mirror of
https://github.com/Comfy-Org/ComfyUI-Manager.git
synced 2026-06-23 00:09:25 +08:00
7c09be6955
Install via git URL and pip install are no longer gated by
security_level. Each surface gets a dedicated config.ini flag —
allow_git_url_install / allow_pip_install (both default false, secure
by default) — that fully REPLACES the security-level term for these two
features. The network-position invariant is retained: a non-local
listener stays denied regardless of the flags unless
network_mode = personal_cloud.
- New pure predicate is_dedicated_install_allowed() in
common/manager_security (no config access; callers resolve config)
- Legacy endpoints /v2/customnode/install/git_url and .../pip switch
from is_allowed_security_level('high+') to the flag gate; batch
installs of unknown git URLs likewise (middle+ entry gate unchanged,
unknown-pip 'block' stays unconditional; response shapes preserved)
- Config readers/writers (glob + legacy) parse and persist the flags;
denial logs and frontend 403 messages name the responsible flag and
note the non-local-listener requirement (network_mode=personal_cloud)
- No auto-seed from security_level — users previously on weak/normal-
must opt in explicitly (see CHANGELOG migration notes; README
documents the new contract)
- Update the pre-existing permissive E2E harness
(start_comfyui_permissive.sh + test_e2e_legacy_real_ops.py) to the
new contract: it now also sets allow_git_url_install /
allow_pip_install = true, since security_level = normal- alone no
longer opens the git_url/pip endpoints
Tests: predicate truth table proving security_level independence in
both directions, dual-reader config contract, security-level-matrix
freeze guards, legacy gate regression guards (121 unit), plus 22
real-server E2E tests incl. URL-form pip install with self-clean.
|
||
|---|---|---|
| .. | ||
| scripts | ||
| test_e2e_config_api.py | ||
| test_e2e_csrf_legacy.py | ||
| test_e2e_csrf.py | ||
| test_e2e_customnode_info.py | ||
| test_e2e_endpoint.py | ||
| test_e2e_git_clone.py | ||
| test_e2e_legacy_endpoints.py | ||
| test_e2e_legacy_real_ops.py | ||
| test_e2e_pip_url_form.py | ||
| test_e2e_queue_lifecycle.py | ||
| test_e2e_secgate_default.py | ||
| test_e2e_secgate_legacy_flags.py | ||
| test_e2e_secgate_strict.py | ||
| test_e2e_snapshot_lifecycle.py | ||
| test_e2e_system_info.py | ||
| test_e2e_task_operations.py | ||
| test_e2e_version_mgmt.py | ||