fleet-python 0.2.65__py3-none-any.whl → 0.2.66b3__py3-none-any.whl

fleet/_async/tasks.py

@@ -279,17 +279,14 @@ def verifier_from_string(
     """
     try:
         import inspect
-        import re
         from .verifiers.verifier import AsyncVerifierFunction
         from fleet.verifiers.code import TASK_SUCCESSFUL_SCORE, TASK_FAILED_SCORE
         from fleet.verifiers.db import IgnoreConfig
+        from fleet.verifiers.parsing import parse_and_validate_verifier
 
-        # Strip @verifier decorator if present to avoid double-wrapping
-        # Remove lines like: @verifier(key="...")
-        cleaned_code = re.sub(r'@verifier\([^)]*\)\s*\n', '', verifier_func)
-        # Also remove the verifier import if present
-        cleaned_code = re.sub(r'from fleet import.*verifier.*\n', '', cleaned_code)
-        cleaned_code = re.sub(r'import.*verifier.*\n', '', cleaned_code)
+        # Validate the code and extract function name
+        # This ensures no arbitrary code execution during import
+        func_name = parse_and_validate_verifier(verifier_func)
 
         # Create a local namespace for executing the code
         local_namespace = {
@@ -299,8 +296,9 @@ def verifier_from_string(
             "Environment": object,  # Add Environment type if needed
         }
 
-        # Execute the cleaned verifier code in the namespace
-        exec(cleaned_code, globals(), local_namespace)
+        # Execute the verifier code in the namespace
+        # This is now safe because we validated it contains only declarative code
+        exec(verifier_func, globals(), local_namespace)
 
         # Find the function that was defined (not imported)
         # Functions defined via exec have co_filename == '<string>'

fleet/tasks.py

@@ -272,17 +272,14 @@ def verifier_from_string(
     """
     try:
         import inspect
-        import re
         from .verifiers import SyncVerifierFunction
         from .verifiers.code import TASK_SUCCESSFUL_SCORE, TASK_FAILED_SCORE
         from .verifiers.db import IgnoreConfig
+        from .verifiers.parsing import parse_and_validate_verifier
 
-        # Strip @verifier decorator if present to avoid double-wrapping
-        # Remove lines like: @verifier(key="...")
-        cleaned_code = re.sub(r'@verifier\([^)]*\)\s*\n', '', verifier_func)
-        # Also remove the verifier import if present
-        cleaned_code = re.sub(r'from fleet import.*verifier.*\n', '', cleaned_code)
-        cleaned_code = re.sub(r'import.*verifier.*\n', '', cleaned_code)
+        # Validate the code and extract function name
+        # This ensures no arbitrary code execution during import
+        func_name = parse_and_validate_verifier(verifier_func)
 
         # Create a globals namespace with all required imports
         exec_globals = globals().copy()
@@ -298,8 +295,9 @@ def verifier_from_string(
         # Create a local namespace for executing the code
         local_namespace = {}
 
-        # Execute the cleaned verifier code in the namespace
-        exec(cleaned_code, exec_globals, local_namespace)
+        # Execute the verifier code in the namespace
+        # This is now safe because we validated it contains only declarative code
+        exec(verifier_func, exec_globals, local_namespace)
 
