wangbo/ComfyUI-Manager
1
0
Fork 0
mirror of https://github.com/Comfy-Org/ComfyUI-Manager.git synced 2025-12-16 18:02:58 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

robust validation

Browse Source
This commit is contained in:
Dr.Lt.Data 2024-09-24 01:59:15 +09:00
parent 8db932afd9
commit ffc095a3e5
3 changed files with 16 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
glob/manager_core.py
View File

@ -23,7 +23,7 @@ sys.path.append(glob_path)
import cm_global
from manager_util import *
version = [2, 51]
version = [2, 51, 1]
version_str = f"V{version[0]}.{version[1]}" + (f'.{version[2]}' if len(version) > 2 else '')

17
glob/manager_server.py
View File

@ -47,7 +47,9 @@ is_local_mode = args.listen.startswith('127.') or args.listen.startswith('local.
def is_allowed_security_level(level):
if level == 'high':
if level == 'block':
return False
elif level == 'high':
if is_local_mode:
return core.get_config()['security_level'].lower() in ['weak', 'normal-']
else:
@ -58,7 +60,7 @@ def is_allowed_security_level(level):
return True
async def get_risky_level(files):
async def get_risky_level(files, pip_packages):
json_data1 = await core.get_data_by_mode('local', 'custom-node-list.json')
json_data2 = await core.get_data_by_mode('cache', 'custom-node-list.json', channel_url='https://github.com/ltdrdata/ComfyUI-Manager/raw/main')
@ -70,6 +72,15 @@ async def get_risky_level(files):
if x not in all_urls:
return "high"
all_pip_packages = set()
for x in json_data1['custom_nodes'] + json_data2['custom_nodes']:
if "pip" in x:
all_pip_packages.update(x['pip'])
for p in pip_packages:
if p not in all_pip_packages:
return "block"
return "middle"
@ -791,7 +802,7 @@ async def install_custom_node(request):
json_data = await request.json()
risky_level = await get_risky_level(json_data['files'])
risky_level = await get_risky_level(json_data['files'], json_data.get('pip', []))
if not is_allowed_security_level(risky_level):
print(SECURITY_MESSAGE_GENERAL)
return web.Response(status=404)

2
pyproject.toml
View File

@ -1,7 +1,7 @@
[project]
name = "comfyui-manager"
description = "ComfyUI-Manager provides features to install and manage custom nodes for ComfyUI, as well as various functionalities to assist with ComfyUI."
version = "2.51"
version = "2.51.1"
license = { file = "LICENSE.txt" }
dependencies = ["GitPython", "PyGithub", "matrix-client==0.4.0", "transformers", "huggingface-hub>0.20", "typer", "rich", "typing-extensions"]