Skip to content

style: automated autofixes from CodeQL workflow#794

Closed
github-actions[bot] wants to merge 52 commits into
mainfrom
chore/codeql-autofix-28843570227
Closed

style: automated autofixes from CodeQL workflow#794
github-actions[bot] wants to merge 52 commits into
mainfrom
chore/codeql-autofix-28843570227

Conversation

@github-actions

@github-actions github-actions Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor

Automated cleanup pushed by the CodeQL Advanced workflow.

Tools applied:

  • ruff check --fix + ruff format (unsafe fixes only enabled when allow_unsafe_fixes=true on scheduled/manual runs)
  • prettier --write
  • eslint --fix (if configured in the repository)
  • clang-format -i --style=file (when C/C++ files are present)

Triggered by: push on refs/heads/main (run #28843570227).

Copilot AI and others added 27 commits July 6, 2026 15:24
Extends the AISafetyMiddleware integration in shared/ai_runner.py to
validate the model's reply through validate_output() before returning it.
Responses containing secret patterns or dangerous-code markers now raise
RuntimeError. The output risk level is surfaced in the returned metadata
dict under the "output_risk" key.

Six new tests in TestRunChatOnceOutputSafety cover all paths:
blocked dangerous code, blocked secret pattern, clean pass-through,
metadata presence, risk level value, and error message content.

All 32 tests in test_ai_runner.py pass.

AI-Generated: true
… jobs

Replace placeholder Node.js config with a fully structured CircleCI 2.1
pipeline for this Python project:

- Switch executor from cimg/node:24.0-browsers to cimg/python:3.11
- Add pip dependency cache keyed on requirements-dev.txt + requirements.txt
  (critical for heavy deps: torch, azure-*, gradio)
- Add pre-commit hook cache keyed on .pre-commit-config.yaml
- Split work into four parallel jobs: lint, type-check, pre-commit, unit-test
- unit-test uses parallelism:2 with circleci tests split --split-by=timings
- Store JUnit XML via store_test_results (enables test insights / retry failed)
- Store coverage XML as artifacts
- Fan-in ci-gate job for branch-protection status checks
- Shared executor and reusable commands (DRY, consistent env vars)

AI-Generated: true
…error

The Merge and continue step reads .circleci/cci-agent-setup.yml as the
customer job YAML. The file was empty, causing YAML to parse as null
(not an object), which failed with "Invalid customer job YAML: root is
not an object". Added a valid version 2.1 config with the test job
matching config.yml.

AI-Generated: true
…nt-setup.yml

The setup-workflow (7346b1cd) failed at the "Merge and continue" step with:
  "Invalid customer job YAML: root is not an object"

Root cause: .circleci/cci-agent-setup.yml was 0 bytes. The Chunk agent
parses this file as customer YAML and merges it with its generated config;
an empty file parses as YAML null (not an object), crashing the merge.

Also add a workflows section to config.yml so that webhook-triggered
pipelines (which use config.yml directly, bypassing the agent setup) no
longer fail with "There are no workflows or build jobs in the config."

AI-Generated: true
…, add URL scheme validation, suppress safe uses with noqa

- Replace MD5 with SHA256 in apps/aria/server.py and shared/performance_utils.py (CWE-327)
- Add URL scheme validation (http/https only) to core/agents/tool_agent.py,
  core/ingestion/pipeline.py, core/notifications.py, app.py, LMSTUDIO_AGI_INTEGRATION_IMPL.py
- Suppress exec() in tool_executor.py with safety comment (RestrictedPython sandboxing)
- Suppress trusted pickle loads in deploy_quantum_models_azure.py (path-validated)
- Add noqa: S310 to urlopen calls with local/config-driven endpoints in chat_providers.py,
  data_augmenter.py, metrics_logger.py, train_lora.py, and scripts
- Add noqa: S311 for non-cryptographic random usage in data_augmenter.py,
  quantum_mcp_server.py, serve.py, and server.py
…n-crypto position key

Code review feedback: using sha256()[:4] defeats the purpose of SHA256.
For non-cryptographic deterministic positioning, Python's built-in hash() is appropriate.
[WIP] Fix import error in token_utils for count_tokens and estimate_tokens
ci: optimize CircleCI config with Python image, caching, and parallel…
…ty-yaml

Chunk/fix cci agent setup empty yaml
Signed-off-by: Bryan <74067792+Bryan-Roe@users.noreply.github.com>
style: apply automated autofixes (ruff / prettier / clang-format)
Signed-off-by: Bryan <74067792+Bryan-Roe@users.noreply.github.com>
…1008

style: apply automated autofixes (ruff / prettier / clang-format)
Comment on lines +1313 to +1319
resp = self.client.chat.completions.create(
model=self.model,
messages=normalized_messages,
temperature=self.temperature,
max_tokens=self.max_output_tokens,
stream=stream,
)

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Semgrep identified an issue in your code:
Possibly found usage of AI: OpenAI

To resolve this comment:

🔧 No guidance has been designated for this issue. Fix according to your organization's approved methods.

💬 Ignore this finding

Reply with Semgrep commands to ignore this finding.

  • /fp <comment> for false positive
  • /ar <comment> for acceptable risk
  • /other <comment> for all other reasons

Alternatively, triage in Semgrep AppSec Platform to ignore the finding created by detect-openai.

You can view more details about this finding in the Semgrep AppSec Platform.

resolved_key = api_key or os.getenv("GROQ_API_KEY")
if not resolved_key:
raise RuntimeError("Groq provider requires GROQ_API_KEY to be set.")
self.client = OpenAI(base_url=base_url, api_key=resolved_key)

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Semgrep identified an issue in your code:
Possibly found usage of AI: OpenAI

To resolve this comment:

🔧 No guidance has been designated for this issue. Fix according to your organization's approved methods.

💬 Ignore this finding

Reply with Semgrep commands to ignore this finding.

  • /fp <comment> for false positive
  • /ar <comment> for acceptable risk
  • /other <comment> for all other reasons

Alternatively, triage in Semgrep AppSec Platform to ignore the finding created by detect-openai.

You can view more details about this finding in the Semgrep AppSec Platform.


with open(pca_path, "rb") as f:
pca = pickle.load(f)
pca = pickle.load(f) # noqa: S301

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Semgrep identified an issue in your code:
The application was found using pickle which is vulnerable to deserialization attacks.
Deserialization attacks exploit the process of reading serialized data and turning it back
into an object. By constructing malicious objects and serializing them, an adversary may
attempt to:

  • Inject code that is executed upon object construction, which occurs during the
    deserialization process.
  • Exploit mass assignment by including fields that are not normally a part of the serialized
    data but are read in during deserialization.

Consider safer alternatives such as serializing data in the JSON format. Ensure any format
chosen allows the application to specify exactly which object types are allowed to be deserialized.

To protect against mass assignment, only allow deserialization of the specific fields that are
required. If this is not easily done, consider creating an intermediary type that
can be serialized with only the necessary fields exposed.

Example JSON deserializer using an intermediary type that is validated against a schema to ensure
it is safe from mass assignment:

import jsonschema

# Create a schema to validate our user-supplied input against
# an intermediary object
intermediary_schema = {
    "type" : "object",
    "properties" :  {
        "name": {"type" : "string"}
    },
    "required": ["name"],
    # Protect against random properties being added to the object
    "additionalProperties": False,
}
# If a user attempted to add "'is_admin': True" it would cause a validation error
intermediary_object = {'name': 'test user'}

try:
    # Validate the user supplied intermediary object against our schema
    jsonschema.validate(instance=intermediary_object, schema=intermediary_schema)
    user_object = {'user':
        {
            # Assign the deserialized data from intermediary object
            'name': intermediary_object['name'],
            # Add in protected data in object definition (or set it from a class constructor)
            'is_admin': False,
        }
    }
    # Work with the user_object
except jsonschema.exceptions.ValidationError as ex:
    # Gracefully handle validation errors
    # ...

For more details on deserialization attacks in general, see OWASP's guide:

To resolve this comment:

🔧 No guidance has been designated for this issue. Fix according to your organization's approved methods.

💬 Ignore this finding

Reply with Semgrep commands to ignore this finding.

  • /fp <comment> for false positive
  • /ar <comment> for acceptable risk
  • /other <comment> for all other reasons

Alternatively, triage in Semgrep AppSec Platform to ignore the finding created by B301-1.

You can view more details about this finding in the Semgrep AppSec Platform.

# Path traversal is prevented above; loading from the trusted results directory only.
with open(scaler_path, "rb") as f:
scaler = pickle.load(f)
scaler = pickle.load(f) # noqa: S301

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Semgrep identified an issue in your code:
The application was found using pickle which is vulnerable to deserialization attacks.
Deserialization attacks exploit the process of reading serialized data and turning it back
into an object. By constructing malicious objects and serializing them, an adversary may
attempt to:

  • Inject code that is executed upon object construction, which occurs during the
    deserialization process.
  • Exploit mass assignment by including fields that are not normally a part of the serialized
    data but are read in during deserialization.

