* File changed: [patchwork/common/utils/step_typing.py](https://github.com/patched-codes/patchwork/pull/593/files#diff-4490efb269fda5b75b1edc5f5fa275d34675bca1ffbb22e06829384e562205ff)Fix vulnerability in validate_step_with_inputs function Avoid using dynamic values in importlib.import_module to prevent running untrusted code.
* File changed: [patchwork/common/utils/dependency.py](https://github.com/patched-codes/patchwork/pull/593/files#diff-6ad070db06c1de59a1e0b0b199944f057089f121f94abdf817a0845e3c5d81f6)Fix vulnerability by avoiding dynamic values in importlib.import_module() Avoid using dynamic values in importlib.import_module() to prevent loading arbitrary code by adding a whitelist check on the input name before calling importlib.import_module().
This pull request from patched fixes 2 issues.
Fix vulnerability in validate_step_with_inputs function
Avoid using dynamic values in importlib.import_module to prevent running untrusted code.Fix vulnerability by avoiding dynamic values in importlib.import_module()
Avoid using dynamic values in importlib.import_module() to prevent loading arbitrary code by adding a whitelist check on the input name before calling importlib.import_module().