From 721999aeff3db6be6745a06d0aca2528b65735df Mon Sep 17 00:00:00 2001 From: "patched.codes[bot]" <298395+patched.codes[bot]@users.noreply.github.com> Date: Thu, 22 Aug 2024 00:42:00 +0000 Subject: [PATCH 1/3] Patched /home/runner/work/patchwork/patchwork/patchwork/app.py --- patchwork/app.py | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/patchwork/app.py b/patchwork/app.py index ae6df6e5f..8e7cfbfe7 100644 --- a/patchwork/app.py +++ b/patchwork/app.py @@ -216,14 +216,16 @@ def find_patchflow(possible_module_paths: Iterable[str], patchflow: str) -> Any except Exception: logger.debug(f"Patchflow {patchflow} not found as a file/directory in {module_path}") - try: - module = importlib.import_module(module_path) - logger.info(f"Patchflow {patchflow} loaded from {module_path}") - return getattr(module, patchflow) - except ModuleNotFoundError: - logger.debug(f"Patchflow {patchflow} not found as a module in {module_path}") - except AttributeError: - logger.debug(f"Patchflow {patchflow} not found in {module_path}") + valid_modules = ['module1', 'module2'] # Add allowed modules to the whitelist + if module_path in valid_modules: + try: + module = importlib.import_module(module_path) + logger.info(f"Patchflow {patchflow} loaded from {module_path}") + return getattr(module, patchflow) + except ModuleNotFoundError: + logger.debug(f"Patchflow {patchflow} not found as a module in {module_path}") + except AttributeError: + logger.debug(f"Patchflow {patchflow} not found in {module_path}") return None From 871ff22091ca2bf224676d47184d0fa3c890656c Mon Sep 17 00:00:00 2001 From: "patched.codes[bot]" <298395+patched.codes[bot]@users.noreply.github.com> Date: Thu, 22 Aug 2024 00:42:00 +0000 Subject: [PATCH 2/3] Patched /home/runner/work/patchwork/patchwork/patchwork/common/utils/step_typing.py --- patchwork/common/utils/step_typing.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/patchwork/common/utils/step_typing.py b/patchwork/common/utils/step_typing.py index d349f7fc1..b705ce123 100644 --- a/patchwork/common/utils/step_typing.py +++ b/patchwork/common/utils/step_typing.py @@ -119,7 +119,7 @@ def validate_step_with_inputs(input_keys: Set[str], step: Type[Step]) -> Tuple[S step_report = {} for key in step_input_model.__required_keys__: if key not in input_keys: - step_report[key] = f"Missing required input data" + step_report[key] = "Missing required input data" continue step_type_hints = get_type_hints(step_input_model, include_extras=True) @@ -129,7 +129,7 @@ def validate_step_with_inputs(input_keys: Set[str], step: Type[Step]) -> Tuple[S continue if key in step_report.keys(): - step_report[key] = step_type_config.msg or f"Missing required input data" + step_report[key] = step_type_config.msg or "Missing required input data" continue is_ok, msg = validate_step_type_config_with_inputs(key, input_keys, step_type_config) From e706275b4fe4f599d3e7310e7e40f3e32547e608 Mon Sep 17 00:00:00 2001 From: "patched.codes[bot]" <298395+patched.codes[bot]@users.noreply.github.com> Date: Thu, 22 Aug 2024 00:42:00 +0000 Subject: [PATCH 3/3] Patched /home/runner/work/patchwork/patchwork/patchwork/common/utils/dependency.py --- patchwork/common/utils/dependency.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/patchwork/common/utils/dependency.py b/patchwork/common/utils/dependency.py index 040822136..29ec97415 100644 --- a/patchwork/common/utils/dependency.py +++ b/patchwork/common/utils/dependency.py @@ -7,9 +7,13 @@ "notification": ["slack_sdk"], } +ALLOWED_MODULES = set(__DEPENDENCY_GROUPS.values()) @lru_cache(maxsize=None) def import_with_dependency_group(name): + if name not in ALLOWED_MODULES: + raise ImportError(f"Module {name} is not whitelisted") + try: return importlib.import_module(name) except ImportError: