Skip to content

Use Jinja sandboxed environment #5359

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 6 commits into from
Sep 20, 2021
Merged

Use Jinja sandboxed environment #5359

merged 6 commits into from
Sep 20, 2021

Conversation

@amanda11
Copy link
Contributor

@amanda11 amanda11 commented Sep 16, 2021
edited
Loading

Use Jinja sandboxed environment, so that any templates that attempt to access insecure code will be rejected.

@pull-request-size pull-request-size bot added the size/XS PR that changes 0-9 lines. Quick fix/merge. label Sep 16, 2021
@amanda11 amanda11 added this to the 3.6.0 milestone Sep 16, 2021
m4dcoder
m4dcoder requested changes Sep 16, 2021
View reviewed changes
Copy link
Contributor

@m4dcoder m4dcoder left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • Do we need to update Jinja >= 2.11 in requirements?
  • Please update orquesta version in requirements to use the commit with the similar fix (after StackStorm/orquesta#240 is merged).
  • Please add a changelog entry.
  • Please update description of this PR on why this fix is needed.

@amanda11
Copy link
Contributor Author

amanda11 commented Sep 17, 2021

  • Do we need to update Jinja >= 2.11 in requirements?
  • Please update orquesta version in requirements to use the commit with the similar fix (after StackStorm/orquesta#240 is merged).
  • Please add a changelog entry.
  • Please update description of this PR on why this fix is needed.

@m4dcoder I've addressed your requirements, Jinja is already at 2.11 in the requirements on ST2 requirements.

@pull-request-size pull-request-size bot added size/S PR that changes 10-29 lines. Very easy to review. and removed size/XS PR that changes 0-9 lines. Quick fix/merge. labels Sep 17, 2021
amanda11 and others added 4 commits September 17, 2021 21:02
@amanda11
Temporarily refer to specific orquesta commit
5f00a27
@amanda11
Need to update networkx to match orquesta
7bafcd9
@m4dcoder
Update orquesta version with the Jinja sandboxed environment fix
bba7fcc
@m4dcoder
Update method calls to get nodes from DiGraph
c805e33 
The networkx library has changed some interfaces in v2.x. The node attribute
is no longer a member of DiGraph therefore use nodes attribute instead.
@pull-request-size pull-request-size bot added size/M PR that changes 30-99 lines. Good size to review. and removed size/S PR that changes 10-29 lines. Very easy to review. labels Sep 18, 2021
@CLAassistant
Copy link

CLAassistant commented Sep 18, 2021
edited
Loading

CLA assistant check
All committers have signed the CLA.

@amanda11 amanda11 merged commit e97659c into master Sep 20, 2021
@amanda11 amanda11 deleted the use_sandbox_jinja branch September 20, 2021 08:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@nzlosh nzlosh nzlosh approved these changes

@m4dcoder m4dcoder m4dcoder approved these changes

Assignees

No one assigned

Labels

size/M PR that changes 30-99 lines. Good size to review.

Projects

None yet

Milestone

3.6.0

Development

Successfully merging this pull request may close these issues.

5 participants

@amanda11 @CLAassistant @nzlosh @m4dcoder