Consider safer alternatives such as serializing data in the JSON format. Ensure any format
chosen allows the application to specify exactly which object types are allowed to be deserialized.

To protect against mass assignment, only allow deserialization of the specific fields that are
required. If this is not easily done, consider creating an intermediary type that
can be serialized with only the necessary fields exposed.

Example JSON deserializer using an intermediary type that is validated against a schema to ensure
it is safe from mass assignment:

import jsonschema

# Create a schema to validate our user-supplied input against
# an intermediary object
intermediary_schema = {
    "type" : "object",
    "properties" :  {
        "name": {"type" : "string"}
    },
    "required": ["name"],
    # Protect against random properties being added to the object
    "additionalProperties": False,
}
# If a user attempted to add "'is_admin': True" it would cause a validation error
intermediary_object = {'name': 'test user'}

try:
    # Validate the user supplied intermediary object against our schema
    jsonschema.validate(instance=intermediary_object, schema=intermediary_schema)
    user_object = {'user':
        {
            # Assign the deserialized data from intermediary object
            'name': intermediary_object['name'],
            # Add in protected data in object definition (or set it from a class constructor)
            'is_admin': False,
        }
    }
    # Work with the user_object
except jsonschema.exceptions.ValidationError as ex:
    # Gracefully handle validation errors
    # ...

For more details on deserialization attacks in general, see OWASP's guide:

To resolve this comment:

🔧 No guidance has been designated for this issue. Fix according to your organization's approved methods.

💬 Ignore this finding

Reply with Semgrep commands to ignore this finding.

  • /fp <comment> for false positive
  • /ar <comment> for acceptable risk
  • /other <comment> for all other reasons

Alternatively, triage in Semgrep AppSec Platform to ignore the finding created by B301-1.

You can view more details about this finding in the Semgrep AppSec Platform.

try:
with self._timeout_context(self.timeout):
exec(compiled_code, exec_globals, exec_locals)
exec(compiled_code, exec_globals, exec_locals) # noqa: S102

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Semgrep identified an issue in your code:
The application was found calling the exec function with a non-literal variable. If the
variable comes from user-supplied input, an adversary could compromise the entire system by
executing arbitrary python code.

To remediate this issue, remove all calls to exec and consider alternative methods for
executing the necessary business logic. There is almost no safe method of calling eval
with user-supplied input.

If the application only needs to convert strings into objects, consider using json.loads.
In some cases ast.literal_eval is recommended, but this should be avoided as it can still
suffer from other issues such as the ability for malicious code to crash the python
interpreter or application.

Example using `json.loads`` to load in arbitrary data to create data structures:

# User supplied data as a blob of JSON
user_supplied_data = """{"user": "test", "metadata": [1,2,3]}"""
# Load the JSON
user_object = json.loads(user_supplied_data)
# Manually add protected properties _after_ loading, never before
user_object["is_admin"] = False
# Work with the object

To resolve this comment:

🔧 No guidance has been designated for this issue. Fix according to your organization's approved methods.

💬 Ignore this finding

Reply with Semgrep commands to ignore this finding.

  • /fp <comment> for false positive
  • /ar <comment> for acceptable risk
  • /other <comment> for all other reasons

Alternatively, triage in Semgrep AppSec Platform to ignore the finding created by B102.

You can view more details about this finding in the Semgrep AppSec Platform.


with open(pca_path, "rb") as f:
pca = pickle.load(f)
pca = pickle.load(f) # noqa: S301

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Semgrep identified an issue in your code:
Avoid using pickle, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format.

To resolve this comment:

🔧 No guidance has been designated for this issue. Fix according to your organization's approved methods.

💬 Ignore this finding

Reply with Semgrep commands to ignore this finding.

  • /fp <comment> for false positive
  • /ar <comment> for acceptable risk
  • /other <comment> for all other reasons

Alternatively, triage in Semgrep AppSec Platform to ignore the finding created by avoid-pickle.

You can view more details about this finding in the Semgrep AppSec Platform.

# Path traversal is prevented above; loading from the trusted results directory only.
with open(scaler_path, "rb") as f:
scaler = pickle.load(f)
scaler = pickle.load(f) # noqa: S301

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Semgrep identified an issue in your code:
Avoid using pickle, which is known to lead to code execution vulnerabilities. When unpickling, the serialized data could be manipulated to run arbitrary code. Instead, consider serializing the relevant data as JSON or a similar text-based serialization format.

To resolve this comment:

🔧 No guidance has been designated for this issue. Fix according to your organization's approved methods.

