dtlpy 1.117.6__py3-none-any.whl → 1.118.13__py3-none-any.whl

dtlpy/repositories/annotations.py

@@ -2,7 +2,6 @@ from copy import deepcopy
 import traceback
 import logging
 import json
-import jwt
 import os
 from PIL import Image
 from io import BytesIO
@@ -336,9 +335,7 @@ class Annotations:
 
     def _delete_single_annotation(self, w_annotation_id):
         try:
-            creator = jwt.decode(self._client_api.token, algorithms=['HS256'],
-                                 verify=False, options={'verify_signature': False})['email']
-            payload = {'username': creator}
+            payload = {'username': self._client_api.info()['user_email']}
             success, response = self._client_api.gen_request(req_type='delete',
                                                              path='/annotations/{}'.format(w_annotation_id),
                                                              json_req=payload)

dtlpy/repositories/apps.py

@@ -272,15 +272,16 @@ class Apps:
 
         return app
 
-    def uninstall(self, app_id: str = None, app_name: str = None, wait: bool = True) -> bool:
+    def uninstall(self, app_id: str = None, app_name: str = None, wait: bool = True, app: entities.App = None) -> bool:
         """
         Delete an app entity.
 
         Note: You are required to add either app_id or app_name.
 
         :param str app_id: optional - the id of the app.
-        :param str app_name: optional - the name of the app.
+        :param str app_name: [DEPRECATED] - the name of the app.
         :param bool wait: optional - wait for the operation to finish.
+        :param entities.App app: optional - the app entity.
         :return whether we succeed uninstalling the specified app.
         :rtype bool
 
@@ -288,12 +289,12 @@ class Apps:
         .. code-block:: python
             # succeed = dl.apps.delete(app_id='app_id')
         """
-        if app_id is None and app_name is None:
+        if app is None and app_id is None:
             raise exceptions.PlatformException(
                 error='400',
                 message='You must provide an identifier in inputs')
-        if app_name is not None:
-            app = self.__get_by_name(app_name)
+
+        if app is not None:
             app_id = app.id
 
         success, response = self._client_api.gen_request(req_type='delete', path='/apps/{}'.format(app_id))
@@ -302,18 +303,16 @@ class Apps:
 
         try:
             app = self.get(app_id=app_id)
-        except Exception as e:
-            if e.status_code == '404':
-                return success
-            else:
-                raise e
-        if app.metadata:
+        except exceptions.NotFound:
+            return success
+
+        if wait and app.status == entities.CompositionStatus.TERMINATING and app.metadata is not None:
             command_id = app.metadata.get('system', {}).get('commands', {}).get('uninstall', None)
-            if wait and app.status == entities.CompositionStatus.TERMINATING and command_id is not None:
+            if command_id is not None:
                 command = self.commands.get(command_id=command_id, url='api/v1/commands/faas/{}'.format(command_id))
                 command.wait()
 
-        logger.debug(f"App deleted successfully (id: {app_id}, name: {app_name}")
+        logger.debug(f"App deleted successfully (id: {app.id}, name: {app.name}")
         return success
 
     def resume(self, app: entities.App = None, app_id: str = None) -> bool:

dtlpy/repositories/feature_sets.py

@@ -1,4 +1,5 @@
 import logging
+import copy
 from .. import exceptions, entities, miscellaneous, _api_reference, repositories
 from ..services.api_client import ApiClient
 
@@ -9,18 +10,25 @@ class FeatureSets:
     """
     Feature Sets repository
     """
+
     URL = '/features/sets'
 
-    def __init__(self,
-                 client_api: ApiClient,
-                 project_id: str = None,
-                 project: entities.Project = None,
-                 model_id: str = None,
-                 model: entities.Model = None):
+    def __init__(
+        self,
+        client_api: ApiClient,
+        project_id: str = None,
+        project: entities.Project = None,
+        model_id: str = None,
+        model: entities.Model = None,
+        dataset_id: str = None,
+        dataset: entities.Dataset = None,
+    ):
         self._project = project
         self._project_id = project_id
         self._model = model
         self._model_id = model_id
+        self._dataset = dataset
+        self._dataset_id = dataset_id
         self._client_api = client_api
 
