mirror of
https://github.com/comfyanonymous/ComfyUI.git
synced 2026-05-31 03:17:23 +08:00
fd89498eac
Addresses review feedback on the per-prompt metadata envelope: - Sanitize at the boundary: reject envelopes larger than 16 keys, keys over 64 chars, values over 256 chars, or anything that isn't a flat ``dict[str, str]``. Logs a warning so abuse is observable. Stops a malicious client from inflating broadcast volume by stamping a 10 MB metadata blob onto every WS event. - Cap the in-memory store at 4096 concurrent envelopes with FIFO eviction. Acts as a backstop if any cleanup hook is skipped. - Drop envelopes when prompts are cancelled before reaching the worker: ``PromptQueue.wipe_queue`` and ``delete_queue_item`` now call ``server.unregister_prompt_metadata`` for every removed item. - Drop envelopes on hard execution failures: the worker now wraps ``e.execute()`` in ``try/finally``, so an uncaught exception in execution no longer leaks the envelope. - Guard the WS reconnect handler: only include ``prompt_id`` in the ``executing`` payload when ``last_prompt_id`` is set, so clients with strict schemas (zod ``prompt_id: zJobId``) don't reject the message with a null id. - Extract a ``PromptMetadataStore`` class that owns the dict and the bounds, so ``PromptServer`` becomes a thin delegating layer and the full register/inject/unregister cycle (plus FIFO eviction and sanitization) is unit-tested without torch. 44 tests passing; ruff clean on all touched files. |
||
|---|---|---|
| .. | ||
| app_test | ||
| assets_test | ||
| comfy_api_test | ||
| comfy_extras_test | ||
| comfy_quant | ||
| comfy_test | ||
| execution_test | ||
| folder_paths_test | ||
| prompt_server_test | ||
| seeder_test | ||
| server/utils | ||
| server_test | ||
| utils | ||
| deploy_environment_test.py | ||
| feature_flags_test.py | ||
| README.md | ||
| requirements.txt | ||
| websocket_feature_flags_test.py | ||
Pytest Unit Tests
Install test dependencies
pip install -r tests-unit/requirements.txt
Run tests
pytest tests-unit/