         # Find the function that was defined (not imported)
         # Functions defined via exec have co_filename == '<string>'

fleet/verifiers/parsing.py

@@ -0,0 +1,106 @@
+"""Verifier code parsing and validation utilities."""
+
+import ast
+from typing import Set
+
+
+def parse_and_validate_verifier(code: str) -> str:
+    """Parse and validate verifier code, returning the first function name.
+
+    This function ensures that the verifier code only contains safe declarative
+    statements and does not execute arbitrary code during import.
+
+    Args:
+        code: Python code string containing the verifier function
+
+    Returns:
+        Name of the first function found in the code
+
+    Raises:
+        ValueError: If code is invalid or contains unsafe statements
+        SyntaxError: If code has syntax errors
+    """
+    try:
+        tree = ast.parse(code)
+    except SyntaxError as e:
+        raise SyntaxError(f"Syntax error in verifier code: {e}")
+
+    first_function_name = None
+
+    for node in tree.body:
+        # Check for function definitions
+        if isinstance(node, (ast.FunctionDef, ast.AsyncFunctionDef)):
+            # Validate that decorators don't contain function calls
+            for decorator in node.decorator_list:
+                if _contains_call(decorator):
+                    raise ValueError(
+                        f"Line {node.lineno}: Function decorators with function calls "
+                        f"are not allowed. Decorators execute during import and could "
+                        f"run arbitrary code."
+                    )
+
+            if first_function_name is None:
+                first_function_name = node.name
+            continue
+
+        # Allow imports
+        if isinstance(node, (ast.Import, ast.ImportFrom)):
+            continue
+
+        # Allow class definitions
+        if isinstance(node, ast.ClassDef):
+            continue
+
+        # Allow docstrings and other expression statements (but not calls)
+        if isinstance(node, ast.Expr):
+            if isinstance(node.value, ast.Constant):
+                # Docstring or constant expression - safe
+                continue
+            else:
+                # Check if it's a call or other dangerous expression
+                raise ValueError(
+                    f"Line {node.lineno}: Expression statements that are not "
+                    f"constants are not allowed at module level. Found: {ast.dump(node.value)}"
+                )
+
+        # Allow variable assignments, but check the value
+        if isinstance(node, (ast.Assign, ast.AnnAssign)):
+            # Check if the assignment value contains any function calls
+            if _contains_call(node.value if isinstance(node, ast.AnnAssign) else node.value):
+                raise ValueError(
+                    f"Line {node.lineno}: Variable assignments with function calls "
+                    f"are not allowed at module level. This prevents arbitrary code "
+                    f"execution during import."
+                )
+            continue
+
+        # If we get here, it's an unsupported statement type
+        raise ValueError(
+            f"Line {node.lineno}: Unsupported statement type at module level: "
+            f"{node.__class__.__name__}. Only imports, function/class definitions, "
+            f"and constant assignments are allowed."
+        )
+
+    if first_function_name is None:
+        raise ValueError("No function found in verifier code")
+
+    return first_function_name
+
+
+def _contains_call(node: ast.AST) -> bool:
+    """Recursively check if an AST node contains any Call nodes.
+
+    Args:
+        node: AST node to check
+
+    Returns:
+        True if the node or any of its children is a Call node
+    """
+    if isinstance(node, ast.Call):
+        return True
+
+    for child in ast.walk(node):
+        if isinstance(child, ast.Call):
+            return True
+
+    return False

{fleet_python-0.2.65.dist-info → fleet_python-0.2.66b3.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: fleet-python
-Version: 0.2.65
+Version: 0.2.66b3
 Summary: Python SDK for Fleet environments
 Author-email: Fleet AI <nic@fleet.so>
 License: Apache-2.0