     ############
@@ -28,6 +36,9 @@ class FeatureSets:
     ############
     @property
     def project(self) -> entities.Project:
+        if self._project is None and self._project_id is None and self.dataset is not None:
+            self._project = self.dataset.project
+            self._project_id = self._project.id
         if self._project is None and self._project_id is not None:
             # get from id
             self._project = repositories.Projects(client_api=self._client_api).get(project_id=self._project_id)
@@ -38,9 +49,8 @@ class FeatureSets:
                 self._project = entities.Project.from_json(_json=project, client_api=self._client_api)
         if self._project is None:
             raise exceptions.PlatformException(
-                error='2001',
-                message='Cannot perform action WITHOUT Project entity in FeatureSets repository.'
-                        ' Please checkout or set a project')
+                error='2001', message='Cannot perform action WITHOUT Project entity in FeatureSets repository.' ' Please checkout or set a project'
+            )
         assert isinstance(self._project, entities.Project)
         return self._project
 
@@ -50,21 +60,27 @@ class FeatureSets:
             # get from id
             self._model = repositories.Models(client_api=self._client_api).get(model_id=self._model_id)
         if self._model is None:
-            raise exceptions.PlatformException(
-                error='2001',
-                message='Cannot perform action WITHOUT Model entity in FeatureSets repository.')
+            raise exceptions.PlatformException(error='2001', message='Cannot perform action WITHOUT Model entity in FeatureSets repository.')
         assert isinstance(self._model, entities.Model)
         return self._model
 
+    @property
+    def dataset(self) -> entities.Dataset:
+        if self._dataset is None and self._dataset_id is not None:
+            # get from id
+            self._dataset = repositories.Datasets(client_api=self._client_api).get(dataset_id=self._dataset_id)
+        if self._dataset is None:
+            return None
+        assert isinstance(self._dataset, entities.Dataset)
+        return self._dataset
+
     ###########
     # methods #
     ###########
 
     def _list(self, filters: entities.Filters):
         # request
-        success, response = self._client_api.gen_request(req_type='POST',
-                                                         path='/features/sets/query',
-                                                         json_req=filters.prepare())
+        success, response = self._client_api.gen_request(req_type='POST', path='/features/sets/query', json_req=filters.prepare())
         if not success:
             raise exceptions.PlatformException(response)
         return response.json()
@@ -78,29 +94,101 @@ class FeatureSets:
         :return: Paged entity
         :rtype: dtlpy.entities.paged_entities.PagedEntities
         """
-        # default filters
+        # Step 1: Initialize filter (create empty if None)
         if filters is None:
             filters = entities.Filters(resource=entities.FiltersResource.FEATURE_SET)
-        if self._project is not None:
-            filters.context = {'projects': [self._project.id]}
-
-        # assert type filters
-        if not isinstance(filters, entities.Filters):
-            raise exceptions.PlatformException(error='400',
-                                               message='Unknown filters type: {!r}'.format(type(filters)))
 
