admin/n8n-enterprise-unlocked
1
0
Fork 0
mirror of https://github.com/Abdulazizzn/n8n-enterprise-unlocked.git synced 2025-12-16 17:46:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor(core): Improve security violation error in native Python runner (#19286)

Browse Source
This commit is contained in:
Iván Ovejero
2025-09-08 10:45:07 +02:00
committed by GitHub
parent 2113532946
commit 56f4069325
4 changed files with 15 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
packages/@n8n/task-runner-python/src/constants.py
View File

@@ -144,4 +144,3 @@ ERROR_DANGEROUS_ATTRIBUTE = "Access to attribute '{attr}' is disallowed, because
ERROR_DYNAMIC_IMPORT = ( ERROR_DYNAMIC_IMPORT = (
"Dynamic __import__() calls are not allowed for security reasons." "Dynamic __import__() calls are not allowed for security reasons."
) )
ERROR_SECURITY_VIOLATIONS = "Security violations detected:\n{violations}"

9
packages/@n8n/task-runner-python/src/errors/security_violation_error.py
View File

@@ -1,4 +1,9 @@
class SecurityViolationError(Exception): class SecurityViolationError(Exception):
"""Raised when code violates security policies, typically through use of disallowed modules or builtins.""" """Raised when code violates security policies, typically through the use of disallowed modules or builtins."""
pass def __init__(
self, message: str = "Security violations detected", description: str = ""
):
super().__init__(message)
self.message = message
self.description = description

6
packages/@n8n/task-runner-python/src/task_analyzer.py
View File

@@ -12,7 +12,6 @@ from src.constants import (
ERROR_EXTERNAL_DISALLOWED, ERROR_EXTERNAL_DISALLOWED,
ERROR_DANGEROUS_ATTRIBUTE, ERROR_DANGEROUS_ATTRIBUTE,
ERROR_DYNAMIC_IMPORT, ERROR_DYNAMIC_IMPORT,
ERROR_SECURITY_VIOLATIONS,
ALWAYS_BLOCKED_ATTRIBUTES, ALWAYS_BLOCKED_ATTRIBUTES,
UNSAFE_ATTRIBUTES, UNSAFE_ATTRIBUTES,
) )
@@ -186,8 +185,9 @@ class TaskAnalyzer:
self._raise_security_error(security_validator.violations) self._raise_security_error(security_validator.violations)
def _raise_security_error(self, violations: CachedViolations) -> None: def _raise_security_error(self, violations: CachedViolations) -> None:
message = ERROR_SECURITY_VIOLATIONS.format(violations="\n".join(violations)) raise SecurityViolationError(
raise SecurityViolationError(message) message="Security violations detected", description="\n".join(violations)
)
def _to_cache_key(self, code: str) -> CacheKey: def _to_cache_key(self, code: str) -> CacheKey:
code_hash = hashlib.sha256(code.encode()).hexdigest() code_hash = hashlib.sha256(code.encode()).hexdigest()

6
packages/@n8n/task-runner-python/src/task_runner.py
View File

@@ -327,7 +327,11 @@ class TaskRunner:
except Exception as e: except Exception as e:
self.logger.error(f"Task {task_id} failed", exc_info=True) self.logger.error(f"Task {task_id} failed", exc_info=True)
response = RunnerTaskError(task_id=task_id, error={"message": str(e)}) error = {
"message": getattr(e, "message", str(e)),
"description": getattr(e, "description", ""),
}
response = RunnerTaskError(task_id=task_id, error=error)
await self._send_message(response) await self._send_message(response)
finally: finally: