Skip to content

Use Jinja sandboxed environment #240

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
m4dcoder merged 3 commits into from
Sep 17, 2021
Merged

Use Jinja sandboxed environment #240

m4dcoder merged 3 commits into from
Sep 17, 2021

Conversation

@amanda11
Copy link
Contributor

@amanda11 amanda11 commented Sep 16, 2021
edited
Loading

Use Jinja sandboxed environment, so that any templates that attempt to access insecure code will be rejected.

m4dcoder
m4dcoder requested changes Sep 16, 2021
View reviewed changes
Copy link
Collaborator

@m4dcoder m4dcoder left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • Do we need to update the Jinja version to >= 2.11 in requirements.txt?
  • Can you also update description of this PR on why we are using sandboxed environment
  • Please add a changelog entry.
  • The CI weren't building because workflows was automatically disabled by Github due to inactivity. I believe there's a build failure that need to be fixed.ding because workflows was automatically disabled by Github due to inactivity. It's resolved now. But I believe there's an unrelated build failure that need to be fixed.

@m4dcoder m4dcoder mentioned this pull request Sep 16, 2021
Closed
@amanda11 amanda11 mentioned this pull request Sep 17, 2021
Merged
@amanda11
Copy link
Contributor Author

amanda11 commented Sep 17, 2021

  • Do we need to update the Jinja version to >= 2.11 in requirements.txt?
  • Can you also update description of this PR on why we are using sandboxed environment
  • Please add a changelog entry.
  • The CI weren't building because workflows was automatically disabled by Github due to inactivity. I believe there's a build failure that need to be fixed.ding because workflows was automatically disabled by Github due to inactivity. It's resolved now. But I believe there's an unrelated build failure that need to be fixed.

@m4dcoder Addressed your review comments (stealing the sphinx change from your PR!)

m4dcoder
m4dcoder approved these changes Sep 17, 2021
View reviewed changes
Copy link
Collaborator

@m4dcoder m4dcoder left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you!

@m4dcoder m4dcoder merged commit 219f00d into master Sep 17, 2021
@m4dcoder m4dcoder deleted the use_sandbox branch September 17, 2021 17:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@nzlosh nzlosh nzlosh approved these changes

@m4dcoder m4dcoder m4dcoder approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@amanda11 @nzlosh @m4dcoder