         if filters.resource != entities.FiltersResource.FEATURE_SET:
             raise exceptions.PlatformException(
                 error='400',
-                message='Filters resource must to be FiltersResource.FEATURE_SET. Got: {!r}'.format(filters.resource))
+                message='Filters resource must to be FiltersResource.FEATURE_SET. Got: {!r}'.format(filters.resource),
+            )
+
+        # Step 2: Extract IDs inline (no helper functions, no property access)
+        # Extract project_id inline
+        if self._project_id is not None:
+            project_id = self._project_id
+        elif self._project is not None:
+            project_id = self._project.id
+        else:
+            raise exceptions.PlatformException(
+                error='2001', message='Cannot perform action WITHOUT Project entity in FeatureSets repository.' ' Please checkout or set a project'
+            )
+
+        # Extract dataset_id inline (only when needed for filtering)
+        if self._dataset_id is not None:
+            dataset_id = self._dataset_id
+        elif self._dataset is not None:
+            dataset_id = self._dataset.id
+        else:
+            dataset_id = None  # No dataset filtering needed
+
+        # Set context with project_id
+        filters.context = {'projects': [project_id]}
+
+        # Preserve original page and page size values before any operations that might modify them
+        received_filter = copy.deepcopy(filters)
+
+        # Step 3: Execute received filter - Run filter with appropriate pagination
+        # When dataset_id is None: use original pagination (respect user's page request)
+        # When dataset_id is not None: start from page 0 to collect all IDs (pagination applied later)
+        if dataset_id is not None:
+            page_offset = 0
+            received_filter_paged = entities.PagedEntities(
+                items_repository=self,
+                filters=filters,
+                page_offset=page_offset,
+                page_size=filters.page_size,
+                client_api=self._client_api,
+            )
+            # Step 5: Dataset_id exists and items exist - extract IDs from all pages
+            # Extract feature set IDs from all pages (received_filter_paged.all() will fetch all pages starting from page 0)
+            filter_fs_ids = [feature_set.id for feature_set in received_filter_paged.all()]
+            
+            # Step 6: Run aggregation API (when dataset_id exists)
+            payload = {
+                "projectId": project_id,
+                "datasetIds": [dataset_id],
+            }
+            success, response = self._client_api.gen_request(req_type="POST", path="/features/vectors/project-count-aggregation", json_req=payload)
+            if not success:
+                raise exceptions.PlatformException(response)
+            result = response.json()
+            # Extract dataset feature set IDs from response, filtering out entries where count == 0
+            dataset_fs_ids = [item['featureSetId'] for item in result if item.get('count', 0) > 0]
+
+            # Step 7: Intersect IDs
+            final_fs_ids = list(set(filter_fs_ids).intersection(set(dataset_fs_ids)))
+
+            # Step 8: Final return path - Create filter with intersected IDs (no join needed)
+            intersected_ids_filter = entities.Filters(resource=entities.FiltersResource.FEATURE_SET)
+            intersected_ids_filter.add(field='id', operator=entities.FiltersOperations.IN, values=final_fs_ids)
+            intersected_ids_filter.page = received_filter.page  # Preserve original pagination
+            intersected_ids_filter.page_size = received_filter.page_size
+            intersected_ids_filter.context = {'projects': [project_id]}
+
+            filter_paged = entities.PagedEntities(
+                items_repository=self,
+                filters=intersected_ids_filter,
+                page_offset=intersected_ids_filter.page,
+                page_size=intersected_ids_filter.page_size,
+                client_api=self._client_api,
+            )
+            filter_paged.get_page()
+
+        else:
+            page_offset = filters.page if dataset_id is None else 0
 
-        paged = entities.PagedEntities(items_repository=self,
-                                       filters=filters,
-                                       page_offset=filters.page,
-                                       page_size=filters.page_size,
-                                       client_api=self._client_api)
-        paged.get_page()
-        return paged
+            filter_paged = entities.PagedEntities(
+                items_repository=self,
+                filters=filters,
+                page_offset=page_offset,
+                page_size=filters.page_size,
+                client_api=self._client_api,
+            )
+            filter_paged.get_page()
+
+        return filter_paged
 