{fleet_python-0.2.65.dist-info → fleet_python-0.2.66b3.dist-info}/RECORD

@@ -28,7 +28,7 @@ fleet/config.py,sha256=uY02ZKxVoXqVDta-0IMWaYJeE1CTXF_fA9NI6QUutmU,319
 fleet/exceptions.py,sha256=fUmPwWhnT8SR97lYsRq0kLHQHKtSh2eJS0VQ2caSzEI,5055
 fleet/global_client.py,sha256=frrDAFNM2ywN0JHLtlm9qbE1dQpnQJsavJpb7xSR_bU,1072
 fleet/models.py,sha256=AuSApLRN6aIDTOuJ4mGUyS1K1oLG9Q2AzjIE0Zj61MY,13586
-fleet/tasks.py,sha256=7ddJOeTznh1PqVEeyAkYWQ__MhomFhnfjeOt1B1it7I,17526
+fleet/tasks.py,sha256=j14T6aoKDu3NghtQEr0vP-YDW_r8FxdDAazWe-6PQj0,17423
 fleet/types.py,sha256=L4Y82xICf1tzyCLqhLYUgEoaIIS5h9T05TyFNHSWs3s,652
 fleet/_async/__init__.py,sha256=5oOTmh16UsPWL2gDKKWkj2j5WGNeUhMzbQFWjX21jsc,8310
 fleet/_async/base.py,sha256=oisVTQsx0M_yTmyQJc3oij63uKZ97MHz-xYFsWXxQE8,9202
@@ -36,7 +36,7 @@ fleet/_async/client.py,sha256=w_g0aOLfyyK_OojjGVe3TgyQQsWxnybJRFMLOtsb0p8,33027
 fleet/_async/exceptions.py,sha256=fUmPwWhnT8SR97lYsRq0kLHQHKtSh2eJS0VQ2caSzEI,5055
 fleet/_async/global_client.py,sha256=4WskpLHbsDEgWW7hXMD09W-brkp4euy8w2ZJ88594rQ,1103
 fleet/_async/models.py,sha256=6WMN--LJFV-A5L2jW8Y6q7HQfub7qGxGoVkPQhvS_jw,13358
-fleet/_async/tasks.py,sha256=h_BerLY19GUjgu9EZypf3Av99CMRkPLOFKVoEXcwwbE,17540
+fleet/_async/tasks.py,sha256=653T8m41i6ea-YCfr5EOsAD7CIi9ystcExMepxhSiA0,17442
 fleet/_async/env/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 fleet/_async/env/client.py,sha256=hUwrKTAkTAbO94_pDaAH8LyvlS9q-7oT7ZRrNo03LNs,1309
 fleet/_async/instance/__init__.py,sha256=PtmJq8J8bh0SOQ2V55QURz5GJfobozwtQoqhaOk3_tI,515
@@ -67,14 +67,16 @@ fleet/verifiers/code.py,sha256=A1i_UabZspbyj1awzKVQ_HRxgMO3fU7NbkxYyTrp7So,48
 fleet/verifiers/db.py,sha256=LAh1HambBInH_D9q9E2Z41YNkCOI9JJfpWPFqztjpfQ,27922
 fleet/verifiers/decorator.py,sha256=nAP3O8szXu7md_kpwpz91hGSUNEVLYjwZQZTkQlV1DM,3260
 fleet/verifiers/parse.py,sha256=qz9AfJrTbjlg-LU-lE8Ciqi7Yt2a8-cs17FdpjTLhMk,8550
+fleet/verifiers/parsing.py,sha256=EzlfHLogHPC1i5pfsF3ZCBJ8NY3s1uvz7v59CfcuMtI,3713
 fleet/verifiers/sql_differ.py,sha256=TqTLWyK3uOyLbitT6HYzYEzuSFC39wcyhgk3rcm__k8,6525
 fleet/verifiers/verifier.py,sha256=_lcxXVm8e0xRrK2gNJy9up7pW1zOkPRY5n5lQ85S8jg,14197
-fleet_python-0.2.65.dist-info/licenses/LICENSE,sha256=xx0jnfkXJvxRnG63LTGOxlggYnIysveWIZ6H3PNdCrQ,11357
+fleet_python-0.2.66b3.dist-info/licenses/LICENSE,sha256=xx0jnfkXJvxRnG63LTGOxlggYnIysveWIZ6H3PNdCrQ,11357
 scripts/fix_sync_imports.py,sha256=X9fWLTpiPGkSHsjyQUDepOJkxOqw1DPj7nd8wFlFqLQ,8368
 scripts/unasync.py,sha256=vWVQxRWX8SRZO5cmzEhpvnG_REhCWXpidIGIpWmEcvI,696
 tests/__init__.py,sha256=Re1SdyxH8NfyL1kjhi7SQkGP1mYeWB-D6UALqdIMd8I,35
 tests/test_verifier_from_string.py,sha256=Lxi3TpFHFb-hG4-UhLKZJkqo84ax9YJY8G6beO-1erM,13581
-fleet_python-0.2.65.dist-info/METADATA,sha256=8S11v3oWKIXvxy_7pj2nBfj8RUSmKRUX1dDa33iO10Q,3304
-fleet_python-0.2.65.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-fleet_python-0.2.65.dist-info/top_level.txt,sha256=qb1zIbtEktyhRFZdqVytwg54l64qtoZL0wjHB4bUg3c,29
-fleet_python-0.2.65.dist-info/RECORD,,
+tests/test_verifier_security.py,sha256=AvjWTVV-VlWaysNkHcRz1_UZxjYZYlr4ynM6uy2o9eM,12821
+fleet_python-0.2.66b3.dist-info/METADATA,sha256=U1sVi6oAJw5NxDCEqNSagFSu7zbjAmEgp4lq35VSz0E,3306
+fleet_python-0.2.66b3.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+fleet_python-0.2.66b3.dist-info/top_level.txt,sha256=qb1zIbtEktyhRFZdqVytwg54l64qtoZL0wjHB4bUg3c,29
+fleet_python-0.2.66b3.dist-info/RECORD,,

