Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
Llama Index
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Iterations
Wiki
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Locked files
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Package registry
Container Registry
Model registry
Operate
Environments
Terraform modules
Monitor
Incidents
Service Desk
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Code review analytics
Issue analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Terms and privacy
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
mirrored_repos
MachineLearning
run-llama
Llama Index
Commits
b57e7673
Unverified
Commit
b57e7673
authored
1 month ago
by
Massimiliano Pippi
Committed by
GitHub
1 month ago
Browse files
Options
Downloads
Patches
Plain Diff
fix: escape user input before shelling out command (#17953)
parent
2c00a1df
No related branches found
Branches containing commit
No related tags found
Tags containing commit
No related merge requests found
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
llama-index-cli/llama_index/cli/rag/base.py
+6
-4
6 additions, 4 deletions
llama-index-cli/llama_index/cli/rag/base.py
llama-index-cli/pyproject.toml
+2
-2
2 additions, 2 deletions
llama-index-cli/pyproject.toml
with
8 additions
and
6 deletions
llama-index-cli/llama_index/cli/rag/base.py
+
6
−
4
View file @
b57e7673
import
asyncio
import
os
import
shlex
import
shutil
from
argparse
import
ArgumentParser
from
glob
import
iglob
...
...
@@ -14,8 +15,8 @@ from llama_index.core import (
from
llama_index.core.base.embeddings.base
import
BaseEmbedding
from
llama_index.core.base.response.schema
import
(
RESPONSE_TYPE
,
StreamingResponse
,
Response
,
StreamingResponse
,
)
from
llama_index.core.bridge.pydantic
import
BaseModel
,
Field
,
field_validator
from
llama_index.core.chat_engine
import
CondenseQuestionChatEngine
...
...
@@ -159,7 +160,7 @@ class RagCLI(BaseModel):
if
chat_engine
is
not
None
:
return
chat_engine
if
values
.
get
(
"
query_pipeline
"
,
None
)
is
None
:
if
values
.
get
(
"
query_pipeline
"
)
is
None
:
values
[
"
query_pipeline
"
]
=
cls
.
query_pipeline_from_ingestion_pipeline
(
query_pipeline
=
None
,
values
=
values
)
...
...
@@ -231,7 +232,8 @@ class RagCLI(BaseModel):
# Append the `--files` argument to the history file
with
open
(
f
"
{
self
.
persist_dir
}
/
{
RAG_HISTORY_FILE_NAME
}
"
,
"
a
"
)
as
f
:
f
.
write
(
str
(
files
)
+
"
\n
"
)
for
file
in
files
:
f
.
write
(
str
(
file
)
+
"
\n
"
)
if
create_llama
:
if
shutil
.
which
(
"
npx
"
)
is
None
:
...
...
@@ -289,7 +291,7 @@ class RagCLI(BaseModel):
"
none
"
,
"
--engine
"
,
"
context
"
,
f
"
--files
{
path
}
"
,
f
"
--files
{
shlex
.
quote
(
path
)
}
"
,
]
os
.
system
(
"
"
.
join
(
command_args
))
...
...
This diff is collapsed.
Click to expand it.
llama-index-cli/pyproject.toml
+
2
−
2
View file @
b57e7673
...
...
@@ -14,7 +14,7 @@ disallow_untyped_defs = true
# Remove venv skip when integrated with pre-commit
exclude
=
[
"_static"
,
"build"
,
"examples"
,
"notebooks"
,
"venv"
]
ignore_missing_imports
=
true
python_version
=
"3.
8
"
python_version
=
"3.
9
"
[tool.poetry]
authors
=
[
"llamaindex"
]
...
...
@@ -32,7 +32,7 @@ maintainers = [
name
=
"llama-index-cli"
packages
=
[{include
=
"llama_index/"
}]
readme
=
"README.md"
version
=
"0.4.
0
"
version
=
"0.4.
1
"
[tool.poetry.dependencies]
python
=
">
=
3.9
,
<
4.0
"
...
...
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment
