AI-Cognitive-Leap/agnes-the-ai-analyst
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
agnes-the-ai-analyst/app
History
ZdenekSrotyr 535b5fb1bf security: strip VIRTUAL_ENV/PYTHONPATH from script sandbox and block httpx 
Replace inherited env vars with a minimal env dict (PATH, DATA_DIR, HOME only),
omitting VIRTUAL_ENV and PYTHONPATH to prevent subprocess access to installed
packages. Switch subprocess invocation to sys.executable so the correct
interpreter is used with the restricted PATH. Add httpx to blocked_patterns
and BLOCKED_MODULES. Add test_sandbox_cannot_import_httpx to test_security.py.
2026-04-09 06:58:26 +02:00
..
api security: strip VIRTUAL_ENV/PYTHONPATH from script sandbox and block httpx 2026-04-09 06:58:26 +02:00
auth security: reduce JWT expiry to 24h and add jti claim 2026-04-09 06:57:23 +02:00
web fix: login page uses login_buttons format expected by template 2026-04-08 07:11:03 +02:00
__init__.py feat: add FastAPI server with auth, RBAC, and all API endpoints 2026-03-27 15:19:18 +01:00
instance_config.py feat: complete system — web UI, all API endpoints, governance, admin, CLI commands 2026-03-27 16:52:22 +01:00
main.py security: fix auth (argon2, cookie, JWT), CORS, session middleware, pyproject.toml 2026-04-08 12:08:52 +02:00