     @_api_reference.add(path='/features/sets/{id}', method='get')
     def get(self, feature_set_name: str = None, feature_set_id: str = None) -> entities.Feature:
@@ -112,45 +200,31 @@ class FeatureSets:
         :return: Feature object
         """
         if feature_set_id is not None:
-            success, response = self._client_api.gen_request(req_type="GET",
-                                                             path="{}/{}".format(self.URL, feature_set_id))
+            success, response = self._client_api.gen_request(req_type="GET", path="{}/{}".format(self.URL, feature_set_id))
             if not success:
                 raise exceptions.PlatformException(response)
-            feature_set = entities.FeatureSet.from_json(client_api=self._client_api,
-                                                        _json=response.json())
+            feature_set = entities.FeatureSet.from_json(client_api=self._client_api, _json=response.json())
         elif feature_set_name is not None:
             if not isinstance(feature_set_name, str):
-                raise exceptions.PlatformException(
-                    error='400',
-                    message='feature_set_name must be string')
+                raise exceptions.PlatformException(error='400', message='feature_set_name must be string')
             filters = entities.Filters(resource=entities.FiltersResource.FEATURE_SET)
             filters.add(field='name', values=feature_set_name)
             feature_sets = self.list(filters=filters)
             if feature_sets.items_count == 0:
-                raise exceptions.PlatformException(
-                    error='404',
-                    message='Feature set not found. name: {!r}'.format(feature_set_name))
+                raise exceptions.PlatformException(error='404', message='Feature set not found. name: {!r}'.format(feature_set_name))
             elif feature_sets.items_count > 1:
                 # more than one matching project
-                raise exceptions.PlatformException(
-                    error='404',
-                    message='More than one feature_set with same name. Please "get" by id')
+                raise exceptions.PlatformException(error='404', message='More than one feature_set with same name. Please "get" by id')
             else:
                 feature_set = feature_sets.items[0]
         else:
-            raise exceptions.PlatformException(
-                error='400',
-                message='Must provide an identifier in inputs, feature_set_name or feature_set_id')
+            raise exceptions.PlatformException(error='400', message='Must provide an identifier in inputs, feature_set_name or feature_set_id')
         return feature_set
 
     @_api_reference.add(path='/features/sets', method='post')
-    def create(self, name: str,
-               size: int,
-               set_type: str,
-               entity_type: entities.FeatureEntityType,
-               project_id: str = None,
-               model_id: set = None,
-               org_id: str = None):
+    def create(
+        self, name: str, size: int, set_type: str, entity_type: entities.FeatureEntityType, project_id: str = None, model_id: set = None, org_id: str = None
+    ):
         """
         Create a new Feature Set
 
@@ -169,25 +243,17 @@ class FeatureSets:
             else:
                 project_id = self._project.id
 
-        payload = {'name': name,
-                   'size': size,
-                   'type': set_type,
-                   'project': project_id,
-                   'modelId': model_id,
-                   'entityType': entity_type}
+        payload = {'name': name, 'size': size, 'type': set_type, 'project': project_id, 'modelId': model_id, 'entityType': entity_type}
         if org_id is not None:
             payload['org'] = org_id
-        success, response = self._client_api.gen_request(req_type="post",
-                                                         json_req=payload,
-                                                         path=self.URL)
+        success, response = self._client_api.gen_request(req_type="post", json_req=payload, path=self.URL)
 
         # exception handling
         if not success:
             raise exceptions.PlatformException(response)
 
         # return entity
-        return entities.FeatureSet.from_json(client_api=self._client_api,
-                                             _json=response.json()[0])
+        return entities.FeatureSet.from_json(client_api=self._client_api, _json=response.json()[0])
 
     @_api_reference.add(path='/features/sets/{id}', method='delete')
     def delete(self, feature_set_id: str):
@@ -199,8 +265,7 @@ class FeatureSets:
         :rtype: bool
         """
 
-        success, response = self._client_api.gen_request(req_type="delete",
-                                                         path=f"{self.URL}/{feature_set_id}")
+        success, response = self._client_api.gen_request(req_type="delete", path=f"{self.URL}/{feature_set_id}")
 
         # check response
         if success:
@@ -212,31 +277,27 @@ class FeatureSets:
     @_api_reference.add(path='/features/set/{id}', method='patch')
     def update(self, feature_set: entities.FeatureSet) -> entities.FeatureSet:
         """
-        Update a Feature Set
+         Update a Feature Set
 
-        **Prerequisites**: You must be in the role of an *owner* or *developer*.
+         **Prerequisites**: You must be in the role of an *owner* or *developer*.
 
