From 9285ebf8a210d076d392ef02901a620ef568327f Mon Sep 17 00:00:00 2001 From: Eduardo Chiarotti Date: Thu, 14 Nov 2024 13:12:35 -0300 Subject: [PATCH] feat: Reduce level for Bandit and fix code to adapt (#1604) --- .github/workflows/security-checker.yml | 2 +- src/crewai/cli/authentication/main.py | 6 ++++-- src/crewai/memory/storage/kickoff_task_outputs_storage.py | 2 +- src/crewai/memory/storage/ltm_sqlite_storage.py | 2 +- src/crewai/utilities/file_handler.py | 8 ++++++-- 5 files changed, 13 insertions(+), 7 deletions(-) diff --git a/.github/workflows/security-checker.yml b/.github/workflows/security-checker.yml index d0d309b4c1..665f492922 100644 --- a/.github/workflows/security-checker.yml +++ b/.github/workflows/security-checker.yml @@ -19,5 +19,5 @@ jobs: run: pip install bandit - name: Run Bandit - run: bandit -c pyproject.toml -r src/ -lll + run: bandit -c pyproject.toml -r src/ -ll diff --git a/src/crewai/cli/authentication/main.py b/src/crewai/cli/authentication/main.py index 331b583e83..543f068442 100644 --- a/src/crewai/cli/authentication/main.py +++ b/src/crewai/cli/authentication/main.py @@ -34,7 +34,9 @@ def _get_device_code(self) -> Dict[str, Any]: "scope": "openid", "audience": AUTH0_AUDIENCE, } - response = requests.post(url=self.DEVICE_CODE_URL, data=device_code_payload) + response = requests.post( + url=self.DEVICE_CODE_URL, data=device_code_payload, timeout=20 + ) response.raise_for_status() return response.json() @@ -54,7 +56,7 @@ def _poll_for_token(self, device_code_data: Dict[str, Any]) -> None: attempts = 0 while True and attempts < 5: - response = requests.post(self.TOKEN_URL, data=token_payload) + response = requests.post(self.TOKEN_URL, data=token_payload, timeout=30) token_data = response.json() if response.status_code == 200: diff --git a/src/crewai/memory/storage/kickoff_task_outputs_storage.py b/src/crewai/memory/storage/kickoff_task_outputs_storage.py index dbb5f124b1..26905191cb 100644 --- a/src/crewai/memory/storage/kickoff_task_outputs_storage.py +++ b/src/crewai/memory/storage/kickoff_task_outputs_storage.py @@ -103,7 +103,7 @@ def update( else value ) - query = f"UPDATE latest_kickoff_task_outputs SET {', '.join(fields)} WHERE task_index = ?" + query = f"UPDATE latest_kickoff_task_outputs SET {', '.join(fields)} WHERE task_index = ?" # nosec values.append(task_index) cursor.execute(query, tuple(values)) diff --git a/src/crewai/memory/storage/ltm_sqlite_storage.py b/src/crewai/memory/storage/ltm_sqlite_storage.py index 7fb388a628..93d993ee67 100644 --- a/src/crewai/memory/storage/ltm_sqlite_storage.py +++ b/src/crewai/memory/storage/ltm_sqlite_storage.py @@ -83,7 +83,7 @@ def load( WHERE task_description = ? ORDER BY datetime DESC, score ASC LIMIT {latest_n} - """, + """, # nosec (task_description,), ) rows = cursor.fetchall() diff --git a/src/crewai/utilities/file_handler.py b/src/crewai/utilities/file_handler.py index 091bd930a8..bb97b940f0 100644 --- a/src/crewai/utilities/file_handler.py +++ b/src/crewai/utilities/file_handler.py @@ -16,7 +16,11 @@ def __init__(self, file_path): def log(self, **kwargs): now = datetime.now().strftime("%Y-%m-%d %H:%M:%S") - message = f"{now}: " + ", ".join([f"{key}=\"{value}\"" for key, value in kwargs.items()]) + "\n" + message = ( + f"{now}: " + + ", ".join([f'{key}="{value}"' for key, value in kwargs.items()]) + + "\n" + ) with open(self._path, "a", encoding="utf-8") as file: file.write(message + "\n") @@ -63,7 +67,7 @@ def load(self) -> dict: with open(self.file_path, "rb") as file: try: - return pickle.load(file) + return pickle.load(file) # nosec except EOFError: return {} # Return an empty dictionary if the file is empty or corrupted except Exception: