mirror of
https://github.com/Comfy-Org/ComfyUI-Manager.git
synced 2026-06-23 08:19:20 +08:00
16ba874566
Add two boolean config.ini [default] flags — allow_git_url_install and allow_pip_install (both default false) — that fully REPLACE the security_level term on the legacy install surfaces: - POST /v2/customnode/install/git_url (S-A) and POST /v2/customnode/install/pip (S-B) are now gated solely by their dedicated flag AND the retained network-position invariant (loopback listener OR network_mode=personal_cloud). security_level no longer affects these two surfaces in either direction. - The batch unknown-URL branch (S-C) routes through the same predicate; the unknown-pip branch stays unconditionally blocked; the general middle+ batch entry gate is unchanged. - New pure predicate is_dedicated_install_allowed() in common/manager_security.py (config-import-free; callers pass values from their own reader). Both config readers (glob + legacy) register the keys in read/write/fallback paths. - Denial logs and frontend copy name the responsible flag instead of the misleading security_level guidance. Public listeners remain denied regardless of the flags (no exposure widening). - README security policy updated: config keys documented, git-url/pip removed from the security_level risky table, and a dedicated-flags subsection (REPLACE semantics, network rule, batch behavior, restart-only activation, weak/normal- opt-in migration note). - Migration: existing weak/normal- users must opt in via the new flags (CHANGELOG note; deliberate no auto-seed). Includes the unit/config/guard test suites (88 tests): predicate truth table, dual-reader config contract (missing/malformed keys read false, round-trip, cache staleness), security_level-matrix freeze guards, and suite-order-independent test stubs. |
||
|---|---|---|
| .. | ||
| __init__.py | ||
| cm_global.py | ||
| cnr_utils.py | ||
| context.py | ||
| enums.py | ||
| git_compat.py | ||
| git_helper.py | ||
| git_utils.py | ||
| manager_downloader.py | ||
| manager_security.py | ||
| manager_util.py | ||
| node_package.py | ||
| README.md | ||
| security_check.py | ||
| timestamp_utils.py | ||
| unified_dep_resolver.py | ||
ComfyUI-Manager: Core Backend (glob)
This directory contains the Python backend modules that power ComfyUI-Manager, handling the core functionality of node management, downloading, security, and server operations.
Core Modules
- manager_downloader.py: Handles downloading operations for models, extensions, and other resources.
- manager_util.py: Provides utility functions used throughout the system.
Specialized Modules
- cm_global.py: Maintains global variables and state management across the system.
- cnr_utils.py: Helper utilities for interacting with the custom node registry (CNR).
- git_utils.py: Git-specific utilities for repository operations.
- node_package.py: Handles the packaging and installation of node extensions.
- security_check.py: Implements the multi-level security system for installation safety.