diff --git a/libs/core/langchain_core/indexing/api.py b/libs/core/langchain_core/indexing/api.py index 63226ba366a6f..ab729314cfc99 100644 --- a/libs/core/langchain_core/indexing/api.py +++ b/libs/core/langchain_core/indexing/api.py @@ -36,14 +36,14 @@ def _hash_string_to_uuid(input_string: str) -> uuid.UUID: """Hashes a string and returns the corresponding UUID.""" - hash_value = hashlib.sha1(input_string.encode("utf-8")).hexdigest() + hash_value = hashlib.sha1(input_string.encode("utf-8")).hexdigest() # noqa: S324 return uuid.uuid5(NAMESPACE_UUID, hash_value) def _hash_nested_dict_to_uuid(data: dict[Any, Any]) -> uuid.UUID: """Hashes a nested dictionary and returns the corresponding UUID.""" serialized_data = json.dumps(data, sort_keys=True) - hash_value = hashlib.sha1(serialized_data.encode("utf-8")).hexdigest() + hash_value = hashlib.sha1(serialized_data.encode("utf-8")).hexdigest() # noqa: S324 return uuid.uuid5(NAMESPACE_UUID, hash_value) diff --git a/libs/core/langchain_core/prompts/string.py b/libs/core/langchain_core/prompts/string.py index 0040f4b712279..f9128147e2b1a 100644 --- a/libs/core/langchain_core/prompts/string.py +++ b/libs/core/langchain_core/prompts/string.py @@ -97,7 +97,8 @@ def _get_jinja2_variables_from_template(template: str) -> set[str]: "Please install it with `pip install jinja2`." ) raise ImportError(msg) from e - env = Environment() + # noqa for insecure warning elsewhere + env = Environment() # noqa: S701 ast = env.parse(template) variables = meta.find_undeclared_variables(ast) return variables diff --git a/libs/core/langchain_core/runnables/graph_mermaid.py b/libs/core/langchain_core/runnables/graph_mermaid.py index 2c8319f027bf0..b0e7f3dd5de5e 100644 --- a/libs/core/langchain_core/runnables/graph_mermaid.py +++ b/libs/core/langchain_core/runnables/graph_mermaid.py @@ -331,7 +331,7 @@ def _render_mermaid_using_api( image_url = ( f"https://mermaid.ink/img/{mermaid_syntax_encoded}?bgColor={background_color}" ) - response = requests.get(image_url) + response = requests.get(image_url, timeout=10) if response.status_code == 200: img_bytes = response.content if output_file_path is not None: diff --git a/libs/core/pyproject.toml b/libs/core/pyproject.toml index 4a26b7f35a16f..92c0b0659ae38 100644 --- a/libs/core/pyproject.toml +++ b/libs/core/pyproject.toml @@ -72,6 +72,7 @@ select = [ "PIE", "Q", "RSE", + "S", # https://docs.astral.sh/ruff/rules/#flake8-bandit-s "SIM", "SLOT", "T10", @@ -85,6 +86,9 @@ ignore = [ "COM812", # Messes with the formatter "UP007", # Incompatible with pydantic + Python 3.9 "W293", # + "S101", # allow assert - TODO remove + "S110", # allow try/except/pass - TODO remove + "S112", # allow try/except/continue - TODO remove ] [tool.coverage.run] @@ -128,12 +132,13 @@ classmethod-decorators = [ "tests/unit_tests/prompts/test_chat.py" = ["E501"] "tests/unit_tests/runnables/test_runnable.py" = ["E501"] "tests/unit_tests/runnables/test_graph.py" = ["E501"] +"tests/**" = ["S"] # Ignore flake8-bandit rules in tests +"scripts/**" = ["S"] # Ignore flake8-bandit rules in scripts [tool.poetry.group.lint.dependencies] ruff = "^0.5" - [tool.poetry.group.typing.dependencies] mypy = ">=1.10,<1.11" types-pyyaml = "^6.0.12.2" @@ -142,14 +147,12 @@ types-jinja2 = "^2.11.9" simsimd = "^5.0.0" - [tool.poetry.group.dev.dependencies] jupyter = "^1.0.0" setuptools = "^67.6.1" grandalf = "^0.8" - [tool.poetry.group.test.dependencies] pytest = "^7.3.0" freezegun = "^1.2.2" @@ -169,17 +172,14 @@ version = "^1.26.0" python = ">=3.12" - [tool.poetry.group.test_integration.dependencies] - [tool.poetry.group.typing.dependencies.langchain-text-splitters] path = "../text-splitters" develop = true - [tool.poetry.group.test.dependencies.langchain-standard-tests] path = "../standard-tests" develop = true diff --git a/libs/core/scripts/check_imports.py b/libs/core/scripts/check_imports.py index 825bea5b48737..fa189a7117534 100644 --- a/libs/core/scripts/check_imports.py +++ b/libs/core/scripts/check_imports.py @@ -10,7 +10,8 @@ for file in files: try: module_name = "".join( - random.choice(string.ascii_letters) for _ in range(20) + random.choice(string.ascii_letters) + for _ in range(20) # noqa: S311 ) SourceFileLoader(module_name, file).load_module() except Exception: