Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Feature] Add node deployment using processes (Multiplatform) #11

Merged
merged 48 commits into from
Sep 25, 2024
Merged

[Feature] Add node deployment using processes (Multiplatform) #11

merged 48 commits into from
Sep 25, 2024

Conversation

enriquetomasmb
Copy link
Collaborator

No description provided.

enriquetomasmb and others added 30 commits September 10, 2024 17:53
@enriquetomasmb
Include deployment using processes, improve communications, new ready…
bafccd3 
… flag, and async boost
@enriquetomasmb
improve reporter readability, and model compression
b440a96
@enriquetomasmb
update libs, reconnection functionality, and documentation
44f55d7
@enriquetomasmb
Update network metrics
50a8c7f
@enriquetomasmb
Training in a isolated process, improve async, improve network metrics
8fa10d6
@enriquetomasmb
Include removing child processes
4dfa28d
@enriquetomasmb
Update requirements
7434a22
@enriquetomasmb
torch compatibility and exceptions management
155eb45
@enriquetomasmb
file permissions during execution
0a497cc
@enriquetomasmb
Include windows support
b7c611c
@enriquetomasmb
Include windows support (ps1)
5ef3615
@enriquetomasmb
Include windows support (ps1)
079075e
@enriquetomasmb
Include windows support (ps1)
6202e01
@FerTV
force utf-8 and windows deployment
2c2d2e5
@enriquetomasmb
Fix event handler
f130f3c
@enriquetomasmb
Improve exception management
fd987ba
@enriquetomasmb
Increase timeout on handler
dbc7b56
@enriquetomasmb
Add lock and conditions in event manager
1a877b7
@enriquetomasmb
Remove main process when leaving
ed51efb
@enriquetomasmb
Improve exception visualization
74fb0d1
@FerTV
killing processes fixed
9d976fb
@FerTV
Merge branch 'feature/processes' of https://github.com/enriquetomasmb…
35f1318 
…/nebula into feature/processes
@enriquetomasmb
fix traceback
884cf09
@enriquetomasmb
Include logging in child processes
940bc90
@enriquetomasmb
Include logging in child processes
b8d3b1d
@enriquetomasmb
Include output file
9b33dad
@enriquetomasmb
Remove redundant log
0ba91a9
@enriquetomasmb
Include traceback logs
c917ddd
@enriquetomasmb
Training logs moved to independent log file
392f0b1
@enriquetomasmb
Fix logging import and commands file on windows
5ed5797
FerTV and others added 18 commits September 18, 2024 16:47
@FerTV
docer checked fixed
fdf1c48
@enriquetomasmb
Include custom progress bar
ac16a45
@enriquetomasmb
Fix controller endpoint
30ca43d
@FerTV
fix docker report finished
2985547
@enriquetomasmb
Remove file descriptors, include independent logger for training, upd…
c055959 
…ate loggins in training-related classes
@enriquetomasmb
Merge branch 'feature/processes' of github.com:enriquetomasmb/nebula …
8564bad 
…into feature/processes
@FerTV
fix process scenario finished frontend
222199e
@enriquetomasmb
Include log for training/testing finished per round
94705be
@enriquetomasmb
Reduce console logs
7861dae
@enriquetomasmb
Improve reproducibility
902554d
@enriquetomasmb
Update installation guide and deployment page
8cbed40
@enriquetomasmb
Persistent avoiding model from initialization round
19a2a59
@enriquetomasmb
include await in reset
df07072
@enriquetomasmb
Improve logging in data processing, include a condition in the select…
441fa76 
…ion of classes during dirichlet
@enriquetomasmb
Improve logging
421ee49
@enriquetomasmb
Improve logging, dirichlet, frontend popup
c5ceeb4
@enriquetomasmb
release locked locks
e822a42
@enriquetomasmb
Minor fix during logging
5389e85
@enriquetomasmb enriquetomasmb changed the title [Feature] Include deployment using processes (Multiplatform) [Feature] Add node deployment using processes (Multiplatform) Sep 25, 2024
github-advanced-security[bot]
github-advanced-security bot found potential problems Sep 25, 2024
View reviewed changes
nebula/frontend/templates/deployment.html
Comment on lines 2002 to +2004
$('#confirm-modal-body').html('Are you sure you want to run the scenario?\n' +
'<br><br><p class="badge text-bg-danger">Warning: you will stop the running scenario and start a new one</p>');
'<br><p class="badge text-bg-warning">The scenario will be deployed using the selected deployment option: ' + deploymentOption.value + '</p>' +
'<br><p class="badge text-bg-danger">Warning: you will stop the running scenario and start a new one</p>');

