NVIDIA / modulus-sym

Framework providing pythonic APIs, algorithms and utilities to be used with Modulus core to physics inform model training as well as higher level abstraction for domain experts

https://developer.nvidia.com/modulus

Apache License 2.0

147 stars 60 forks source link

fix: arch from config bug #40

Closed NickGeneva closed 1 year ago

NickGeneva commented 1 year ago

Modulus Pull Request

Description

Fixing a bug in model arch from config. Bug prevents models with literal evals from being instantiated

Checklist

[x] I am familiar with the Contributing Guidelines.
[x] New or existing tests cover these changes.
[x] The documentation is up to date with these changes.
[x] The CHANGELOG.md is up to date with these changes.

Dependencies

None

NickGeneva commented 1 year ago

/blossom-ci

NickGeneva commented 1 year ago

/blossom-ci

NickGeneva commented 1 year ago

/blossom-ci

NickGeneva commented 1 year ago

/blossom-ci

ktangsali commented 1 year ago

@NickGeneva , do we have a better fix for this? I remember the eval -> literal_eval was done to avoid this security issue: https://cwe.mitre.org/data/definitions/78.html. Now that we have reverted this, the vulnerability has shown up again and hence I was wondering what is a long term fix for this