RomanNum3ral
/
MicroFish
mirror of https://github.com/666ghj/MiroFish.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
MicroFish/backend/app/services
History
warren618 56789a2c98 fix(security): sanitize user-supplied IDs to prevent path traversal 
simulation_id, project_id, report_id, and platform parameters from
API requests are used directly in os.path.join() to construct file
paths. An attacker can use values like "../../etc" to read/write
files or create directories outside the intended data directory.

Added validation: reject any ID that differs from its os.path.basename(),
which catches path separators and traversal sequences.
 		2026-03-23 02:50:12 +08:00
..
__init__.py Implement Interview feature for agent interactions in simulations 2025-12-08 15:55:39 +08:00
graph_builder.py feat(graph): implement pagination for fetching nodes and edges; add utility functions for streamlined data retrieval 2026-02-27 15:53:29 +08:00
oasis_profile_generator.py Add new JSON data file and enhance simulation management features 2025-12-12 16:13:08 +08:00
ontology_generator.py Enhance backend startup logging and API endpoint display 2025-11-28 18:59:36 +08:00
report_agent.py fix(security): sanitize user-supplied IDs to prevent path traversal 2026-03-23 02:50:12 +08:00
simulation_config_generator.py Enhance simulation configuration and management features 2025-12-05 15:50:54 +08:00
simulation_ipc.py Implement Interview feature for agent interactions in simulations 2025-12-08 15:55:39 +08:00
simulation_manager.py fix(security): sanitize user-supplied IDs to prevent path traversal 2026-03-23 02:50:12 +08:00
simulation_runner.py Refactor process termination in SimulationRunner to support cross-platform handling and improve code clarity. Update development script to ensure concurrent processes are terminated correctly. 2025-12-30 17:45:27 +08:00
text_processor.py Introduce Project ID for context management, finalizing the stateful API pipeline from file submission to graph construction. 2025-11-28 17:21:08 +08:00
zep_entity_reader.py feat(graph): implement pagination for fetching nodes and edges; add utility functions for streamlined data retrieval 2026-02-27 15:53:29 +08:00
zep_graph_memory_updater.py feat(ZepGraphMemoryUpdater): add platform display name mapping and logging enhancements. 2026-01-16 09:00:10 +08:00
zep_tools.py feat(graph): implement pagination for fetching nodes and edges; add utility functions for streamlined data retrieval 2026-02-27 15:53:29 +08:00