TBNilles/LEANN
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

merge into: TBNilles:main
Branches Tags
TBNilles:main TBNilles:fix/drop-python39-support TBNilles:add-gh-pat-token-to-workflows TBNilles:feature/add-ty-type-checker TBNilles:feature/custom-folder-multi-vector TBNilles:feature/colqwen-integration TBNilles:feat/add-colqwen2.5-support TBNilles:revert-161-feat/multi-vector-timing-and-dataset-improvements TBNilles:feat/multi-vector-timing-and-dataset-improvements TBNilles:fix/pdf-duplicate-processing-175-clean TBNilles:fix/pdf-duplicate-processing-175 TBNilles:embed-launch TBNilles:issue-159-performance-analysis TBNilles:fix/security-eval-slack-mcp-reader-clean TBNilles:fix/security-eval-slack-mcp-reader TBNilles:fix/chunking-token-limit-behavior TBNilles:fix/chunking-token-limit-behavior-clean TBNilles:feature/optimize-ollama-batching TBNilles:gen-time TBNilles:fix/twitter-bookmarks-anchor-link TBNilles:fix-readme TBNilles:security/enhance-hf-model-loading-security TBNilles:feature/mcp-integration-clean TBNilles:feature/mcp-integration-support TBNilles:feature/imessage-rag-support TBNilles:feature/chatgpt-rag-support TBNilles:fix-update TBNilles:feature/claude-rag-support TBNilles:financebench TBNilles:fix/passage-server-signature TBNilles:colqwen TBNilles:fix/ask-cli-example TBNilles:feat/configurable-local-endpoints TBNilles:dynamic-add TBNilles:feat/add-github-templates TBNilles:fix/astchunk-uv-import TBNilles:ast-fork TBNilles:fix-arm64-linux TBNilles:cli_fix TBNilles:vldb-exp TBNilles:chore/ruff-imports-hnsw TBNilles:arch-eval TBNilles:mcp-fix TBNilles:fix-arch-ci TBNilles:fix/update-diskann-mkl-linking TBNilles:feature/auto-register-app-indexes TBNilles:feature/enhanced-cli-list-remove TBNilles:feature/add-gemini-api-support TBNilles:fix/52-include-hidden-flag TBNilles:fix/empty-chunks-cherry-pick TBNilles:docs/update-readmes-mcp-conclusion TBNilles:feature/skypilot-docs TBNilles:debug/clean-state-investigation TBNilles:clean-state-investigation TBNilles:add-macos15-support TBNilles:feat/multiple-input-formats TBNilles:fix-ollama-embedding-dimension-bug TBNilles:fix-mac-intel-build TBNilles:feature/graph-partition-support TBNilles:fix/claude-code-gitignore-support TBNilles:fix/clean-hang-solution TBNilles:feat/claude-code-refine TBNilles:feature/claude-code-research TBNilles:docs/update-contributors TBNilles:config TBNilles:refactor-app TBNilles:feat/diskann-smart-memory TBNilles:fix-macos-abi TBNilles:fix/openai-embeddings-cosine-distance TBNilles:fix/manylinux-compatibility TBNilles:apps TBNilles:perf-build TBNilles:readme-polish TBNilles:datastore-reproduce TBNilles:fix-all TBNilles:debug_diskann_disable_pipe TBNilles:master
TBNilles:v0.3.5 TBNilles:v0.3.4 TBNilles:v0.3.3 TBNilles:v0.3.2 TBNilles:v0.3.1 TBNilles:v0.3.0 TBNilles:v0.2.9 TBNilles:v0.2.8 TBNilles:v0.2.7 TBNilles:v0.2.6 TBNilles:v0.2.5 TBNilles:v0.2.4 TBNilles:v0.2.2 TBNilles:v0.2.1 TBNilles:v0.2.0 TBNilles:v0.1.16 TBNilles:v0.1.15 TBNilles:v0.1.14 TBNilles:v0.1.13 TBNilles:v0.1.12 TBNilles:v0.1.11 TBNilles:v0.1.10 TBNilles:v0.1.9 TBNilles:v0.1.7 TBNilles:v0.1.5 TBNilles:v0.1.2 TBNilles:v0.1.1 TBNilles:v0.1.0
...
pull from: TBNilles:fix/security-eval-slack-mcp-reader
Branches Tags
