fix: safety hardening for protocol implementation#8
Merged
Conversation
- Validate message length before unpacking in Protocol.handle_message (silent drop on malformed input, uses >= for forward-compat) - Replace unsafe getattr/setattr with dispatch tables in examples - Fix broken setattr, import paths, and **args in examples/server.py - Fix shared class-level state in examples/server.py RemoteEndpoint - Fix sender task deadlock on disconnect (cancel before join) - Prevent phantom registry entries by splitting _entry into read/write - Fix KeyError on double-unlink and unregister of unknown sink - Add configurable message size limit (1MB default) - Narrow exception handling to json.JSONDecodeError and ValueError - Forward node logger to Protocol for validation error visibility - Fix cosmetic issues: typos, enum syntax, missing self parameter - Add 30 safety tests covering all fixes
- Test matrix: Python 3.9-3.13 on Ubuntu, macOS, and Windows (15 cells) - Lint job with ruff (format + check) - Optional deps job for starlette/demo_server tests - Coverage collection on py3.12/Ubuntu - Add ruff.toml config, replace black with ruff in Taskfile - Add extras_require (dev, examples) to setup.cfg
- Sort imports (isort) - Fix == None to is None comparisons - Replace % format with f-strings in examples/app.py - Remove unused import (BaseNode in test_safety.py) - Reformat files to ruff style
The TestCounter stub was missing the increment method, causing AttributeError when building the dispatch table. Also add fail-fast: false to test-optional-deps job.
- Add CI, PyPI, Python version, and license badges - Add quick start with source/sink/wiring examples - Document wire protocol message types and formats - Add architecture diagram and package structure table - Include test matrix, development setup, and contributing guide
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Changes
Critical fixes
setattrcall inexamples/server.pynode/queueinexamples/server.pyRemoteEndpointolink.remotenode→olink.remote) in examples**args→*argsunpacking inexamples/server.pySafety hardening (wire protocol unchanged)
Protocol.handle_message(silent drop,>=for forward-compat)getattr/setattrwith explicit dispatch tables in examples_get_entryfor reads,_entryfor writes)KeyErroron double-unlink and unregister of unknown sinkexcept Exceptiontoexcept (json.JSONDecodeError, ValueError)Instance isolation fixes
selfparameter in interface methodsinfvalues from JSON serializationCosmetic
ProptocolTypetypo, enum tuple syntax, missingselfinILogger.logTest plan