TBNilles/ComfyUI-Manager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

modified: security policy

Browse Source 
- Strengthened the default security policy
- Subdivided the risky levels high and middle into high+, high, middle+, and middle
- Added support for personal_cloud network mode
- Updated README.md

fixed: invalid security message
fixed: legacy - crash when security policy violation occurred

modified: default 'use_uv' is now True
This commit is contained in:
Dr.Lt.Data
2025-06-27 01:38:38 +09:00
parent 1de6f859bf
commit 002e549a86
10 changed files with 127 additions and 75 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
comfyui_manager/glob/utils/security_utils.py
View File

@@ -13,16 +13,29 @@ def is_loopback(address):
def is_allowed_security_level(level):
is_local_mode = is_loopback(args.listen)
is_personal_cloud = core.get_config()['network_mode'].lower() == 'personal_cloud'
if level == RiskLevel.block.value:
return False
elif level == RiskLevel.high_p.value:
if is_local_mode:
return core.get_config()['security_level'] in [SecurityLevel.weak.value, SecurityLevel.normal_.value]
elif is_personal_cloud:
return core.get_config()['security_level'] == SecurityLevel.weak.value
else:
return False
elif level == RiskLevel.high.value:
if is_local_mode:
return core.get_config()["security_level"] in [SecurityLevel.weak.value, SecurityLevel.normal_.value]
return core.get_config()['security_level'] in [SecurityLevel.weak.value, SecurityLevel.normal_.value]
else:
return core.get_config()["security_level"] == SecurityLevel.weak.value
return core.get_config()['security_level'] == SecurityLevel.weak.value
elif level == RiskLevel.middle_p.value:
if is_local_mode or is_personal_cloud:
return core.get_config()['security_level'] in [SecurityLevel.weak.value, SecurityLevel.normal.value, SecurityLevel.normal_.value]
else:
return False
elif level == RiskLevel.middle.value:
return core.get_config()["security_level"] in [SecurityLevel.weak.value, SecurityLevel.normal.value, SecurityLevel.normal_.value]
return core.get_config()['security_level'] in [SecurityLevel.weak.value, SecurityLevel.normal.value, SecurityLevel.normal_.value]
else:
return True
@@ -41,7 +54,7 @@ async def get_risky_level(files, pip_packages):
for x in files:
if x not in all_urls:
return RiskLevel.high.value
return RiskLevel.high_p.value
all_pip_packages = set()
for x in json_data1["custom_nodes"] + json_data2["custom_nodes"]:
@@ -51,4 +64,4 @@ async def get_risky_level(files, pip_packages):
if p not in all_pip_packages:
return RiskLevel.block.value
return RiskLevel.middle.value
return RiskLevel.middle_p.value