From aef3e0b4bb96023ee476cf2500dc84c3164f1a92 Mon Sep 17 00:00:00 2001 From: Alex Date: Thu, 25 Dec 2025 12:26:01 +0000 Subject: [PATCH] chore: update workflow permissions and fix paths in settings (#2227) * chore: update workflow permissions and fix paths in settings * dep * dep upgraes --- .github/workflows/lint.yml | 3 +++ .github/workflows/pytest.yml | 4 ++++ .github/workflows/vale.yml | 4 ++++ application/core/settings.py | 2 +- application/parser/remote/sitemap_loader.py | 2 +- application/requirements.txt | 12 +++++++----- 6 files changed, 20 insertions(+), 7 deletions(-) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index a36f529b..ec9fdbdf 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -7,6 +7,9 @@ on: pull_request: types: [ opened, synchronize ] +permissions: + contents: read + jobs: ruff: runs-on: ubuntu-latest diff --git a/.github/workflows/pytest.yml b/.github/workflows/pytest.yml index 8b85366a..d7a66bdc 100644 --- a/.github/workflows/pytest.yml +++ b/.github/workflows/pytest.yml @@ -1,5 +1,9 @@ name: Run python tests with pytest on: [push, pull_request] + +permissions: + contents: read + jobs: pytest_and_coverage: name: Run tests and count coverage diff --git a/.github/workflows/vale.yml b/.github/workflows/vale.yml index a0f8167c..48b25b49 100644 --- a/.github/workflows/vale.yml +++ b/.github/workflows/vale.yml @@ -9,6 +9,10 @@ on: - '.vale.ini' - '.github/styles/**' +permissions: + contents: read + pull-requests: write + jobs: vale: runs-on: ubuntu-latest diff --git a/application/core/settings.py b/application/core/settings.py index d8bb6ff1..3dde21aa 100644 --- a/application/core/settings.py +++ b/application/core/settings.py @@ -130,7 +130,7 @@ class Settings(BaseSettings): MILVUS_TOKEN: Optional[str] = "" # LanceDB vectorstore config - LANCEDB_PATH: str = "/tmp/lancedb" # Path where LanceDB stores its local data + LANCEDB_PATH: str = "./data/lancedb" # Path where LanceDB stores its local data LANCEDB_TABLE_NAME: Optional[str] = ( "docsgpts" # Name of the table to use for storing vectors ) diff --git a/application/parser/remote/sitemap_loader.py b/application/parser/remote/sitemap_loader.py index ff7c1ede..b2bd2a01 100644 --- a/application/parser/remote/sitemap_loader.py +++ b/application/parser/remote/sitemap_loader.py @@ -1,7 +1,7 @@ import logging import requests import re # Import regular expression library -import xml.etree.ElementTree as ET +import defusedxml.ElementTree as ET from application.parser.remote.base import BaseRemote from application.core.url_validation import validate_url, SSRFError diff --git a/application/requirements.txt b/application/requirements.txt index 88402ae7..cc2f5948 100644 --- a/application/requirements.txt +++ b/application/requirements.txt @@ -4,6 +4,7 @@ beautifulsoup4==4.14.3 celery==5.6.0 cryptography==46.0.3 dataclasses-json==0.6.7 +defusedxml==0.7.1 docling>=2.16.0 rapidocr>=1.4.0 onnxruntime>=1.19.0 @@ -15,7 +16,7 @@ esprima==4.0.1 esutils==1.0.1 elevenlabs==2.27.0 Flask==3.1.2 -faiss-cpu==1.13.1 +faiss-cpu==1.13.2 fastmcp==2.13.3 flask-restx==1.3.2 google-genai==1.54.0 @@ -24,19 +25,20 @@ google-auth-httplib2==0.3.0 google-auth-oauthlib==1.2.2 gTTS==2.5.4 gunicorn==23.0.0 +html2text==2025.4.15 javalang==0.13.0 jinja2==3.1.6 jiter==0.12.0 jmespath==1.0.1 -joblib==1.4.2 +joblib==1.5.3 jsonpatch==1.33 jsonpointer==3.0.0 kombu==5.6.1 langchain==1.1.3 langchain-community==0.4.1 -langchain-core==1.2.4 +langchain-core==1.2.5 langchain-openai==1.1.1 -langchain-text-splitters==1.0.0 +langchain-text-splitters==1.1.0 langsmith==0.5.0 lazy-object-proxy==1.12.0 lxml==6.0.2 @@ -46,7 +48,7 @@ mpmath==1.3.0 multidict==6.7.0 mypy-extensions==1.1.0 networkx==3.6.1 -numpy==2.2.1 +numpy==2.4.0 openai==2.9.0 openapi3-parser==1.1.22 orjson==3.11.5