Spaces:

rm-lht
/

lightrag

Configuration error

App Files Files Community

zrguo commited on May 12

Commit

7296826

unverified ·

2 Parent(s): 1e4ad84 513f093

Merge pull request #1325 from venkateshpabbati/main

Browse files

Files changed (3) hide show

.github/dependabot.yml +11 -0
SECURITY.md +21 -0
lightrag/kg/tidb_impl.py +20 -7

.github/dependabot.yml ADDED Viewed

	@@ -0,0 +1,11 @@

+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
+version: 2
+updates:
+  - package-ecosystem: "pip" # See documentation for possible values
+    directory: "/" # Location of package manifests
+    schedule:
+      interval: "weekly"

SECURITY.md ADDED Viewed

	@@ -0,0 +1,21 @@

+# Security Policy
+## Supported Versions
+Use this section to tell people about which versions of your project are
+currently being supported with security updates.
+| Version | Supported          |
+| ------- | ------------------ |
+| 5.1.x   | :white_check_mark: |
+| 5.0.x   | :x:                |
+| 4.0.x   | :white_check_mark: |
+| < 4.0   | :x:                |
+## Reporting a Vulnerability
+Use this section to tell people how to report a vulnerability.
+Tell them where to go, how often they can expect to get an update on a
+reported vulnerability, what to expect if the vulnerability is accepted or
+declined, etc.

lightrag/kg/tidb_impl.py CHANGED Viewed

@@ -23,6 +23,14 @@ if not pm.is_installed("sqlalchemy"):
 from sqlalchemy import create_engine, text  # type: ignore
 class TiDB:
     def __init__(self, config, **kwargs):
         self.host = config.get("host", None)
@@ -38,9 +46,9 @@ class TiDB:
         try:
             self.engine = create_engine(connection_string)
-            logger.info(f"Connected to TiDB database at {self.database}")
         except Exception as e:
-            logger.error(f"Failed to connect to TiDB database at {self.database}")
             logger.error(f"TiDB database error: {e}")
             raise
@@ -55,13 +63,13 @@ class TiDB:
             try:
                 await self.query(f"SELECT 1 FROM {k}".format(k=k))
             except Exception as e:
-                logger.error(f"Failed to check table {k} in TiDB database")
                 logger.error(f"TiDB database error: {e}")
                 try:
                     await self.execute(v["ddl"])
-                    logger.info(f"Created table {k} in TiDB database")
                 except Exception as e:
-                    logger.error(f"Failed to create table {k} in TiDB database")
                     logger.error(f"TiDB database error: {e}")
         # After all tables are created, try to migrate timestamp fields
@@ -82,7 +90,10 @@ class TiDB:
             try:
                 result = conn.execute(text(sql), params)
             except Exception as e:
-                logger.error(f"Tidb database,\nsql:{sql},\nparams:{params},\nerror:{e}")
                 raise
             if multirows:
                 rows = result.all()
@@ -107,7 +118,9 @@ class TiDB:
                 else:
                     conn.execute(text(sql), parameters=data)
         except Exception as e:
-            logger.error(f"Tidb database,\nsql:{sql},\ndata:{data},\nerror:{e}")
             raise

 from sqlalchemy import create_engine, text  # type: ignore
+def sanitize_sensitive_info(data: dict) -> dict:
+    sanitized_data = data.copy()
+    sensitive_fields = ['password', 'user', 'host', 'database', 'port', 'ssl_verify_cert', 'ssl_verify_identity']
+    for field in sensitive_fields:
+        if field in sanitized_data:
+            sanitized_data[field] = '***'
+    return sanitized_data
 class TiDB:
     def __init__(self, config, **kwargs):
         self.host = config.get("host", None)
         try:
             self.engine = create_engine(connection_string)
+            logger.info("Connected to TiDB database")
         except Exception as e:
+            logger.error("Failed to connect to TiDB database")
             logger.error(f"TiDB database error: {e}")
             raise
             try:
                 await self.query(f"SELECT 1 FROM {k}".format(k=k))
             except Exception as e:
+                logger.error("Failed to check table in TiDB database")
                 logger.error(f"TiDB database error: {e}")
                 try:
                     await self.execute(v["ddl"])
+                    logger.info("Created table in TiDB database")
                 except Exception as e:
+                    logger.error("Failed to create table in TiDB database")
                     logger.error(f"TiDB database error: {e}")
         # After all tables are created, try to migrate timestamp fields
             try:
                 result = conn.execute(text(sql), params)
             except Exception as e:
+                sanitized_params = sanitize_sensitive_info(params)
+                sanitized_params = sanitize_sensitive_info(params)
+                sanitized_error = sanitize_sensitive_info({'error': str(e)})
+                logger.error(f"Tidb database,\nsql:{sql},\nparams:{sanitized_params},\nerror:{sanitized_error}")
                 raise
             if multirows:
                 rows = result.all()
                 else:
                     conn.execute(text(sql), parameters=data)
         except Exception as e:
+            sanitized_data = sanitize_sensitive_info(data) if data else None
+            sanitized_error = sanitize_sensitive_info({'error': str(e)})
+            logger.error(f"Tidb database,\nsql:{sql},\ndata:{sanitized_data},\nerror:{sanitized_error}")
             raise