tests/test_verifier_security.py

@@ -0,0 +1,427 @@
+"""Security tests for verifier_from_string function.
+
+Tests that the verifier parsing and validation properly blocks
+arbitrary code execution during import.
+"""
+
+import pytest
+from fleet.tasks import verifier_from_string as sync_verifier_from_string
+from fleet._async.tasks import verifier_from_string as async_verifier_from_string
+
+
+class TestSyncVerifierSecurity:
+    """Security tests for sync version of verifier_from_string."""
+
+    def test_blocks_module_level_subprocess_run(self):
+        """Test that module-level subprocess.run() is blocked."""
+        code = """
+import subprocess
+subprocess.run(['echo', 'malicious'])
+
+def my_verifier(env):
+    return 1.0
+"""
+        with pytest.raises(ValueError, match="Expression statements that are not constants"):
+            sync_verifier_from_string(
+                verifier_func=code,
+                verifier_id="test-verifier",
+                verifier_key="test-key",
+                sha256="test-sha",
+            )
+
+    def test_blocks_module_level_open(self):
+        """Test that module-level open() is blocked."""
+        code = """
+open('/etc/passwd', 'r')
+
+def my_verifier(env):
+    return 1.0
+"""
+        with pytest.raises(ValueError, match="Expression statements that are not constants"):
+            sync_verifier_from_string(
+                verifier_func=code,
+                verifier_id="test-verifier",
+                verifier_key="test-key",
+                sha256="test-sha",
+            )
+
+    def test_blocks_assignment_with_subprocess_call(self):
+        """Test that variable assignment with subprocess call is blocked."""
+        code = """
+import subprocess
+result = subprocess.run(['echo', 'malicious'])
+
+def my_verifier(env):
+    return 1.0
+"""
+        with pytest.raises(ValueError, match="Variable assignments with function calls"):
+            sync_verifier_from_string(
+                verifier_func=code,
+                verifier_id="test-verifier",
+                verifier_key="test-key",
+                sha256="test-sha",
+            )
+
+    def test_blocks_assignment_with_open_call(self):
+        """Test that variable assignment with open() is blocked."""
+        code = """
+file_handle = open('/etc/passwd', 'r')
+
+def my_verifier(env):
+    return 1.0
+"""
+        with pytest.raises(ValueError, match="Variable assignments with function calls"):
+            sync_verifier_from_string(
+                verifier_func=code,
+                verifier_id="test-verifier",
+                verifier_key="test-key",
+                sha256="test-sha",
+            )
+
+    def test_blocks_assignment_with_any_function_call(self):
+        """Test that variable assignment with any function call is blocked."""
+        code = """
+import os
+path = os.getcwd()
+
+def my_verifier(env):
+    return 1.0
+"""
+        with pytest.raises(ValueError, match="Variable assignments with function calls"):
+            sync_verifier_from_string(
+                verifier_func=code,
+                verifier_id="test-verifier",
+                verifier_key="test-key",
+                sha256="test-sha",
+            )
+
+    def test_allows_constant_assignment(self):
+        """Test that constant variable assignments are allowed."""
+        code = """
+CONSTANT_VALUE = 42
+ANOTHER_CONSTANT = "test"
+PI = 3.14159
+
+def my_verifier(env):
+    return CONSTANT_VALUE
+"""
+        # Should not raise
+        verifier = sync_verifier_from_string(
+            verifier_func=code,
+            verifier_id="test-verifier",
+            verifier_key="test-key",
+            sha256="test-sha",
+        )
+        assert verifier is not None
+
+    def test_allows_list_dict_constant_assignment(self):
+        """Test that list/dict constant assignments are allowed."""
+        code = """
+MY_LIST = [1, 2, 3]
+MY_DICT = {"key": "value"}
+MY_TUPLE = (1, 2, 3)
+
+def my_verifier(env):
+    return 1.0
+"""
+        # Should not raise
+        verifier = sync_verifier_from_string(
+            verifier_func=code,
+            verifier_id="test-verifier",
+            verifier_key="test-key",
+            sha256="test-sha",
+        )
+        assert verifier is not None
+
+    def test_allows_valid_imports(self):
+        """Test that imports are allowed."""
+        code = """
+import json
+import os
+from typing import Dict
+
+def my_verifier(env):
+    return 1.0
+"""
+        # Should not raise
+        verifier = sync_verifier_from_string(
+            verifier_func=code,
+            verifier_id="test-verifier",
+            verifier_key="test-key",
+            sha256="test-sha",
+        )
+        assert verifier is not None
+
+    def test_allows_class_definitions(self):
+        """Test that class definitions are allowed."""
+        code = """
+class MyHelper:
+    def __init__(self):
+        self.value = 42
+
+    def get_value(self):
+        return self.value
+
+def my_verifier(env):
+    helper = MyHelper()
+    return helper.get_value()
+"""
+        # Should not raise
+        verifier = sync_verifier_from_string(
+            verifier_func=code,
+            verifier_id="test-verifier",
+            verifier_key="test-key",
+            sha256="test-sha",
+        )
+        assert verifier is not None
+
+    def test_allows_multiple_functions(self):
+        """Test that multiple function definitions are allowed."""
+        code = """
+def helper_function(x):
+    return x * 2
+
+def my_verifier(env):
+    return helper_function(0.5)
+"""
+        # Should not raise
+        verifier = sync_verifier_from_string(
+            verifier_func=code,
+            verifier_id="test-verifier",
+            verifier_key="test-key",
+            sha256="test-sha",
+        )
+        assert verifier is not None
+
+    def test_extracts_first_function_name(self):
+        """Test that the first function name is correctly extracted."""
+        code = """
+def first_function(env):
+    return 1.0
+
+def second_function(env):
+    return 0.5
+"""
+        verifier = sync_verifier_from_string(
+            verifier_func=code,
+            verifier_id="test-verifier",
+            verifier_key="test-key",
+            sha256="test-sha",
+        )
+        # The first function should be used
+        assert verifier.func.__name__ == "first_function"
+
+    def test_error_message_includes_line_number(self):
+        """Test that error messages include helpful line numbers."""
+        code = """
+import subprocess
+
+subprocess.run(['echo', 'test'])
+
+def my_verifier(env):
+    return 1.0
+"""
+        with pytest.raises(ValueError, match=r"Line \d+"):
+            sync_verifier_from_string(
+                verifier_func=code,
+                verifier_id="test-verifier",
+                verifier_key="test-key",
+                sha256="test-sha",
+            )
+
+    def test_blocks_nested_function_call_in_list(self):
+        """Test that function calls nested in list assignments are blocked."""
+        code = """
+import os
+MY_LIST = [1, 2, os.getcwd()]
+
+def my_verifier(env):
+    return 1.0
+"""
+        with pytest.raises(ValueError, match="Variable assignments with function calls"):
+            sync_verifier_from_string(
+                verifier_func=code,
+                verifier_id="test-verifier",
+                verifier_key="test-key",
+                sha256="test-sha",
+            )
+
+    def test_blocks_nested_function_call_in_dict(self):
+        """Test that function calls nested in dict assignments are blocked."""
+        code = """
+import os
+MY_DICT = {"cwd": os.getcwd()}
+
+def my_verifier(env):
+    return 1.0
+"""
+        with pytest.raises(ValueError, match="Variable assignments with function calls"):
+            sync_verifier_from_string(
+                verifier_func=code,
+                verifier_id="test-verifier",
+                verifier_key="test-key",
+                sha256="test-sha",
+            )
+
+    def test_allows_docstrings(self):
+        """Test that module-level docstrings are allowed."""
+        code = '''
+"""This is a module docstring."""
+
+def my_verifier(env):
+    """This is a function docstring."""
+    return 1.0
+'''
+        # Should not raise
+        verifier = sync_verifier_from_string(
+            verifier_func=code,
+            verifier_id="test-verifier",
+            verifier_key="test-key",
+            sha256="test-sha",
+        )
+        assert verifier is not None
+
+    def test_function_with_decorator_extracts_correct_name(self):
+        """Test that decorators don't affect function name extraction."""
+        code = """
+def some_decorator(func):
+    return func
+
+@some_decorator
+def my_actual_function(env):
+    return 1.0
+"""