-       :param dtlpy.entities.FeatureSet feature_set: FeatureSet object
-       :return: FeatureSet
-       :rtype: dtlpy.entities.FeatureSet
+        :param dtlpy.entities.FeatureSet feature_set: FeatureSet object
+        :return: FeatureSet
+        :rtype: dtlpy.entities.FeatureSet
 
-       **Example**:
+        **Example**:
 
-        .. code-block:: python
+         .. code-block:: python
 
-            dl.feature_sets.update(feature_set='feature_set')
-       """
-        success, response = self._client_api.gen_request(req_type="patch",
-                                                         path=f"{self.URL}/{feature_set.id}",
-                                                         json_req=feature_set.to_json())
+             dl.feature_sets.update(feature_set='feature_set')
+        """
+        success, response = self._client_api.gen_request(req_type="patch", path=f"{self.URL}/{feature_set.id}", json_req=feature_set.to_json())
         if not success:
             raise exceptions.PlatformException(response)
 
         logger.debug("feature_set updated successfully")
         # update dataset labels
-        feature_set = entities.FeatureSet.from_json(_json=response.json(),
-                                                    client_api=self._client_api,
-                                                    is_fetched=True)
+        feature_set = entities.FeatureSet.from_json(_json=response.json(), client_api=self._client_api, is_fetched=True)
         return feature_set
 
     def _build_entities_from_response(self, response_items) -> miscellaneous.List[entities.Item]:
@@ -244,9 +305,7 @@ class FeatureSets:
         jobs = [None for _ in range(len(response_items))]
         # return triggers list
         for i_item, item in enumerate(response_items):
-            jobs[i_item] = pool.submit(entities.FeatureSet._protected_from_json,
-                                       **{'client_api': self._client_api,
-                                          '_json': item})
+            jobs[i_item] = pool.submit(entities.FeatureSet._protected_from_json, **{'client_api': self._client_api, '_json': item})
         # get all results
         results = [j.result() for j in jobs]
         # log errors

dtlpy/repositories/packages.py

@@ -513,6 +513,13 @@ class Packages:
             if codebase is None:
                 src_path = os.getcwd()
                 logger.warning('No src_path is given, getting package information from cwd: {}'.format(src_path))
+        else:
+            # Validate src_path to prevent path traversal
+            miscellaneous.PathUtils.validate_directory_path(
+                src_path,
+                base_path=os.getcwd(),
+                must_exist=True
+            )
 
         # get package json
         package_from_json = dict()
@@ -941,6 +948,8 @@ class Packages:
 
             project.packages.deploy_from_file(project='project_entity', json_filepath='json_filepath')
         """
+        # Validate file path to prevent path traversal
+        miscellaneous.PathUtils.validate_file_path(json_filepath)
         with open(json_filepath, 'r') as f:
             data = json.load(f)
 

dtlpy/repositories/projects.py

@@ -1,6 +1,5 @@
 import logging
 from urllib.parse import quote
-import jwt
 
 from .. import entities, miscellaneous, exceptions, _api_reference
 from ..services.api_client import ApiClient
@@ -159,8 +158,7 @@ class Projects:
         assert isinstance(title, str)
         assert isinstance(content, str)
         if self._client_api.token is not None:
-            sender = jwt.decode(self._client_api.token, algorithms=['HS256'],
-                                verify=False, options={'verify_signature': False})['email']
+            sender = self._client_api.info()['user_email']
         else:
             raise exceptions.PlatformException('600', 'Token expired please log in')
 

dtlpy/services/api_client.py

@@ -856,8 +856,16 @@ class ApiClient:
         """
         user_email = 'null'
         if self.token is not None:
-            payload = jwt.decode(self.token, algorithms=['HS256'],
-                                 verify=False, options={'verify_signature': False})
+            # oxsec-disable jwt-signature-disabled - Client-side SDK: signature verification disabled intentionally to extract user email; server validates on API calls
+            payload = jwt.decode(
+                self.token,
+                options={
+                    "verify_signature": False,
+                    "verify_exp": False,
+                    "verify_aud": False,
+                    "verify_iss": False,
+                }
+            )
             user_email = payload['email']
         information = {'environment': self.environment,
                        'user_email': user_email}
@@ -1353,8 +1361,16 @@ class ApiClient:
             if self.token is None or self.token == '':
                 expired = True
             else:
-                payload = jwt.decode(self.token, algorithms=['HS256'],
-                                     options={'verify_signature': False}, verify=False)
+                # oxsec-disable jwt-signature-disabled - Client-side SDK: signature verification disabled intentionally to check token expiration; server validates on API calls
+                payload = jwt.decode(
+                    self.token,
+                    options={
+                        "verify_signature": False,
+                        "verify_exp": False,
+                        "verify_aud": False,
+                        "verify_iss": False,
+                    }
+                )
                 d = datetime.datetime.now(datetime.timezone.utc)
                 epoch = datetime.datetime(1970, 1, 1, tzinfo=datetime.timezone.utc)
                 now = (d - epoch).total_seconds()

dtlpy/services/check_sdk.py

@@ -2,7 +2,6 @@ import time
 import logging
 import threading
 import traceback
-import jwt
 
 logger = logging.getLogger(name='dtlpy')
 
