fix(security): block native FFI imports in generated code#14040
Conversation
|
Important Review skippedAuto incremental reviews are disabled on this repository. Please check the settings in the CodeRabbit UI or the ⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
WalkthroughThe AST security scanner now blocks native FFI imports, tracks aliases through assignments and branches, resolves dangerous accesses across multiple candidates, and isolates scope state. Tests cover these cases and verify unsafe flows stop before graph construction. ChangesSecurity scanner protections
Estimated code review effort: 4 (Complex) | ~45 minutes Possibly related PRs
Suggested labels: Suggested reviewers: 🚥 Pre-merge checks | ✅ 4 | ❌ 5❌ Failed checks (1 warning, 4 inconclusive)
✅ Passed checks (4 passed)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
✅ Test Coverage AdvisorNo source changes detected without accompanying tests. Thanks for keeping coverage up! 🎉
|
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## release-1.10.3 #14040 +/- ##
=================================================
Coverage ? 58.73%
=================================================
Files ? 2310
Lines ? 221521
Branches ? 32535
=================================================
Hits ? 130106
Misses ? 89881
Partials ? 1534
Flags with carried forward coverage won't be shown. Click here to find out more.
🚀 New features to boost your workflow:
|
Adam-Aghili
left a comment
There was a problem hiding this comment.
LGTM merge conflict
* fix(kb): enforce per-user path containment * fix(security): protect Docling Serve outbound requests (#14033) * fix(security): protect Docling Serve requests * fix(docling): support Self on Python 3.10 * [autofix.ci] apply automated fixes * [autofix.ci] apply automated fixes (attempt 2/3) * fix(auth): verify current password on password changes (#14034) * fix(security): harden MCP stdio configuration (#14036) * fix(security): restrict MCP stdio package sources * fix(security): block MCP Docker host access * fix(security): validate embedded MCP stdio configs * fix: require executable-only MCP commands * test: use allowed MCP commands in timeout tests * fix(security): harden component code module access (#14032) * fix(security): harden component code module access * fix(security): block native FFI imports in generated code * fix: track module assignment aliases in code scanner * fix(security): address alias review findings * fix: correct deprecated model settings behavior (#14047) * fix: prevent deprecated model enablement * test: use supported model in credential cleanup * fix(voice): enforce flow authorization on websocket (#14043) * fix(security): block native FFI imports in generated code (#14040) * fix(security): block native FFI imports in generated code * fix: track module assignment aliases in code scanner * chore: resolve code security conflicts * fix(security): confine AssemblyAI audio file access (#14037) * fix(security): confine AssemblyAI audio file access * [autofix.ci] apply automated fixes * test: stub optional AssemblyAI dependency * fix(security): harden AssemblyAI file submission --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> * fix: track assignment aliases in component code scanner (#14041) fix: bind loop and comprehension aliases --------- Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Summary
Testing
Merge order
Merge #14041 first, then this PR, then #14032.
Summary by CodeRabbit
Security Enhancements
Bug Fixes