From b926dd19c6f7a842b4a0ae97ad1c8cbf71cdc724 Mon Sep 17 00:00:00 2001
From: Gilles Peiffer <gilles.peiffer@databricks.com>
Date: Wed, 3 Jun 2026 15:36:23 +0000
Subject: [PATCH 1/2] [blackice] Repoint PyRIT to microsoft/PyRIT and bump to
 v0.13.0

PyRIT moved from Azure/PyRIT to microsoft/PyRIT. The old repository is
archived and no longer carries the v0.10.0rc0 tag, so checking out that
ref during the blackice image build fails. Update the GIT_TOOLS entry to
the current upstream and move from the release candidate to the latest
stable release v0.13.0.
---
 ubuntu/blackice/docker/Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ubuntu/blackice/docker/Dockerfile b/ubuntu/blackice/docker/Dockerfile
index 8e71234..4719fed 100644
--- a/ubuntu/blackice/docker/Dockerfile
+++ b/ubuntu/blackice/docker/Dockerfile
@@ -20,7 +20,7 @@ ARG PYTHON_TOOLS="fickling==0.1.4 rigging==3.3.2 judges==0.1.1 garak==0.13.1 gis
  # - GIT_REF: Can be a commit hash, tag, or branch name to checkout.
  # - REQUIREMENTS_FILE (optional): Path (relative to repo root) to a requirements file (e.g., requirements.txt, requirements/requirements_2.txt).
  #      - If pyproject.toml or setup.py is present in the repo root, REQUIREMENTS_FILE should not be specified.
-ARG GIT_TOOLS="pyrit[gcg]=https://github.com/Azure/PyRIT.git=v0.10.0rc0 cyberseceval=https://github.com/meta-llama/PurpleLlama.git=3494754=CybersecurityBenchmarks/requirements.txt lm-eval-harness[api]=https://github.com/EleutherAI/lm-evaluation-harness.git=v0.4.9.1 promptmap=https://github.com/utkusen/promptmap.git=9e1b4fe=requirements.txt fuzzyai=https://github.com/cyberark/FuzzyAI.git=2d1d4e6 easyedit=https://github.com/zjunlp/EasyEdit.git=da6f731=requirements_2.txt cleverhans=https://github.com/cleverhans-lab/cleverhans.git=574efc1=requirements/requirements.txt"
+ARG GIT_TOOLS="pyrit[gcg]=https://github.com/microsoft/PyRIT.git=v0.13.0 cyberseceval=https://github.com/meta-llama/PurpleLlama.git=3494754=CybersecurityBenchmarks/requirements.txt lm-eval-harness[api]=https://github.com/EleutherAI/lm-evaluation-harness.git=v0.4.9.1 promptmap=https://github.com/utkusen/promptmap.git=9e1b4fe=requirements.txt fuzzyai=https://github.com/cyberark/FuzzyAI.git=2d1d4e6 easyedit=https://github.com/zjunlp/EasyEdit.git=da6f731=requirements_2.txt cleverhans=https://github.com/cleverhans-lab/cleverhans.git=574efc1=requirements/requirements.txt"
 
 # Subset of PYTHON_TOOLS installed globally into the system Python environment
 ARG SYSTEM_TOOLS="pyrit fickling rigging judges"

From 6d8d5c0eddc7c7f04085241c588fd0dda0e8e774 Mon Sep 17 00:00:00 2001
From: Gilles Peiffer <gilles.peiffer@databricks.com>
Date: Thu, 4 Jun 2026 18:18:25 +0000
Subject: [PATCH 2/2] Support proxied BlackIce dependency installs

---
 ubuntu/blackice/docker/Dockerfile | 17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)