@@ -21,9 +20,7 @@ def check_in_thread(version, client_api):
 
         # try read token for email
         try:
-            payload = jwt.decode(client_api.token, algorithms=['HS256'],
-                                 verify=False, options={'verify_signature': False})
-            user_email = payload['email']
+            user_email = client_api.info()['user_email']
         except Exception:
             user_email = 'na'
         logger.debug('SDK info: user: {}, version: {}'.format(user_email, version))

dtlpy/services/logins.py

@@ -32,15 +32,12 @@ def login_secret(api_client, email, password, client_id, client_secret=None, for
     # TODO add deprecation warning to client_id
     # check if already logged in with SAME email
     if api_client.token is not None or api_client.token == '':
-        try:
-            payload = jwt.decode(api_client.token, algorithms=['HS256'],
-                                 options={'verify_signature': False}, verify=False)
-            if 'email' in payload and \
-                    payload['email'] == email and \
-                    not api_client.token_expired() and \
-                    not force:
-                return True
-        except jwt.exceptions.DecodeError:
+        logged_email = api_client.info()['user_email']
+        if logged_email == email and \
+            not api_client.token_expired() and \
+            not force:
+            return True
+        else:
             logger.debug('{}'.format('Cant decode token. Force login is used'))
 
     logger.info('[Start] Login Secret')
@@ -71,13 +68,12 @@ def login_secret(api_client, email, password, client_id, client_secret=None, for
             api_client.refresh_token = response_dict['refresh_token']
 
         # set new client id for refresh
-        payload = jwt.decode(api_client.token, algorithms=['HS256'],
-                             options={'verify_signature': False}, verify=False)
-        if 'email' in payload:
-            logger.info('[Done] Login Secret. User: {}'.format(payload['email']))
+        logged_email = api_client.info()['user_email']
+
+        if not logged_email == 'null':
+            logger.info(f'[Done] Login Secret. User: {logged_email}')
         else:
-            logger.info('[Done] Login Secret. User: {}'.format(email))
-            logger.info(payload)
+            logger.info(f'[Done] Login Secret. User: {email}')
     return True
 
 
@@ -206,8 +202,16 @@ def login(api_client, auth0_url=None, audience=None, client_id=None, login_domai
         success, tokens = server.process_request()
 
         if success:
-            decoded_jwt = jwt.decode(tokens['id'], verify=False,
-                                     options={'verify_signature': False})
+            # oxsec-disable jwt-signature-disabled - Client-side SDK: signature verification disabled intentionally to extract claims for display; server validates on API calls
+            decoded_jwt = jwt.decode(
+                tokens['id'],
+                options={
+                    "verify_signature": False,
+                    "verify_exp": False,
+                    "verify_aud": False,
+                    "verify_iss": False,
+                }
+            )
 
             if 'email' in decoded_jwt:
                 logger.info('Logged in: {}'.format(decoded_jwt['email']))

dtlpy/utilities/videos/videos.py

@@ -7,6 +7,7 @@ import os
 import logging
 import dtlpy as dl
 import shutil
+from dtlpy import miscellaneous
 
 logger = logging.getLogger(name='dtlpy')
 
@@ -344,6 +345,9 @@ class Videos:
             raise
         # https://www.ffmpeg.org/ffmpeg-formats.html#Examples-9
 
+        # Validate filepath to prevent path traversal
+        miscellaneous.PathUtils.validate_file_path(filepath)
+        
         if not os.path.isfile(filepath):
             raise IOError('File doesnt exists: {}'.format(filepath))
         logger.info('Extracting video information...')