phoenix-oss/llama-stack-mirror
0
0
Fork 1
mirror of https://github.com/meta-llama/llama-stack.git synced 2025-06-28 02:53:30 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Sec fixes as raised by bandit (#917)

Browse source 
minor fixes to hashlib and jinja
This commit is contained in:
Hardik Shah 2025-01-31 13:44:26 -08:00 committed by GitHub
parent 7ea14ae62e
commit a7b929f17e
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
9 changed files with 53 additions and 56 deletions
Download patch file Download diff file Expand all files Collapse all files

7
llama_stack/templates/template.py
View file

@ -137,7 +137,12 @@ class DistributionTemplate(BaseModel):
template = self.template_path.read_text()
# Render template with rich-generated table
env = jinja2.Environment(trim_blocks=True, lstrip_blocks=True)
env = jinja2.Environment(
trim_blocks=True,
lstrip_blocks=True,
# NOTE: autoescape is required to prevent XSS attacks
autoescape=True,
)
template = env.from_string(template)
return template.render(
name=self.name,