Conversation
Address 42 findings across 16 modules from a full framework audit covering security, thread safety, correctness, and API completeness. Security: - ShellTool: create_subprocess_exec instead of create_subprocess_shell - FileSystemTool/FileStore: Path.is_relative_to() for path traversal - CORS: disable credentials with wildcard origins - Auth: hmac.compare_digest for timing-safe comparison - PostgreSQLStore: schema name SQL injection validation - RBAC: no closure mutation, positional args via inspect.signature - REST: generic error messages, no internal detail exposure - TextTool: 5s timeout for user-supplied regex (ReDoS protection) - Encryption: random per-call salt via os.urandom(16) Thread safety: - Added threading.Lock to CachedTool, RateLimitGuard, InMemoryStore, ConversationMemory (6 previously unprotected methods) Correctness: - PromptCacheMiddleware/CircuitBreakerMiddleware: before/after renamed to before_run/after_run to match AgentMiddleware protocol - CircuitBreakerMiddleware: added on_error hook for failure recording - Reasoning registry: auto-registers 6 built-in patterns at import - Pipeline engine: _gather_inputs respects output_key, started_at init - asyncio.run crashes: ThreadPoolExecutor fallback in database stores - Queue consumers: try/except per message prevents crash on bad input - Content chunking: fixed source position and offset tracking - Compression: O(1) eviction with deque + running token count - Prompt template: sentinel value allows None as legitimate default - LogRecord: copy before mutation prevents handler corruption - ConversationMemory: clear/clear_all now remove stale summaries - MemoryError renamed to FireflyMemoryError (deprecated alias kept) API completeness: - Added BatchLLMStep, RetryMiddleware, PromptCacheMiddleware, CacheStatistics, FireflyMemoryError, QuotaManager, RateLimiter, OutputGuard, PromptGuard, and trace functions to public exports Docs: - CHANGELOG.md: documented all changes under [Unreleased] - docs/security.md: updated encryption section for random salt - docs/tools.md: updated ShellTool description
![github-code-quality[bot]](https://avatars.githubusercontent.com/u/9919?s=60&v=4){kind=small}
|
|
||
| if loop is not None: | ||
| # Already inside an event loop -- offload to a background thread. | ||
| import concurrent.futures |
ancongui
added a commit
that referenced
this pull request
May 31, 2026
fix: comprehensive framework security audit and hardening
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Test plan
pytest tests/ -q— 0 failures)npm run build— 0 errors)