search

StackStorm / orquesta

Orquesta is a graph based workflow engine for StackStorm. Questions? https://github.com/StackStorm/st2/discussions
https://docs.stackstorm.com/orquesta/
Apache License 2.0
98 stars 39 forks source link

Use Jinja sandboxed environment #240

Closed amanda11 closed 3 years ago

amanda11 commented 3 years ago

Use Jinja sandboxed environment, so that any templates that attempt to access insecure code will be rejected.

amanda11 commented 3 years ago
  • Do we need to update the Jinja version to >= 2.11 in requirements.txt?
  • Can you also update description of this PR on why we are using sandboxed environment
  • Please add a changelog entry.
  • The CI weren't building because workflows was automatically disabled by Github due to inactivity. I believe there's a build failure that need to be fixed.ding because workflows was automatically disabled by Github due to inactivity. It's resolved now. But I believe there's an unrelated build failure that need to be fixed.

@m4dcoder Addressed your review comments (stealing the sphinx change from your PR!)