mirror of
https://github.com/hwchase17/langchain
synced 2024-11-10 01:10:59 +00:00
d3db83abe3
* Lint for usage of standard xml library * Add forced opt-in for quip client * Actual security issue is with underlying QuipClient not LangChain integration (since the client is doing the parsing), but adding enforcement at the LangChain level.
25 lines
828 B
Bash
Executable File
25 lines
828 B
Bash
Executable File
#!/bin/bash
|
|
|
|
set -eu
|
|
|
|
# Initialize a variable to keep track of errors
|
|
errors=0
|
|
|
|
# make sure not importing from langchain or langchain_experimental
|
|
git --no-pager grep '^from langchain_experimental\.' . && errors=$((errors+1))
|
|
|
|
# make sure no one is importing from the built-in xml library
|
|
# instead defusedxml should be used to avoid getting CVEs.
|
|
# Whether the standary library actually poses a risk to users
|
|
# is very nuanced and dependns on user's environment.
|
|
# https://docs.python.org/3/library/xml.etree.elementtree.html
|
|
git --no-pager grep '^from xml\.' . | grep -vE "# OK: user-must-opt-in" && errors=$((errors+1))
|
|
git --no-pager grep '^import xml\.' . | grep -vE "# OK: user-must-opt-in" && errors=$((errors+1))
|
|
|
|
# Decide on an exit status based on the errors
|
|
if [ "$errors" -gt 0 ]; then
|
|
exit 1
|
|
else
|
|
exit 0
|
|
fi
|