mmarch/text-generation-webui
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request from GHSA-hv5m-3rp9-xcpf

Browse source 
* Remove eval of API input

* Remove unnecessary eval/exec for security

* Use ast.literal_eval

* Use ast.literal_eval

---------

Co-authored-by: oobabooga <112222186+oobabooga@users.noreply.github.com>
This commit is contained in:
Mikel Bober-Irizar 2023-04-16 05:36:50 +01:00 committed by GitHub
parent d2ea925fa5
commit 16a3a5b039
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 15 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

4
modules/shared.py
View file

@ -152,9 +152,9 @@ args_defaults = parser.parse_args([])
# Deprecation warnings for parameters that have been renamed
deprecated_dict = {}
for k in deprecated_dict:
if eval(f"args.{k}") != deprecated_dict[k][1]:
if getattr(args, k) != deprecated_dict[k][1]:
print(f"Warning: --{k} is deprecated and will be removed. Use --{deprecated_dict[k][0]} instead.")
exec(f"args.{deprecated_dict[k][0]} = args.{k}")
setattr(args, deprecated_dict[k][0], getattr(args, k))
# Deprecation warnings for parameters that have been removed
if args.cai_chat: