* File changed: [patchwork/app.py](https://github.com/patched-codes/patchwork/pull/695/files#diff-839e90b808d34e4cf447eff0896161788ccfc6e1f2970be2e551b64ba413a503)Fix vulnerability by avoiding untrusted user input in importlib.import_module() Avoid using untrusted input directly in importlib.import_module() to prevent loading arbitrary code.
* File changed: [patchwork/common/utils/dependency.py](https://github.com/patched-codes/patchwork/pull/695/files#diff-6ad070db06c1de59a1e0b0b199944f057089f121f94abdf817a0845e3c5d81f6)Fix vulnerability by avoiding dynamic values in importlib.import_module() Used a whitelist to prevent running untrusted code in import_with_dependency_group() function.
This pull request from patched fixes 2 issues.
Fix vulnerability by avoiding untrusted user input in importlib.import_module()
Avoid using untrusted input directly in importlib.import_module() to prevent loading arbitrary code.Fix vulnerability by avoiding dynamic values in importlib.import_module()
Used a whitelist to prevent running untrusted code in import_with_dependency_group() function.