💬 Ignore this finding

Reply with Semgrep commands to ignore this finding.

  • /fp <comment> for false positive
  • /ar <comment> for acceptable risk
  • /other <comment> for all other reasons

Alternatively, triage in Semgrep AppSec Platform to ignore the finding created by avoid-pickle.

You can view more details about this finding in the Semgrep AppSec Platform.

for _ in range(20):
try:
urllib.request.urlopen(probe_url, timeout=2)
urllib.request.urlopen(probe_url, timeout=2) # noqa: S310

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Semgrep identified an issue in your code:
Detected 'urllib.urlopen()' using 'http://'. This request will not be encrypted. Use 'https://' instead.

To resolve this comment:

💡 Follow autofix suggestion

Suggested change
urllib.request.urlopen(probe_url, timeout=2) # noqa: S310
urllib.request.urlopen(probe_url, timeout=2) # noqa: S310
💬 Ignore this finding

Reply with Semgrep commands to ignore this finding.

  • /fp <comment> for false positive
  • /ar <comment> for acceptable risk
  • /other <comment> for all other reasons

Alternatively, triage in Semgrep AppSec Platform to ignore the finding created by insecure-urlopen.

You can view more details about this finding in the Semgrep AppSec Platform.

probe_url = "http://127.0.0.1:11434/api/tags"
try:
urllib.request.urlopen(probe_url, timeout=2)
urllib.request.urlopen(probe_url, timeout=2) # noqa: S310

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Semgrep identified an issue in your code:
Detected 'urllib.urlopen()' using 'http://'. This request will not be encrypted. Use 'https://' instead.

To resolve this comment:

🔧 No guidance has been designated for this issue. Fix according to your organization's approved methods.

💬 Ignore this finding

Reply with Semgrep commands to ignore this finding.

  • /fp <comment> for false positive
  • /ar <comment> for acceptable risk
  • /other <comment> for all other reasons

Alternatively, triage in Semgrep AppSec Platform to ignore the finding created by insecure-urlopen.

You can view more details about this finding in the Semgrep AppSec Platform.

Comment on lines 88 to 114
@@ -108,7 +108,7 @@ def _start_ollama_if_needed() -> bool:

for _ in range(20):
try:
urllib.request.urlopen(probe_url, timeout=2)
urllib.request.urlopen(probe_url, timeout=2) # noqa: S310
print("Ollama server is running.")
return True
except Exception:

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Semgrep identified an issue in your code:
Detected 'urllib.urlopen()' using 'http://'. This request will not be encrypted. Use 'https://' instead.

To resolve this comment:

🔧 No guidance has been designated for this issue. Fix according to your organization's approved methods.

💬 Ignore this finding

Reply with Semgrep commands to ignore this finding.

  • /fp <comment> for false positive
  • /ar <comment> for acceptable risk
  • /other <comment> for all other reasons

Alternatively, triage in Semgrep AppSec Platform to ignore the finding created by insecure-urlopen.

You can view more details about this finding in the Semgrep AppSec Platform.


url = "http://127.0.0.1:11434/api/tags"
request = urllib.request.Request(url, headers={"User-Agent": "setup-check"})
request = urllib.request.Request(url, headers={"User-Agent": "setup-check"}) # noqa: S310

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Semgrep identified an issue in your code:
Detected a 'urllib.request.Request()' object using an insecure transport protocol, 'http://'. This connection will not be encrypted. Use 'https://' instead.

To resolve this comment:

🔧 No guidance has been designated for this issue. Fix according to your organization's approved methods.

💬 Ignore this finding

Reply with Semgrep commands to ignore this finding.

  • /fp <comment> for false positive
  • /ar <comment> for acceptable risk
  • /other <comment> for all other reasons

Alternatively, triage in Semgrep AppSec Platform to ignore the finding created by insecure-request-object.

You can view more details about this finding in the Semgrep AppSec Platform.

Comment on lines 240 to +241
url = "http://127.0.0.1:11434/api/tags"
request = urllib.request.Request(url, headers={"User-Agent": "setup-check"})
request = urllib.request.Request(url, headers={"User-Agent": "setup-check"}) # noqa: S310

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Semgrep identified an issue in your code:
Detected a 'urllib.request.Request()' object using an insecure transport protocol, 'http://'. This connection will not be encrypted. Use 'https://' instead.