+        verifier = sync_verifier_from_string(
+            verifier_func=code,
+            verifier_id="test-verifier",
+            verifier_key="test-key",
+            sha256="test-sha",
+        )
+        # Should extract 'some_decorator' (first function) or 'my_actual_function'
+        # depending on order, but NOT the decorator name itself
+        assert verifier.func.__name__ in ["some_decorator", "my_actual_function"]
+
+    def test_blocks_decorator_with_function_call(self):
+        """Test that decorators with function calls are blocked."""
+        code = """
+import subprocess
+
+@subprocess.run(['echo', 'bad'])
+def my_verifier(env):
+    return 1.0
+"""
+        # Decorators execute during import, so calls in decorators are dangerous
+        with pytest.raises(ValueError, match="Function decorators with function calls"):
+            sync_verifier_from_string(
+                verifier_func=code,
+                verifier_id="test-verifier",
+                verifier_key="test-key",
+                sha256="test-sha",
+            )
+
+    def test_allows_simple_decorator_reference(self):
+        """Test that simple decorator references (no calls) are allowed."""
+        code = """
+def my_decorator(func):
+    return func
+
+@my_decorator
+def my_verifier(env):
+    return 1.0
+"""
+        # Simple decorator reference (no call) should be allowed
+        verifier = sync_verifier_from_string(
+            verifier_func=code,
+            verifier_id="test-verifier",
+            verifier_key="test-key",
+            sha256="test-sha",
+        )
+        assert verifier is not None
+
+
+class TestAsyncVerifierSecurity:
+    """Security tests for async version of verifier_from_string."""
+
+    def test_blocks_module_level_subprocess_run(self):
+        """Test that module-level subprocess.run() is blocked."""
+        code = """
+import subprocess
+subprocess.run(['echo', 'malicious'])
+
+async def my_async_verifier(env):
+    return 1.0
+"""
+        with pytest.raises(ValueError, match="Expression statements that are not constants"):
+            async_verifier_from_string(
+                verifier_func=code,
+                verifier_id="test-verifier",
+                verifier_key="test-key",
+                sha256="test-sha",
+            )
+
+    def test_blocks_assignment_with_function_call(self):
+        """Test that variable assignment with function call is blocked."""
+        code = """
+import subprocess
+result = subprocess.run(['echo', 'malicious'])
+
+async def my_async_verifier(env):
+    return 1.0
+"""
+        with pytest.raises(ValueError, match="Variable assignments with function calls"):
+            async_verifier_from_string(
+                verifier_func=code,
+                verifier_id="test-verifier",
+                verifier_key="test-key",
+                sha256="test-sha",
+            )
+
+    def test_allows_constant_assignment(self):
+        """Test that constant variable assignments are allowed."""
+        code = """
+CONSTANT_VALUE = 42
+
+async def my_async_verifier(env):
+    return CONSTANT_VALUE
+"""
+        # Should not raise
+        verifier = async_verifier_from_string(
+            verifier_func=code,
+            verifier_id="test-verifier",
+            verifier_key="test-key",
+            sha256="test-sha",
+        )
+        assert verifier is not None
+
+    def test_allows_async_function_definitions(self):
+        """Test that async function definitions are recognized."""
+        code = """
+async def my_async_verifier(env):
+    return 1.0
+"""
+        # Should not raise
+        verifier = async_verifier_from_string(
+            verifier_func=code,
+            verifier_id="test-verifier",
+            verifier_key="test-key",
+            sha256="test-sha",
+        )
+        assert verifier is not None
+
+    def test_extracts_first_async_function_name(self):
+        """Test that the first async function name is correctly extracted."""
+        code = """
+async def first_async_function(env):
+    return 1.0
+
+async def second_async_function(env):
+    return 0.5
+"""
+        verifier = async_verifier_from_string(
+            verifier_func=code,
+            verifier_id="test-verifier",
+            verifier_key="test-key",
+            sha256="test-sha",
+        )
+        # The first function should be used
+        assert verifier.func.__name__ == "first_async_function"