From a122dc0a94560824f7cba9ec0f007640d63d9a5d Mon Sep 17 00:00:00 2001
From: ian_Cin <ian@cinnamon.is>
Date: Wed, 15 May 2024 17:57:37 +0700
Subject: [PATCH] (bump:patch) Fix: llama-cpp-python security bug and setup
 local latest branch in github action (#66)

* update llama-cpp-python version in response to https://github.com/Cinnamon/kotaemon/security/dependabot/1

* setup local latest branch in github action
---
 .github/workflows/auto-bump-and-release.yaml | 2 ++
 libs/kotaemon/pyproject.toml                 | 2 +-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/auto-bump-and-release.yaml b/.github/workflows/auto-bump-and-release.yaml
index 7c66925..046442e 100644
--- a/.github/workflows/auto-bump-and-release.yaml
+++ b/.github/workflows/auto-bump-and-release.yaml
@@ -43,6 +43,8 @@ jobs:
           generate_release_notes: true
           tag_name: ${{ steps.update-version.outputs.new_tag }}
           make_latest: true
+      - name: Setup latest branch locally without switching current branch
+        run: git fetch origin latest:latest
       - name: Update latest branch
         run: |
           git branch -f latest tags/${{ steps.update-version.outputs.new_tag }}
diff --git a/libs/kotaemon/pyproject.toml b/libs/kotaemon/pyproject.toml
index 6439eaa..3694f70 100644
--- a/libs/kotaemon/pyproject.toml
+++ b/libs/kotaemon/pyproject.toml
@@ -41,7 +41,7 @@ dependencies = [
     "pypdf>=4.2.0,<4.3",
     "html2text==2024.2.26",
     "fastembed==0.2.6",
-    "llama-cpp-python==0.2.65",
+    "llama-cpp-python>=0.2.72,<0.3",
     "azure-ai-documentintelligence",
     "cohere>=5.3.2,<5.4",
 ]