oib/aitbc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

security: add timeouts to HTTP requests and fix temp directory usage
Some checks failed
CLI Tests / test-cli (push) Failing after 2m46s
Details
Documentation Validation / validate-docs (push) Successful in 7s
Details
Documentation Validation / validate-policies-strict (push) Successful in 3s
Details
Integration Tests / test-service-integration (push) Failing after 4s
Details
Package Tests / Python package - aitbc-agent-sdk (push) Successful in 28s
Details
Package Tests / Python package - aitbc-core (push) Failing after 10s
Details
Package Tests / Python package - aitbc-crypto (push) Successful in 18s
Details
Package Tests / Python package - aitbc-sdk (push) Failing after 18s
Details
Package Tests / JavaScript package - aitbc-sdk-js (push) Successful in 7s
Details
Package Tests / JavaScript package - aitbc-token (push) Failing after 15s
Details
Python Tests / test-python (push) Failing after 2m51s
Details
Security Scanning / security-scan (push) Failing after 48s
Details
Smart Contract Tests / test-solidity (map[name:aitbc-token path:packages/solidity/aitbc-token]) (push) Failing after 11s
Details
Smart Contract Tests / test-solidity (map[name:zk-circuits path:apps/zk-circuits]) (push) Failing after 46s
Details
Smart Contract Tests / lint-solidity (push) Failing after 11s
Details

Browse Source 
- Add 30-second timeouts to all HTTP requests in enterprise_cli.py (5 instances)
- Add 30-second timeouts to all HTTP requests in miner_management.py (4 instances)
- Replace hardcoded /tmp with tempfile.gettempdir() in extended_features.py
- Fix requires-python constraint from ^3.13 to >=3.13 in aitbc-core
- Add missing dependencies: pynacl to aitbc-crypto, httpx to aitbc-sdk
- Add poetry packages configuration to aitbc-core pyproject.toml
- Add type
This commit is contained in:
aitbc
2026-04-18 20:39:33 +02:00
parent 23ea045a66
commit b301164102
9 changed files with 58 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
cli/aitbc_cli/utils/__init__.py Normal file
View File

@@ -0,0 +1,30 @@
"""
CLI utility functions for output formatting and error handling
"""
from click import echo, secho
def output(message: str, **kwargs):
"""Print a regular output message"""
echo(message, **kwargs)
def error(message: str, **kwargs):
"""Print an error message in red"""
secho(message, fg="red", **kwargs)
def success(message: str, **kwargs):
"""Print a success message in green"""
secho(message, fg="green", **kwargs)
def info(message: str, **kwargs):
"""Print an info message in blue"""
secho(message, fg="blue", **kwargs)
def warning(message: str, **kwargs):
"""Print a warning message in yellow"""
secho(message, fg="yellow", **kwargs)

10
cli/enterprise_cli.py
View File

@@ -125,7 +125,7 @@ def mining_operations(operation: str, wallet_name: str = None, threads: int = 1,
elif operation == "stop": elif operation == "stop":
print("Stopping mining...") print("Stopping mining...")
try: try:
response = requests.post(f"{rpc_url}/rpc/mining/stop") response = requests.post(f"{rpc_url}/rpc/mining/stop", timeout=30)
if response.status_code == 200: if response.status_code == 200:
result = response.json() result = response.json()
print(f"✅ Mining stopped") print(f"✅ Mining stopped")
@@ -141,7 +141,7 @@ def mining_operations(operation: str, wallet_name: str = None, threads: int = 1,
elif operation == "status": elif operation == "status":
print("Getting mining status...") print("Getting mining status...")
try: try:
response = requests.get(f"{rpc_url}/rpc/mining/status") response = requests.get(f"{rpc_url}/rpc/mining/status", timeout=30)
if response.status_code == 200: if response.status_code == 200:
status = response.json() status = response.json()
print("⛏️ Mining Status:") print("⛏️ Mining Status:")
@@ -165,7 +165,7 @@ def marketplace_operations(operation: str, wallet_name: str = None, item_type: s
if operation == "list": if operation == "list":
print("Getting marketplace listings...") print("Getting marketplace listings...")
try: try:
response = requests.get(f"{rpc_url}/rpc/marketplace/listings") response = requests.get(f"{rpc_url}/rpc/marketplace/listings", timeout=30)
if response.status_code == 200: if response.status_code == 200:
listings = response.json().get("listings", []) listings = response.json().get("listings", [])
print(f"🏪 Marketplace Listings ({len(listings)} items):") print(f"🏪 Marketplace Listings ({len(listings)} items):")
@@ -203,7 +203,7 @@ def marketplace_operations(operation: str, wallet_name: str = None, item_type: s
} }
try: try:
response = requests.post(f"{rpc_url}/rpc/marketplace/create", json=listing_data) response = requests.post(f"{rpc_url}/rpc/marketplace/create", json=listing_data, timeout=30)
if response.status_code == 200: if response.status_code == 200:
result = response.json() result = response.json()
listing_id = result.get("listing_id") listing_id = result.get("listing_id")
@@ -241,7 +241,7 @@ def ai_operations(operation: str, wallet_name: str = None, job_type: str = None,
} }
try: try:
response = requests.post(f"{rpc_url}/rpc/ai/submit", json=job_data) response = requests.post(f"{rpc_url}/rpc/ai/submit", json=job_data, timeout=30)
if response.status_code == 200: if response.status_code == 200:
result = response.json() result = response.json()
job_id = result.get("job_id") job_id = result.get("job_id")

