Skip to content

add opencv-python to requirements.txt#2061

Open
guozijn wants to merge 1 commit intoProject-MONAI:mainfrom
guozijn:detection-requirements
Open

add opencv-python to requirements.txt#2061
guozijn wants to merge 1 commit intoProject-MONAI:mainfrom
guozijn:detection-requirements

Conversation

@guozijn
Copy link
Copy Markdown

@guozijn guozijn commented Apr 9, 2026
edited by coderabbitai bot
Loading

Summary by CodeRabbit

  • Chores
    • Updated project install-time dependencies to include OpenCV (opencv-python), ensuring the runtime now bundles OpenCV’s Python bindings.
    • Dependency-only change; no public interfaces or exported entities were modified.

@coderabbitai
Copy link
Copy Markdown

coderabbitai bot commented Apr 9, 2026
edited
Loading

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 425d8f8c-0f14-472a-afd6-de6fd06fe38e

📥 Commits

Reviewing files that changed from the base of the PR and between 1dc8d0a and 7b67cac.

📒 Files selected for processing (1)
  • detection/requirements.txt
✅ Files skipped from review due to trivial changes (1)
  • detection/requirements.txt

Walkthrough

The pull request adds opencv-python to detection/requirements.txt, updating the detection module's install-time Python dependencies.

Changes

Cohort / File(s) Summary
Dependency Addition
detection/requirements.txt		 Added opencv-python to the detection module's requirements file.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Poem

🐰 A new package hopped into the stack,
OpenCV now joins the pack,
For pixels, patterns, and sight,
I nibble code through day and night,
Hooray — our detections take flight! ✨🧺

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Description check ⚠️ Warning No pull request description was provided by the author, failing to include required sections like Description and Checks from the template. Add a pull request description following the template, including a description of changes and completion of the Checks section.
✅ Passed checks (2 passed)
Check name Status Explanation
Title check ✅ Passed The pull request title clearly and concisely summarizes the primary change: adding opencv-python to the requirements.txt file.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai bot reviewed Apr 9, 2026
View reviewed changes
Copy link
Copy Markdown

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick comments (1)
detection/requirements.txt (1)

5-5: Pin opencv-python to a specific version for reproducibility and security.

The detection/requirements.txt file uses mixed version pinning (itk>=5.2 is pinned, while opencv-python and others are not). More importantly, recent security vulnerabilities in opencv-python require careful version management:

  • CVE-2025-53644 (heap buffer write) affects opencv-python versions 4.10.0 and 4.11.0; fixed in 4.12.0+
  • CVE-2024-1417 (heap buffer overflow) requires updating to a patched version
  • CVE-2023-4863 (libwebp bundled in wheels) is mitigated in opencv-python 4.8.1.78+

Consider pinning to a known-safe version (e.g., opencv-python>=4.13.0.92) to ensure reproducibility and prevent accidental installation of vulnerable versions.

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@detection/requirements.txt` at line 5, Update the unpinned dependency
"opencv-python" in detection/requirements.txt to a specific safe version to
ensure reproducibility and mitigate known CVEs (e.g., replace "opencv-python"
with "opencv-python>=4.13.0.92" or a fixed "opencv-python==4.13.0.92"); edit the
requirements line for "opencv-python" so the installer cannot pull vulnerable
releases and document the chosen version in the file comment or changelog.
🤖 Prompt for all review comments with AI agents 
Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@detection/requirements.txt`:
- Line 5: Update the unpinned dependency "opencv-python" in
detection/requirements.txt to a specific safe version to ensure reproducibility
and mitigate known CVEs (e.g., replace "opencv-python" with
"opencv-python>=4.13.0.92" or a fixed "opencv-python==4.13.0.92"); edit the
requirements line for "opencv-python" so the installer cannot pull vulnerable
releases and document the chosen version in the file comment or changelog.
ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 85e9eb5f-a2bb-4704-826a-b28a7db1ee9b

📥 Commits

Reviewing files that changed from the base of the PR and between 9292800 and 1dc8d0a.

📒 Files selected for processing (1)
  • detection/requirements.txt

@guozijn
add opencv-python to requirements.txt
7b67cac 
Signed-off-by: guozijn <guozijn@gmail.com>
@guozijn guozijn force-pushed the detection-requirements branch from 1dc8d0a to 7b67cac Compare April 10, 2026 07:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@guozijn