Check warning

Code scanning / CodeQL

DOM text reinterpreted as HTML Medium

DOM text
Loading
is reinterpreted as HTML without escaping meta-characters.

Copilot Autofix AI 6 months ago

To fix the problem, we need to ensure that any user input or DOM text that is reinterpreted as HTML is properly sanitized or escaped to prevent XSS attacks. In this case, we should escape the deploymentOption.value before inserting it into the HTML content of the modal.

The best way to fix this is to use a function that escapes HTML special characters. This will ensure that any potentially malicious content is rendered as plain text rather than executable HTML or JavaScript.

Suggested changeset 1
nebula/frontend/templates/deployment.html

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/nebula/frontend/templates/deployment.html b/nebula/frontend/templates/deployment.html
--- a/nebula/frontend/templates/deployment.html
+++ b/nebula/frontend/templates/deployment.html
@@ -2001,4 +2001,12 @@
                 var deploymentOption = document.querySelector('input[name="deploymentRadioOptions"]:checked');
+                const escapeHtml = (unsafe) => {
+                    return unsafe
+                        .replace(/&/g, "&amp;")
+                        .replace(/</g, "&lt;")
+                        .replace(/>/g, "&gt;")
+                        .replace(/"/g, "&quot;")
+                        .replace(/'/g, "&#039;");
+                };
                 $('#confirm-modal-body').html('Are you sure you want to run the scenario?\n' +
-                    '<br><p class="badge text-bg-warning">The scenario will be deployed using the selected deployment option: ' + deploymentOption.value + '</p>' +
+                    '<br><p class="badge text-bg-warning">The scenario will be deployed using the selected deployment option: ' + escapeHtml(deploymentOption.value) + '</p>' +
                     '<br><p class="badge text-bg-danger">Warning: you will stop the running scenario and start a new one</p>');
EOF
@@ -2001,4 +2001,12 @@
var deploymentOption = document.querySelector('input[name="deploymentRadioOptions"]:checked');
const escapeHtml = (unsafe) => {
return unsafe
.replace(/&/g, "&amp;")
.replace(/</g, "&lt;")
.replace(/>/g, "&gt;")
.replace(/"/g, "&quot;")
.replace(/'/g, "&#039;");
};
$('#confirm-modal-body').html('Are you sure you want to run the scenario?\n' +
'<br><p class="badge text-bg-warning">The scenario will be deployed using the selected deployment option: ' + deploymentOption.value + '</p>' +
'<br><p class="badge text-bg-warning">The scenario will be deployed using the selected deployment option: ' + escapeHtml(deploymentOption.value) + '</p>' +
'<br><p class="badge text-bg-danger">Warning: you will stop the running scenario and start a new one</p>');
Copilot is powered by AI and may make mistakes. Always verify output.
Positive Feedback
Negative Feedback

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Please select one or more of the options
github-advanced-security[bot]
github-advanced-security bot found potential problems Sep 25, 2024
View reviewed changes
nebula/scenarios.py
@@ -737,6 +926,10 @@
os.path.join(os.environ["NEBULA_ROOT"], "app", "tmp", scenario_name),
exist_ok=True,
)
os.chmod(
os.path.join(os.environ["NEBULA_ROOT"], "app", "tmp", scenario_name),

Check failure

Code scanning / CodeQL

Uncontrolled data used in path expression High

This path depends on a
user-provided value
Loading
.
@enriquetomasmb enriquetomasmb merged commit 1264a49 into main Sep 25, 2024
2 of 3 checks passed
@enriquetomasmb enriquetomasmb deleted the feature/processes branch September 25, 2024 12:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@enriquetomasmb @FerTV