3
cli/extended_features.py
View File

@@ -204,7 +204,8 @@ def handle_extended_command(command, args, kwargs):
result["metrics"] = {"tx_rate": 15, "block_time": 30.1} result["metrics"] = {"tx_rate": 15, "block_time": 30.1}
elif command == "analytics_export": elif command == "analytics_export":
result["file"] = "/tmp/analytics_export.csv" import tempfile
result["file"] = tempfile.gettempdir() + "/analytics_export.csv"
elif command == "analytics_predict": elif command == "analytics_predict":
result["prediction"] = "stable" result["prediction"] = "stable"

12
cli/miner_management.py
View File

@@ -69,7 +69,8 @@ def register_miner(
response = requests.post( response = requests.post(
f"{coordinator_url}/v1/miners/register", f"{coordinator_url}/v1/miners/register",
headers=headers, headers=headers,
json=payload json=payload,
timeout=30
) )
if response.status_code == 200: if response.status_code == 200:
@@ -115,7 +116,8 @@ def get_miner_status(
response = requests.get( response = requests.get(
f"{coordinator_url}/v1/admin/miners", f"{coordinator_url}/v1/admin/miners",
headers=headers headers=headers,
timeout=30
) )
if response.status_code == 200: if response.status_code == 200:
@@ -188,7 +190,8 @@ def send_heartbeat(
response = requests.post( response = requests.post(
f"{coordinator_url}/v1/miners/heartbeat", f"{coordinator_url}/v1/miners/heartbeat",
headers=headers, headers=headers,
json=payload json=payload,
timeout=30
) )
if response.status_code == 200: if response.status_code == 200:
@@ -232,7 +235,8 @@ def poll_jobs(
response = requests.post( response = requests.post(
f"{coordinator_url}/v1/miners/poll", f"{coordinator_url}/v1/miners/poll",
headers=headers, headers=headers,
json=payload json=payload,
timeout=30
) )
if response.status_code == 200 and response.content: if response.status_code == 200 and response.content:

2
docs/policies/DOTENV_DISCIPLINE.md
View File

@@ -16,6 +16,7 @@ silent configuration issues where:
### **Focused Dotenv Linter** ### **Focused Dotenv Linter**
Created a sophisticated linter that: Created a sophisticated linter that:
- **Scans all code** for actual environment variable usage - **Scans all code** for actual environment variable usage
- **Filters out script variables** and non-config variables - **Filters out script variables** and non-config variables
- **Compares with `.env.example`** to find drift - **Compares with `.env.example`** to find drift
@@ -142,6 +143,7 @@ Created `.github/workflows/dotenv-check.yml` with:
### **Workflow Triggers** ### **Workflow Triggers**
The dotenv check runs on: The dotenv check runs on:
- **Push** to any branch (when relevant files change) - **Push** to any branch (when relevant files change)
- **Pull Request** (when relevant files change) - **Pull Request** (when relevant files change)
- File patterns: `.env.example`, `*.py`, `*.yml`, `*.toml`, `*.sh` - File patterns: `.env.example`, `*.py`, `*.yml`, `*.toml`, `*.sh`

7
packages/py/aitbc-core/pyproject.toml
View File

@@ -6,7 +6,7 @@ authors = [
{name = "AITBC Team", email = "team@aitbc.dev"} {name = "AITBC Team", email = "team@aitbc.dev"}
] ]
readme = "README.md" readme = "README.md"
requires-python = "^3.13" requires-python = ">=3.13"
dependencies = [ dependencies = [
"cryptography>=41.0.0", "cryptography>=41.0.0",
"sqlmodel>=0.0.14", "sqlmodel>=0.0.14",
@@ -19,3 +19,8 @@ dependencies = [
[build-system] [build-system]
requires = ["poetry-core"] requires = ["poetry-core"]
build-backend = "poetry.core.masonry.api" build-backend = "poetry.core.masonry.api"
[tool.poetry]
packages = [
{ include = "aitbc_core", from = "src" }
]

3
packages/py/aitbc-crypto/pyproject.toml
View File

@@ -8,7 +8,8 @@ authors = [
readme = "README.md" readme = "README.md"
requires-python = ">=3.13" requires-python = ">=3.13"
dependencies = [ dependencies = [
"cryptography>=41.0.0" "cryptography>=41.0.0",
"pynacl>=1.5.0"
] ]
[build-system] [build-system]

3
packages/py/aitbc-sdk/pyproject.toml
View File

@@ -10,7 +10,8 @@ requires-python = ">=3.13"
dependencies = [ dependencies = [
"cryptography>=41.0.0", "cryptography>=41.0.0",
"requests>=2.31.0", "requests>=2.31.0",
"pydantic>=2.5.0" "pydantic>=2.5.0",
"httpx>=0.25.0"
] ]
[build-system] [build-system]

1
packages/solidity/aitbc-token/package.json
View File

@@ -2,6 +2,7 @@
"name": "@aitbc/aitbc-token", "name": "@aitbc/aitbc-token",
"version": "0.2.3", "version": "0.2.3",
"private": true, "private": true,
"type": "module",
"description": "AITBC Solidity contracts for attested receipt-based minting", "description": "AITBC Solidity contracts for attested receipt-based minting",
"scripts": { "scripts": {
"build": "hardhat compile", "build": "hardhat compile",