To resolve this comment:

💡 Follow autofix suggestion

Suggested change
url = "http://127.0.0.1:11434/api/tags"
request = urllib.request.Request(url, headers={"User-Agent": "setup-check"})
request = urllib.request.Request(url, headers={"User-Agent": "setup-check"}) # noqa: S310
url = "https://127.0.0.1:11434/api/tags"
request = urllib.request.Request(url, headers={"User-Agent": "setup-check"}) # noqa: S310
💬 Ignore this finding

Reply with Semgrep commands to ignore this finding.

  • /fp <comment> for false positive
  • /ar <comment> for acceptable risk
  • /other <comment> for all other reasons

Alternatively, triage in Semgrep AppSec Platform to ignore the finding created by insecure-request-object.

You can view more details about this finding in the Semgrep AppSec Platform.

try:
req = Request(url, method="GET")
with urlopen(req, timeout=LOCAL_DEV_ADAPTER_REQUEST_TIMEOUT_SEC) as resp:
req = Request(url, method="GET") # noqa: S310

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Semgrep identified an issue in your code:
Detected a 'urllib.request.Request()' object using an insecure transport protocol, 'http://'. This connection will not be encrypted. Use 'https://' instead.

To resolve this comment:

🔧 No guidance has been designated for this issue. Fix according to your organization's approved methods.

💬 Ignore this finding

Reply with Semgrep commands to ignore this finding.

  • /fp <comment> for false positive
  • /ar <comment> for acceptable risk
  • /other <comment> for all other reasons

Alternatively, triage in Semgrep AppSec Platform to ignore the finding created by insecure-request-object.

You can view more details about this finding in the Semgrep AppSec Platform.

try:
with self._timeout_context(self.timeout):
exec(compiled_code, exec_globals, exec_locals)
exec(compiled_code, exec_globals, exec_locals) # noqa: S102

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Semgrep identified an issue in your code:
Detected the use of exec(). exec() can be dangerous if used to evaluate dynamic content. If this content can be input from outside the program, this may be a code injection vulnerability. Ensure evaluated content is not definable by external sources.

To resolve this comment:

🔧 No guidance has been designated for this issue. Fix according to your organization's approved methods.

💬 Ignore this finding

Reply with Semgrep commands to ignore this finding.

  • /fp <comment> for false positive
  • /ar <comment> for acceptable risk
  • /other <comment> for all other reasons

Alternatively, triage in Semgrep AppSec Platform to ignore the finding created by exec-detected.

You can view more details about this finding in the Semgrep AppSec Platform.

@bryan-roe-bot

bryan-roe-bot Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor

Semgrep found 16 B311 findings:

Depending on the context, generating weak random numbers may expose cryptographic functions,
which rely on these numbers, to be exploitable. When generating numbers for sensitive values
such as tokens, nonces, and cryptographic keys, it is recommended that the secrets module
be used instead.

Example using the secrets module:

import secrets

# Generate a secure random 64 byte array
random_bytes = secrets.token_bytes(64)
print(random_bytes)

# Generate a secure random 64 byte array as a hex string
random_bytes_hex = secrets.token_hex(64)

# Generate a secure random 64 byte array base64 encoded for use in URLs
random_string = secrets.token_urlsafe(64)

For more information on the secrets module see:

Semgrep found 26 detect-generic-ai-oai findings:

Possibly found usage of AI: OpenAI

Semgrep found 23 B310-1 findings:

The application was found passing in a non-literal value to the urllib methods which issue
requests. urllib supports the file:// scheme, which may allow an adversary who can control
the URL value to read arbitrary files on the file system.

To remediate this issue either hardcode the URLs being used in urllib or use the requests
module instead.

Example using the requests module to issue an HTTPS request:

import requests
# Issue a GET request to https://example.com with a timeout of 10 seconds
response = requests.get('https://example.com', timeout=10)
# Work with the response object
# ...

Semgrep found 1 insecure-urlopen finding:

Detected 'urllib.urlopen()' using 'http://'. This request will not be encrypted. Use 'https://' instead.

Semgrep found 1 insecure-request-object finding:

Detected a 'urllib.request.Request()' object using an insecure transport protocol, 'http://'. This connection will not be encrypted. Use 'https://' instead.

Semgrep found 25 dynamic-urllib-use-detected findings:

Detected a dynamic value being used with urllib. urllib supports 'file://' schemes, so a dynamic value controlled by a malicious actor may allow them to read arbitrary files. Audit uses of urllib calls to ensure user data cannot control the URLs, or consider using the 'requests' library instead.

@Bryan-Roe Bryan-Roe closed this Jul 7, 2026
@Bryan-Roe Bryan-Roe deleted the chore/codeql-autofix-28843570227 branch July 7, 2026 09:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants