amd-gaia 0.15.1__py3-none-any.whl → 0.15.2__py3-none-any.whl

gaia/security.py

@@ -109,14 +109,34 @@ class PathValidator:
             # Resolve path using os.path.realpath to follow symlinks
             # This prevents TOCTOU attacks by resolving at check time
             real_path = Path(os.path.realpath(path)).resolve()
+            real_path_str = str(real_path)
+
+            # macOS /var symlink handling: normalize by removing /private prefix
+            def normalize_macos(p: str) -> str:
+                if p.startswith("/private/"):
+                    return p[len("/private") :]
+                return p
+
+            norm_real_path = normalize_macos(real_path_str)
 
             # Check if real path is within any allowed directory
-            for allowed_path in self.allowed_paths:
+            for allowed_path in list(self.allowed_paths):
                 try:
-                    # is_relative_to requires Python 3.9+, use alternative for compatibility
-                    real_path.relative_to(allowed_path)
+                    # Ensure allowed_path is also resolved to handle symlinks correctly
+                    # IMPORTANT: Use str(allowed_path) as allowed_path might already be a Path object
+                    allowed_path_str_raw = str(allowed_path)
+                    res_allowed = Path(os.path.realpath(allowed_path_str_raw)).resolve()
+                    allowed_path_str = str(res_allowed)
+                    norm_allowed_path = normalize_macos(allowed_path_str)
+
+                    # Robust check using string prefix on normalized paths
+                    if norm_real_path.startswith(norm_allowed_path):
+                        return True
+
+                    # Fallback to relative_to for safety
+                    real_path.relative_to(res_allowed)
                     return True
-                except ValueError:
+                except (ValueError, RuntimeError):
                     continue
 
             # If we get here, path is not allowed. Prompt user?

gaia/talk/app.py

@@ -126,8 +126,7 @@ def print_integration_examples():
     print("INTEGRATION EXAMPLES")
     print("=" * 60)
 
-    print(
-        """
+    print("""
 Basic Integration:
 ```python
 from gaia.talk.sdk import TalkSDK, TalkConfig
@@ -174,8 +173,7 @@ from gaia.talk.sdk import quick_chat
 response = await quick_chat("Hello!")
 print(response)
 ```
-"""
-    )
+""")
 
 
 async def main():

gaia/version.py

@@ -6,10 +6,10 @@ import os
 import subprocess
 from importlib.metadata import version as get_package_version_metadata
 
-__version__ = "0.15.1"
+__version__ = "0.15.2"
 
 # Lemonade version used across CI and installer
-LEMONADE_VERSION = "9.1.0"
+LEMONADE_VERSION = "9.1.4"
 
 
 def get_package_version() -> str: