From ea59375ba58640fc890e1d761fc173c8bdd3da8e Mon Sep 17 00:00:00 2001 From: Gabriel Almeida Date: Tue, 30 May 2023 10:41:48 -0300 Subject: [PATCH] =?UTF-8?q?=F0=9F=94=A5=20chore(template):=20delete=20unus?= =?UTF-8?q?ed=20files=20and=20imports=20This=20commit=20removes=20unused?= =?UTF-8?q?=20files=20and=20imports=20from=20the=20template=20directory.?= =?UTF-8?q?=20The=20deleted=20files=20are=20base.py,=20fields.py,=20and=20?= =?UTF-8?q?nodes.py.=20The=20deleted=20imports=20are=20from=20langflow.tem?= =?UTF-8?q?plate.constants.=20This=20improves=20the=20codebase=20by=20remo?= =?UTF-8?q?ving=20unnecessary=20code=20and=20reducing=20clutter.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ✨ feat(frontend_node): add constants module This commit adds a new module called constants to the frontend_node directory. The module contains constants used in the frontend_node module. The constants are FORCE_SHOW_FIELDS, DEFAULT_PROMPT, SYSTEM_PROMPT, and HUMAN_PROMPT. This improves the codebase by centralizing the constants in one module. 🐛 fix(frontend_node): use ast.literal_eval instead of eval This commit fixes a security vulnerability by replacing the use of eval with ast.literal_eval in the UtilitiesFrontendNode class. The method converts a string representation of a list to an actual list. The use of eval is dangerous as it can execute arbitrary code. This improves the codebase by making it more secure. --- src/backend/langflow/template/base.py | 1 - src/backend/langflow/template/fields.py | 0 src/backend/langflow/template/frontend_node/base.py | 2 +- .../langflow/template/{ => frontend_node}/constants.py | 0 src/backend/langflow/template/frontend_node/prompts.py | 6 +++++- src/backend/langflow/template/frontend_node/utilities.py | 3 ++- src/backend/langflow/template/nodes.py | 1 - src/backend/langflow/utils/util.py | 2 +- 8 files changed, 9 insertions(+), 6 deletions(-) delete mode 100644 src/backend/langflow/template/base.py delete mode 100644 src/backend/langflow/template/fields.py rename src/backend/langflow/template/{ => frontend_node}/constants.py (100%) delete mode 100644 src/backend/langflow/template/nodes.py diff --git a/src/backend/langflow/template/base.py b/src/backend/langflow/template/base.py deleted file mode 100644 index 8b1378917..000000000 --- a/src/backend/langflow/template/base.py +++ /dev/null @@ -1 +0,0 @@ - diff --git a/src/backend/langflow/template/fields.py b/src/backend/langflow/template/fields.py deleted file mode 100644 index e69de29bb..000000000 diff --git a/src/backend/langflow/template/frontend_node/base.py b/src/backend/langflow/template/frontend_node/base.py index cb762f28e..a64195813 100644 --- a/src/backend/langflow/template/frontend_node/base.py +++ b/src/backend/langflow/template/frontend_node/base.py @@ -3,7 +3,7 @@ from typing import List, Optional from pydantic import BaseModel -from langflow.template.constants import FORCE_SHOW_FIELDS +from langflow.template.frontend_node.constants import FORCE_SHOW_FIELDS from langflow.template.field.base import TemplateField from langflow.template.template.base import Template from langflow.utils import constants diff --git a/src/backend/langflow/template/constants.py b/src/backend/langflow/template/frontend_node/constants.py similarity index 100% rename from src/backend/langflow/template/constants.py rename to src/backend/langflow/template/frontend_node/constants.py diff --git a/src/backend/langflow/template/frontend_node/prompts.py b/src/backend/langflow/template/frontend_node/prompts.py index 7d7b1cde2..8738f1795 100644 --- a/src/backend/langflow/template/frontend_node/prompts.py +++ b/src/backend/langflow/template/frontend_node/prompts.py @@ -2,7 +2,11 @@ from typing import Optional from langchain.agents.mrkl import prompt -from langflow.template.constants import DEFAULT_PROMPT, HUMAN_PROMPT, SYSTEM_PROMPT +from langflow.template.frontend_node.constants import ( + DEFAULT_PROMPT, + HUMAN_PROMPT, + SYSTEM_PROMPT, +) from langflow.template.field.base import TemplateField from langflow.template.frontend_node.base import FrontendNode from langflow.template.template.base import Template diff --git a/src/backend/langflow/template/frontend_node/utilities.py b/src/backend/langflow/template/frontend_node/utilities.py index 77d01a23e..615d7d12f 100644 --- a/src/backend/langflow/template/frontend_node/utilities.py +++ b/src/backend/langflow/template/frontend_node/utilities.py @@ -1,3 +1,4 @@ +import ast import json from typing import Optional @@ -12,7 +13,7 @@ class UtilitiesFrontendNode(FrontendNode): # field.field_type could be "Literal['news', 'search', 'places', 'images'] # we need to convert it to a list if "Literal" in field.field_type: - field.options = eval(field.field_type.replace("Literal", "")) + field.options = ast.literal_eval(field.field_type.replace("Literal", "")) field.is_list = True field.field_type = "str" diff --git a/src/backend/langflow/template/nodes.py b/src/backend/langflow/template/nodes.py deleted file mode 100644 index 8b1378917..000000000 --- a/src/backend/langflow/template/nodes.py +++ /dev/null @@ -1 +0,0 @@ - diff --git a/src/backend/langflow/utils/util.py b/src/backend/langflow/utils/util.py index 0c9a18335..293d31154 100644 --- a/src/backend/langflow/utils/util.py +++ b/src/backend/langflow/utils/util.py @@ -6,7 +6,7 @@ from typing import Dict, Optional from docstring_parser import parse # type: ignore -from langflow.template.constants import FORCE_SHOW_FIELDS +from langflow.template.frontend_node.constants import FORCE_SHOW_FIELDS from langflow.utils import constants