps): bump protobuf from 4.25.5 to 4.25.8 in /requirements/extras
+ * build(deps): bump mlflow in /tests/data/serve_resources/mlflow/xgboost
+ * build(deps): bump torch in /tests/data/modules/script_mode
+ * sanitize git clone repo input url
+ * Adding Hyperpod feature to enable hyperpod telemetry
+ * Adding Hyperpod feature to enable hyperpod telemetry
+ * Bump SMD version to enable custom workflow deployment.
+ * Update TF DLC python version to py312
+ * update image_uri_configs 07-04-2025 07:18:27 PST
+ * update image_uri_configs 06-26-2025 07:18:35 PST
+ * relax protobuf to <6.32
+
 ## v2.247.1 (2025-06-23)
 
 ### Bug Fixes and Other Changes

VERSION

@@ -1 +1 @@
-2.247.2.dev0
+2.248.2.dev0

requirements/extras/test_requirements.txt

@@ -32,7 +32,7 @@ PyYAML>=6.0.1
 xgboost>=1.6.2,<=1.7.6
 pillow>=10.0.1,<=11
 opentelemetry-proto==1.27.0
-protobuf==4.25.5
+protobuf==4.25.8
 tensorboard>=2.16.2,<=2.18.0
 transformers==4.48.0
 sentencepiece==0.1.99

src/sagemaker/estimator.py

@@ -905,6 +905,30 @@ def _json_encode_hyperparameters(hyperparameters: Dict[str, Any]) -> Dict[str, A
             }
         return hyperparameters
 
+    @staticmethod
+    def _nova_encode_hyperparameters(hyperparameters: Dict[str, Any]) -> Dict[str, Any]:
+        """Applies JSON encoding for Nova job hyperparameters, preserving string values.
+
+        For Nova jobs, string values should not be JSON-encoded.
+
+        Args:
+            hyperparameters (dict): Dictionary of hyperparameters.
+
+        Returns:
+            dict: Dictionary with encoded hyperparameters.
+        """
+        current_hyperparameters = hyperparameters
+        if current_hyperparameters is not None:
+            hyperparameters = {}
+            for k, v in current_hyperparameters.items():
+                if is_pipeline_variable(v):
+                    hyperparameters[str(k)] = v.to_string()
+                elif isinstance(v, str):
+                    hyperparameters[str(k)] = v
+                else:
+                    hyperparameters[str(k)] = json.dumps(v)
+        return hyperparameters
+
     def _prepare_for_training(self, job_name=None):
         """Set any values in the estimator that need to be set before training.
 
@@ -938,7 +962,11 @@ def _prepare_for_training(self, job_name=None):
             self.source_dir = updated_paths["source_dir"]
             self.dependencies = updated_paths["dependencies"]
 
-        if self.source_dir or self.entry_point or self.dependencies:
+        if (
+            self.source_dir
+            or self.entry_point
+            or (self.dependencies and len(self.dependencies) > 0)
+        ):
             # validate source dir will raise a ValueError if there is something wrong with
             # the source directory. We are intentionally not handling it because this is a
             # critical error.
@@ -3579,7 +3607,11 @@ def __init__(
             git_config=git_config,
             enable_network_isolation=enable_network_isolation,
         )
-        if not is_pipeline_variable(entry_point) and entry_point.startswith("s3://"):
+        if (
+            not is_pipeline_variable(entry_point)
+            and entry_point is not None
+            and entry_point.startswith("s3://")
+        ):
             raise ValueError(
                 "Invalid entry point script: {}. Must be a path to a local file.".format(
                     entry_point
@@ -3599,6 +3631,7 @@ def __init__(
         self.checkpoint_s3_uri = checkpoint_s3_uri
         self.checkpoint_local_path = checkpoint_local_path
         self.enable_sagemaker_metrics = enable_sagemaker_metrics
+        self.is_nova_job = kwargs.get("is_nova_job", False)
 
     def _prepare_for_training(self, job_name=None):
         """Set hyperparameters needed for training. This method will also validate ``source_dir``.
@@ -3713,7 +3746,10 @@ def _model_entry_point(self):
 
     def set_hyperparameters(self, **kwargs):
         """Escapes the dict argument as JSON, updates the private hyperparameter attribute."""
-        self._hyperparameters.update(EstimatorBase._json_encode_hyperparameters(kwargs))
+        if self.is_nova_job:
+            self._hyperparameters.update(EstimatorBase._nova_encode_hyperparameters(kwargs))
+        else:
+            self._hyperparameters.update(EstimatorBase._json_encode_hyperparameters(kwargs))
 
     def hyperparameters(self):
         """Returns the hyperparameters as a dictionary to use for training.
@@ -3724,7 +3760,10 @@ def hyperparameters(self):
         Returns:
             dict[str, str]: The hyperparameters.
         """
-        return EstimatorBase._json_encode_hyperparameters(self._hyperparameters)
+        if self.is_nova_job:
+            return EstimatorBase._nova_encode_hyperparameters(self._hyperparameters)
+        else:
+            return EstimatorBase._json_encode_hyperparameters(self._hyperparameters)
 
     @classmethod
     def _prepare_init_params_from_job_description(cls, job_details, model_channel_name=None):

src/sagemaker/fw_utils.py

@@ -1063,7 +1063,7 @@ def validate_torch_distributed_distribution(
             )
 
     # Check entry point type
-    if not entry_point.endswith(".py"):
+    if entry_point is not None and not entry_point.endswith(".py"):
         err_msg += (
             "Unsupported entry point type for the distribution torch_distributed.\n"
             "Only python programs (*.py) are supported."

src/sagemaker/git_utils.py

@@ -14,14 +14,78 @@
 from __future__ import absolute_import
 
 import os
-from pathlib import Path
+import re
 import subprocess
 import tempfile
 import warnings
+from pathlib import Path
+from urllib.parse import urlparse
+
 import six
 from six.moves import urllib
 
 
+def _sanitize_git_url(repo_url):
+    """Sanitize Git repository URL to prevent URL injection attacks.
+
+    Args:
+        repo_url (str): The Git repository URL to sanitize
+
+    Returns:
+        str: The sanitized URL
+
+    Raises:
+        ValueError: If the URL contains suspicious patterns that could indicate injection
+    """
+    at_count = repo_url.count("@")
+
+    if repo_url.startswith("git@"):
+        # git@ format requires exactly one @
+        if at_count != 1:
+            raise ValueError("Invalid SSH URL format: git@ URLs must have exactly one @ symbol")
+    elif repo_url.startswith("ssh://"):
+        # ssh:// format can have 0 or 1 @ symbols
+        if at_count > 1:
+            raise ValueError("Invalid SSH URL format: multiple @ symbols detected")
+    elif repo_url.startswith("https://") or repo_url.startswith("http://"):
+        # HTTPS format allows 0 or 1 @ symbols
+        if at_count > 1:
+            raise ValueError("Invalid HTTPS URL format: multiple @ symbols detected")
+
+        # Check for invalid characters in the URL before parsing
+        # These characters should not appear in legitimate URLs
+        invalid_chars = ["<", ">", "[", "]", "{", "}", "\\", "^", "`", "|"]
+        for char in invalid_chars:
+            if char in repo_url:
+                raise ValueError("Invalid characters in hostname")
+
+        try:
+            parsed = urlparse(repo_url)
+
+            # Check for suspicious characters in hostname that could indicate injection
+            if parsed.hostname:
+                # Check for URL-encoded characters that might be used for obfuscation
+                suspicious_patterns = ["%25", "%40", "%2F", "%3A"]  # encoded %, @, /, :
+                for pattern in suspicious_patterns:
+                    if pattern in parsed.hostname.lower():
+                        raise ValueError(f"Suspicious URL encoding detected in hostname: {pattern}")
+
+                # Validate that the hostname looks legitimate
+                if not re.match(r"^[a-zA-Z0-9.-]+$", parsed.hostname):
+                    raise ValueError("Invalid characters in hostname")
+
+        except Exception as e:
+            if isinstance(e, ValueError):
+                raise
+            raise ValueError(f"Failed to parse URL: {str(e)}")
+    else:
+        raise ValueError(
+            "Unsupported URL scheme: only https://, http://, git@, and ssh:// are allowed"
+        )
+
+    return repo_url
+
+
 def git_clone_repo(git_config, entry_point, source_dir=None, dependencies=None):
     """Git clone repo containing the training code and serving code.
 
@@ -87,6 +151,10 @@ def git_clone_repo(git_config, entry_point, source_dir=None, dependencies=None):
     if entry_point is None:
         raise ValueError("Please provide an entry point.")
     _validate_git_config(git_config)
+
+    # SECURITY: Sanitize the repository URL to prevent injection attacks
+    git_config["repo"] = _sanitize_git_url(git_config["repo"])
+
     dest_dir = tempfile.mkdtemp()
     _generate_and_run_clone_command(git_config, dest_dir)
 

src/sagemaker/modules/constants.py

@@ -25,6 +25,10 @@
     os.path.dirname(os.path.abspath(__file__)), "train/container_drivers"
 )
 
+SM_RECIPE = "recipe"
+SM_RECIPE_YAML = "recipe.yaml"
+SM_RECIPE_CONTAINER_PATH = f"/opt/ml/input/data/recipe/{SM_RECIPE_YAML}"
+
 SOURCE_CODE_JSON = "sourcecode.json"
 DISTRIBUTED_JSON = "distributed.json"
 TRAIN_SCRIPT = "sm_train.sh"