Skip to content

cherry pick CI changes and hist app #914

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 7 commits into from
Nov 10, 2025
Merged

cherry pick CI changes and hist app #914

merged 7 commits into from
Nov 10, 2025

Conversation

@Eyal-Danieli
Copy link
Member

@Eyal-Danieli Eyal-Danieli commented Nov 10, 2025

No description provided.

danielperezz and others added 7 commits September 28, 2025 15:43
@danielperezz
replace author to Iguazio manually (#905)
72d5485
@danielperezz @Eyal-Danieli
Organize CLI directory + new CLI for generating item.yaml files (#906)
bbcf638 
* create a CLI for generating item.yaml and organize the CLI directory

* modify comments to module

* PR fixes

* Update cli/common/generate_item_yaml.py

Co-authored-by: Eyal Danieli <eyal_danieli@mckinsey.com>

---------

Co-authored-by: Eyal Danieli <eyal_danieli@mckinsey.com>
@Eyal-Danieli
fill count events notebook (#908)
73b4423
@Eyal-Danieli
avoid noise reduction unit test (#909)
333d4e7
@danielperezz
Add histogram-data-drift monitoring application module (without examp…
77e28ba 
…le) (#911)

* histogram data drift module with empty example notebook

* post review fixes
@iguazio-cicd
chore(readme): auto-update asset tables [skip ci]
608112c
@danielperezz
Fill histogram-data-drift example notebook (#912)
c56ef48 
* fill data-drift nb

* post review fixes
@review-notebook-app
Copy link

review-notebook-app bot commented Nov 10, 2025

Check out this pull request on  ReviewNB

See visual diffs & provide feedback on Jupyter Notebooks.

Powered by ReviewNB

github-advanced-security[bot]
github-advanced-security bot found potential problems Nov 10, 2025
View reviewed changes
cli/common/generate_item_yaml.py
}

# Load and render template
env = Environment(loader=FileSystemLoader("."))

Check warning

Code scanning / CodeQL

Jinja2 templating with autoescape=False Medium

Using jinja2 templates with autoescape=False can potentially allow XSS attacks.

Copilot Autofix

AI 10 days ago

To fix the problem, we should pass a safe value for autoescape while creating the Jinja2 Environment. The most robust and future-proof way is to use Jinja2’s select_autoescape function, which will auto-enable escaping for html and xml templates, and otherwise leave it disabled (as is safe for YAML). This is the officially recommended approach and the least disruptive.

  • Import select_autoescape from Jinja2.
  • Change line 46 to:
    env = Environment(loader=FileSystemLoader("."), autoescape=select_autoescape(['html', 'xml']))

No further changes are needed unless CLI generates HTML/XML templates in the future, in which case this configuration would protect those, too.

Suggested changeset 1
cli/common/generate_item_yaml.py

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/cli/common/generate_item_yaml.py b/cli/common/generate_item_yaml.py
--- a/cli/common/generate_item_yaml.py
+++ b/cli/common/generate_item_yaml.py
@@ -2,7 +2,7 @@
 from pathlib import Path
 from datetime import datetime
 import click
-from jinja2 import Environment, FileSystemLoader
+from jinja2 import Environment, FileSystemLoader, select_autoescape
 
 TEMPLATES = {
     "function": "cli/utils/function_item_template.yaml.j2",
@@ -43,7 +43,7 @@
     }
 
     # Load and render template
-    env = Environment(loader=FileSystemLoader("."))
+    env = Environment(loader=FileSystemLoader("."), autoescape=select_autoescape(['html', 'xml']))
     template = env.get_template(TEMPLATES[type])
     rendered = template.render(params)
 
EOF
@@ -2,7 +2,7 @@
from pathlib import Path
from datetime import datetime
import click
from jinja2 import Environment, FileSystemLoader
from jinja2 import Environment, FileSystemLoader, select_autoescape

TEMPLATES = {
"function": "cli/utils/function_item_template.yaml.j2",
@@ -43,7 +43,7 @@
}

# Load and render template
env = Environment(loader=FileSystemLoader("."))
env = Environment(loader=FileSystemLoader("."), autoescape=select_autoescape(['html', 'xml']))
template = env.get_template(TEMPLATES[type])
rendered = template.render(params)

Copilot is powered by AI and may make mistakes. Always verify output.
@Eyal-Danieli Eyal-Danieli merged commit 628494a into master Nov 10, 2025
48 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@Eyal-Danieli @danielperezz @iguazio-cicd