Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Move path argument sanitization for commands to a decorator #4918

Merged

Conversation

Pwuts
Copy link
Member

@Pwuts Pwuts commented Jul 8, 2023

Background

Part of #4799

We want to sanitize path arguments from commands before using them, to prevent workspace excursions. A decorator makes it easier to tack a sanitizer on any argument, instead of requiring that an argument has a specific name like filename.

Changes

  • Add sanitize_path_arg decorator
    Example:
    @command(
      "read_file",
      "Read an existing file",
      {
          "filename": {
              "type": "string",
              "description": "The path of the file to read",
              "required": True,
          }
      },
    )
    @sanitize_path_arg("filename")
    def read_file(filename: str, agent: Agent) -> str:
        ...
  • Remove Agent._resolve_pathlike_command_args()

Documentation

x

Test Plan

CI

PR Quality Checklist

  • My pull request is atomic and focuses on a single change.
  • I have thoroughly tested my changes with multiple different prompts.
  • I have considered potential risks and mitigations for my changes.
  • I have documented my changes clearly and comprehensively.
  • I have not snuck in any "extra" small tweaks changes.
  • I have run the following commands against my code to ensure it passes our linters:
    black .
    isort .
    mypy
    autoflake --remove-all-unused-imports --recursive --ignore-init-module-imports --ignore-pass-after-docstring autogpt tests --in-place

@netlify
Copy link

netlify bot commented Jul 8, 2023

Deploy Preview for auto-gpt-docs canceled.

Name Link
🔨 Latest commit 3725730
🔍 Latest deploy log https://app.netlify.com/sites/auto-gpt-docs/deploys/64ab07500f713200080a9ca3

@github-actions github-actions bot added the size/l label Jul 8, 2023
@Pwuts Pwuts added this to the v0.4.5 Release milestone Jul 8, 2023
@Pwuts Pwuts force-pushed the path-arg-sanitizer-decorator branch from 269ea1a to c6d0c80 Compare July 8, 2023 17:41
@codecov
Copy link

codecov bot commented Jul 8, 2023

Codecov Report

Patch coverage: 84.74% and project coverage change: +0.35 🎉

Comparison is base (050c52a) 50.52% compared to head (c6d0c80) 50.87%.

❗ Current head c6d0c80 differs from pull request most recent head 3725730. Consider uploading reports for the commit 3725730 to get more accurate results

Additional details and impacted files
@@            Coverage Diff             @@
##           master    #4918      +/-   ##
==========================================
+ Coverage   50.52%   50.87%   +0.35%     
==========================================
  Files         118      117       -1     
  Lines        4843     4904      +61     
  Branches      643      660      +17     
==========================================
+ Hits         2447     2495      +48     
- Misses       2215     2224       +9     
- Partials      181      185       +4     
Impacted Files Coverage Δ
autogpt/agent/agent.py 58.27% <ø> (-0.64%) ⬇️
autogpt/commands/image_gen.py 74.32% <ø> (ø)
autogpt/commands/decorators.py 77.77% <77.77%> (ø)
autogpt/commands/file_operations.py 82.48% <94.44%> (+1.68%) ⬆️
autogpt/commands/execute_code.py 72.11% <100.00%> (+0.54%) ⬆️
autogpt/commands/git_operations.py 93.75% <100.00%> (+0.89%) ⬆️

... and 19 files with indirect coverage changes

☔ View full report in Codecov by Sentry.
📢 Do you have feedback about the report comment? Let us know in this issue.

@Pwuts Pwuts self-assigned this Jul 8, 2023
@Pwuts Pwuts added function: workspace code quality ⬆️ PRs that improve code quality labels Jul 8, 2023
Copy link
Contributor

@collijk collijk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Use functools.wraps in the decorator to preserve the metadata attributes of the function your decorating.

@Pwuts Pwuts force-pushed the path-arg-sanitizer-decorator branch from 93208fb to ac3bf52 Compare July 9, 2023 19:09
@Pwuts Pwuts force-pushed the path-arg-sanitizer-decorator branch from ac3bf52 to 3725730 Compare July 9, 2023 19:15
@Auto-GPT-Bot
Copy link
Contributor

You changed AutoGPT's behaviour. The cassettes have been updated and will be merged to the submodule when this Pull Request gets merged.

@collijk collijk merged commit c562fbf into Significant-Gravitas:master Jul 9, 2023
@Pwuts Pwuts deleted the path-arg-sanitizer-decorator branch July 9, 2023 19:41
Alaaelmziat pushed a commit to Alaaelmziat/Auto-GPT that referenced this pull request Jul 12, 2023
…ant-Gravitas#4918)

* Move path argument sanitization for commands to a decorator

* Fix tests

* Add `@functools.wraps` to `@sanitize_path_arg` decorator

Co-authored-by: James Collins <[email protected]>

---------

Co-authored-by: James Collins <[email protected]>
dayofthedave pushed a commit to dayofthedave/Auto-GPT that referenced this pull request Jul 17, 2023
…ant-Gravitas#4918)

* Move path argument sanitization for commands to a decorator

* Fix tests

* Add `@functools.wraps` to `@sanitize_path_arg` decorator

Co-authored-by: James Collins <[email protected]>

---------

Co-authored-by: James Collins <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
Archived in project
Development

Successfully merging this pull request may close these issues.

3 participants