diff --git a/ubuntu/blackice/docker/Dockerfile b/ubuntu/blackice/docker/Dockerfile
index 4719fed..8f461d2 100644
--- a/ubuntu/blackice/docker/Dockerfile
+++ b/ubuntu/blackice/docker/Dockerfile
@@ -4,6 +4,7 @@
 # Base Docker image
 ARG BASE_IMAGE=databricksruntime/python:17.3-LTS
 ARG package_index_url="https://pypi.org/simple"
+ARG npm_registry_url="https://registry.npmjs.org/"
 ARG PYTHON_VERSION="3.12"
 ARG LEGACY_PYTHON_VERSION="3.10"
 ARG TORCH_INDEX_URL="https://download.pytorch.org/whl/torch/"
@@ -20,7 +21,7 @@ ARG PYTHON_TOOLS="fickling==0.1.4 rigging==3.3.2 judges==0.1.1 garak==0.13.1 gis
  # - GIT_REF: Can be a commit hash, tag, or branch name to checkout.
  # - REQUIREMENTS_FILE (optional): Path (relative to repo root) to a requirements file (e.g., requirements.txt, requirements/requirements_2.txt).
  #      - If pyproject.toml or setup.py is present in the repo root, REQUIREMENTS_FILE should not be specified.
-ARG GIT_TOOLS="pyrit[gcg]=https://github.com/microsoft/PyRIT.git=v0.13.0 cyberseceval=https://github.com/meta-llama/PurpleLlama.git=3494754=CybersecurityBenchmarks/requirements.txt lm-eval-harness[api]=https://github.com/EleutherAI/lm-evaluation-harness.git=v0.4.9.1 promptmap=https://github.com/utkusen/promptmap.git=9e1b4fe=requirements.txt fuzzyai=https://github.com/cyberark/FuzzyAI.git=2d1d4e6 easyedit=https://github.com/zjunlp/EasyEdit.git=da6f731=requirements_2.txt cleverhans=https://github.com/cleverhans-lab/cleverhans.git=574efc1=requirements/requirements.txt"
+ARG GIT_TOOLS="pyrit[gcg]=https://github.com/microsoft/PyRIT.git=v0.10.0rc0 cyberseceval=https://github.com/meta-llama/PurpleLlama.git=3494754=CybersecurityBenchmarks/requirements.txt lm-eval-harness[api]=https://github.com/EleutherAI/lm-evaluation-harness.git=v0.4.9.1 promptmap=https://github.com/utkusen/promptmap.git=9e1b4fe=requirements.txt fuzzyai=https://github.com/cyberark/FuzzyAI.git=2d1d4e6 easyedit=https://github.com/zjunlp/EasyEdit.git=da6f731=requirements_2.txt cleverhans=https://github.com/cleverhans-lab/cleverhans.git=574efc1=requirements/requirements.txt"
 
 # Subset of PYTHON_TOOLS installed globally into the system Python environment
 ARG SYSTEM_TOOLS="pyrit fickling rigging judges"
@@ -44,11 +45,15 @@ ARG STUB_TOOLS="llm-security-scripts gpt-fuzzer"
 FROM ${BASE_IMAGE} AS builder
 
 # Re-expose global ARGs
-ARG package_index_url PYTHON_VERSION LEGACY_PYTHON_VERSION TORCH_INDEX_URL PYTHON_TOOLS SYSTEM_TOOLS GIT_TOOLS TOOLS_WITH_TORCH_DEP TOOLS_WITH_LEGACY_DEPS NODEJS_TOOLS STUB_TOOLS
+ARG package_index_url npm_registry_url PYTHON_VERSION LEGACY_PYTHON_VERSION TORCH_INDEX_URL PYTHON_TOOLS SYSTEM_TOOLS GIT_TOOLS TOOLS_WITH_TORCH_DEP TOOLS_WITH_LEGACY_DEPS NODEJS_TOOLS STUB_TOOLS
 
 # Set essential environment variables
 ENV DEBIAN_FRONTEND=noninteractive
 ENV VENV_BASE=/venvs
+ENV PIP_INDEX_URL=${package_index_url}
+ENV UV_INDEX_URL=${package_index_url}
+ENV UV_DEFAULT_INDEX=${package_index_url}
+ENV NPM_CONFIG_REGISTRY=${npm_registry_url}
 
 # ---------------------------------------------------------------------------- #
 # Install System-Level Build Dependencies                                      #
@@ -287,7 +292,7 @@ RUN for tool in $PYTHON_TOOLS; do \
         TOOL_VERSION=$(echo $tool | sed 's/.*==//'); \
         TOOL_VENV="$VENV_BASE/$TOOL_NAME"; \
         mkdir -p $TOOL_VENV && cd $TOOL_VENV && npm init -y && \
-        npm install "$TOOL_NAME@$TOOL_VERSION" && \
+        npm install "$TOOL_NAME@$TOOL_VERSION" --registry "$npm_registry_url" && \
         npm cache clean --force || true; \
     done \
     \
@@ -309,11 +314,15 @@ RUN for tool in $PYTHON_TOOLS; do \
 FROM ${BASE_IMAGE} AS final
 
 # Re-expose global ARGs
-ARG package_index_url PYTHON_VERSION PYTHON_TOOLS SYSTEM_TOOLS GIT_TOOLS NODEJS_TOOLS CUSTOM_TOOLS STUB_TOOLS
+ARG package_index_url npm_registry_url PYTHON_VERSION PYTHON_TOOLS SYSTEM_TOOLS GIT_TOOLS NODEJS_TOOLS CUSTOM_TOOLS STUB_TOOLS
 
 # Set essential environment variables
 ENV DEBIAN_FRONTEND=noninteractive
 ENV VENV_BASE=/venvs
+ENV PIP_INDEX_URL=${package_index_url}
+ENV UV_INDEX_URL=${package_index_url}
+ENV UV_DEFAULT_INDEX=${package_index_url}
+ENV NPM_CONFIG_REGISTRY=${npm_registry_url}
 
 # Copy from builder
 COPY --from=builder /usr/local/lib/python${PYTHON_VERSION}/dist-packages/ /usr/local/lib/python${PYTHON_VERSION}/dist-packages/