TBNilles:main TBNilles:fix/drop-python39-support TBNilles:add-gh-pat-token-to-workflows TBNilles:feature/add-ty-type-checker TBNilles:feature/custom-folder-multi-vector TBNilles:feature/colqwen-integration TBNilles:feat/add-colqwen2.5-support TBNilles:revert-161-feat/multi-vector-timing-and-dataset-improvements TBNilles:feat/multi-vector-timing-and-dataset-improvements TBNilles:fix/pdf-duplicate-processing-175-clean TBNilles:fix/pdf-duplicate-processing-175 TBNilles:embed-launch TBNilles:issue-159-performance-analysis TBNilles:fix/security-eval-slack-mcp-reader-clean TBNilles:fix/security-eval-slack-mcp-reader TBNilles:fix/chunking-token-limit-behavior TBNilles:fix/chunking-token-limit-behavior-clean TBNilles:feature/optimize-ollama-batching TBNilles:gen-time TBNilles:fix/twitter-bookmarks-anchor-link TBNilles:fix-readme TBNilles:security/enhance-hf-model-loading-security TBNilles:feature/mcp-integration-clean TBNilles:feature/mcp-integration-support TBNilles:feature/imessage-rag-support TBNilles:feature/chatgpt-rag-support TBNilles:fix-update TBNilles:feature/claude-rag-support TBNilles:financebench TBNilles:fix/passage-server-signature TBNilles:colqwen TBNilles:fix/ask-cli-example TBNilles:feat/configurable-local-endpoints TBNilles:dynamic-add TBNilles:feat/add-github-templates TBNilles:fix/astchunk-uv-import TBNilles:ast-fork TBNilles:fix-arm64-linux TBNilles:cli_fix TBNilles:vldb-exp TBNilles:chore/ruff-imports-hnsw TBNilles:arch-eval TBNilles:mcp-fix TBNilles:fix-arch-ci TBNilles:fix/update-diskann-mkl-linking TBNilles:feature/auto-register-app-indexes TBNilles:feature/enhanced-cli-list-remove TBNilles:feature/add-gemini-api-support TBNilles:fix/52-include-hidden-flag TBNilles:fix/empty-chunks-cherry-pick TBNilles:docs/update-readmes-mcp-conclusion TBNilles:feature/skypilot-docs TBNilles:debug/clean-state-investigation TBNilles:clean-state-investigation TBNilles:add-macos15-support TBNilles:feat/multiple-input-formats TBNilles:fix-ollama-embedding-dimension-bug TBNilles:fix-mac-intel-build TBNilles:feature/graph-partition-support TBNilles:fix/claude-code-gitignore-support TBNilles:fix/clean-hang-solution TBNilles:feat/claude-code-refine TBNilles:feature/claude-code-research TBNilles:docs/update-contributors TBNilles:config TBNilles:refactor-app TBNilles:feat/diskann-smart-memory TBNilles:fix-macos-abi TBNilles:fix/openai-embeddings-cosine-distance TBNilles:fix/manylinux-compatibility TBNilles:apps TBNilles:perf-build TBNilles:readme-polish TBNilles:datastore-reproduce TBNilles:fix-all TBNilles:debug_diskann_disable_pipe TBNilles:master
TBNilles:v0.3.5 TBNilles:v0.3.4 TBNilles:v0.3.3 TBNilles:v0.3.2 TBNilles:v0.3.1 TBNilles:v0.3.0 TBNilles:v0.2.9 TBNilles:v0.2.8 TBNilles:v0.2.7 TBNilles:v0.2.6 TBNilles:v0.2.5 TBNilles:v0.2.4 TBNilles:v0.2.2 TBNilles:v0.2.1 TBNilles:v0.2.0 TBNilles:v0.1.16 TBNilles:v0.1.15 TBNilles:v0.1.14 TBNilles:v0.1.13 TBNilles:v0.1.12 TBNilles:v0.1.11 TBNilles:v0.1.10 TBNilles:v0.1.9 TBNilles:v0.1.7 TBNilles:v0.1.5 TBNilles:v0.1.2 TBNilles:v0.1.1 TBNilles:v0.1.0

1 Commits
main ... fix/securi

Author SHA1 Message Date
aakash
697d247698 fix security vulnerability: replace eval() 2025-11-13 11:12:31 -08:00
1 changed files with 5 additions and 4 deletions
Expand all files Collapse all files

9
apps/slack_data/slack_mcp_reader.py
View File

@@ -7,6 +7,7 @@ for indexing in LEANN. It supports various Slack MCP server implementations and
flexible message processing options.
"""
import ast
import asyncio
import json
import logging
@@ -146,16 +147,16 @@ class SlackMCPReader:
match = re.search(r"'error':\s*(\{[^}]+\})", str(e))
if match:
try:
error_dict = eval(match.group(1))
except (ValueError, SyntaxError, NameError):
error_dict = ast.literal_eval(match.group(1))
except (ValueError, SyntaxError):
pass
else:
# Try alternative format
match = re.search(r"Failed to fetch messages:\s*(\{[^}]+\})", str(e))
if match:
try:
error_dict = eval(match.group(1))
except (ValueError, SyntaxError, NameError):
error_dict = ast.literal_eval(match.group(1))
except (ValueError, SyntaxError):
pass
if self._is_cache_sync_error(error_dict):