janito 2.17.0__py3-none-any.whl → 2.17.1__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- janito/tools/adapters/local/read_files.py +1 -1
- janito/tools/path_security.py +14 -0
- janito/tools/tools_adapter.py +118 -26
- {janito-2.17.0.dist-info → janito-2.17.1.dist-info}/METADATA +1 -1
- {janito-2.17.0.dist-info → janito-2.17.1.dist-info}/RECORD +9 -9
- {janito-2.17.0.dist-info → janito-2.17.1.dist-info}/WHEEL +0 -0
- {janito-2.17.0.dist-info → janito-2.17.1.dist-info}/entry_points.txt +0 -0
- {janito-2.17.0.dist-info → janito-2.17.1.dist-info}/licenses/LICENSE +0 -0
- {janito-2.17.0.dist-info → janito-2.17.1.dist-info}/top_level.txt +0 -0
janito/tools/path_security.py
CHANGED
|
@@ -135,6 +135,7 @@ def _extract_path_keys_from_schema(schema: Mapping[str, Any]) -> set[str]:
|
|
|
135
135
|
path_keys: set[str] = set()
|
|
136
136
|
if schema is not None:
|
|
137
137
|
for k, v in schema.get("properties", {}).items():
|
|
138
|
+
# Handle direct path strings
|
|
138
139
|
if v.get("format") == "path" or (
|
|
139
140
|
v.get("type") == "string"
|
|
140
141
|
and (
|
|
@@ -144,6 +145,19 @@ def _extract_path_keys_from_schema(schema: Mapping[str, Any]) -> set[str]:
|
|
|
144
145
|
)
|
|
145
146
|
):
|
|
146
147
|
path_keys.add(k)
|
|
148
|
+
# Handle arrays of path strings
|
|
149
|
+
elif v.get("type") == "array" and "items" in v:
|
|
150
|
+
items = v["items"]
|
|
151
|
+
if items.get("format") == "path" or (
|
|
152
|
+
items.get("type") == "string"
|
|
153
|
+
and (
|
|
154
|
+
"path" in items.get("description", "").lower()
|
|
155
|
+
or "path" in v.get("description", "").lower()
|
|
156
|
+
or k.endswith("paths")
|
|
157
|
+
or k == "paths"
|
|
158
|
+
)
|
|
159
|
+
):
|
|
160
|
+
path_keys.add(k)
|
|
147
161
|
return path_keys
|
|
148
162
|
|
|
149
163
|
|
janito/tools/tools_adapter.py
CHANGED
|
@@ -131,9 +131,15 @@ class ToolsAdapterBase:
|
|
|
131
131
|
|
|
132
132
|
if arguments is None:
|
|
133
133
|
arguments = {}
|
|
134
|
-
#
|
|
134
|
+
# If arguments are provided as a non-dict (e.g. a list or a scalar)
|
|
135
|
+
# we skip signature *keyword* validation completely and defer the
|
|
136
|
+
# decision to Python's own call mechanics when the function is
|
|
137
|
+
# eventually invoked. This allows positional / variadic arguments to
|
|
138
|
+
# be supplied by callers that intentionally bypass the structured
|
|
139
|
+
# JSON-schema style interface.
|
|
135
140
|
if not isinstance(arguments, dict):
|
|
136
|
-
|
|
141
|
+
# Nothing to validate at this stage – treat as OK.
|
|
142
|
+
return None
|
|
137
143
|
|
|
138
144
|
sig = inspect.signature(func)
|
|
139
145
|
params = sig.parameters
|
|
@@ -193,30 +199,32 @@ class ToolsAdapterBase:
|
|
|
193
199
|
)
|
|
194
200
|
|
|
195
201
|
schema = getattr(tool, "schema", None)
|
|
196
|
-
|
|
197
|
-
|
|
198
|
-
|
|
199
|
-
|
|
200
|
-
|
|
201
|
-
|
|
202
|
-
|
|
203
|
-
|
|
204
|
-
from janito.report_events import (
|
|
205
|
-
ReportEvent,
|
|
206
|
-
ReportSubtype,
|
|
207
|
-
ReportAction,
|
|
202
|
+
# Only validate paths for dictionary-style arguments
|
|
203
|
+
if isinstance(arguments, dict):
|
|
204
|
+
try:
|
|
205
|
+
validate_paths_in_arguments(arguments, workdir, schema=schema)
|
|
206
|
+
except PathSecurityError as sec_err:
|
|
207
|
+
# Publish both a ToolCallError and a user-facing ReportEvent for path security errors
|
|
208
|
+
self._publish_tool_call_error(
|
|
209
|
+
tool_name, request_id, str(sec_err), arguments
|
|
208
210
|
)
|
|
211
|
+
if self._event_bus:
|
|
212
|
+
from janito.report_events import (
|
|
213
|
+
ReportEvent,
|
|
214
|
+
ReportSubtype,
|
|
215
|
+
ReportAction,
|
|
216
|
+
)
|
|
209
217
|
|
|
210
|
-
|
|
211
|
-
|
|
212
|
-
|
|
213
|
-
|
|
214
|
-
|
|
215
|
-
|
|
216
|
-
|
|
218
|
+
self._event_bus.publish(
|
|
219
|
+
ReportEvent(
|
|
220
|
+
subtype=ReportSubtype.ERROR,
|
|
221
|
+
message=f"[SECURITY] Path access denied: {sec_err}",
|
|
222
|
+
action=ReportAction.EXECUTE,
|
|
223
|
+
tool=tool_name,
|
|
224
|
+
context={"arguments": arguments, "request_id": request_id},
|
|
225
|
+
)
|
|
217
226
|
)
|
|
218
|
-
|
|
219
|
-
return f"Security error: {sec_err}"
|
|
227
|
+
return f"Security error: {sec_err}"
|
|
220
228
|
# --- END SECURITY ---
|
|
221
229
|
|
|
222
230
|
self._publish_tool_call_started(tool_name, request_id, arguments)
|
|
@@ -224,7 +232,18 @@ class ToolsAdapterBase:
|
|
|
224
232
|
f"[tools-adapter] Executing tool: {tool_name} with arguments: {arguments}"
|
|
225
233
|
)
|
|
226
234
|
try:
|
|
227
|
-
|
|
235
|
+
# Normalize arguments to ensure proper type handling
|
|
236
|
+
normalized_args = self._normalize_arguments(arguments, tool, func)
|
|
237
|
+
|
|
238
|
+
if isinstance(normalized_args, (list, tuple)):
|
|
239
|
+
# Positional arguments supplied as an array → expand as *args
|
|
240
|
+
result = self.execute(tool, *normalized_args, **kwargs)
|
|
241
|
+
elif isinstance(normalized_args, dict) or normalized_args is None:
|
|
242
|
+
# Keyword-style arguments (the default) – pass as **kwargs
|
|
243
|
+
result = self.execute(tool, **(normalized_args or {}), **kwargs)
|
|
244
|
+
else:
|
|
245
|
+
# Single positional argument (scalar/str/int/…)
|
|
246
|
+
result = self.execute(tool, normalized_args, **kwargs)
|
|
228
247
|
except Exception as e:
|
|
229
248
|
self._handle_execution_error(tool_name, request_id, e, arguments)
|
|
230
249
|
self._print_verbose(
|
|
@@ -281,6 +300,65 @@ class ToolsAdapterBase:
|
|
|
281
300
|
if self.verbose_tools:
|
|
282
301
|
print(message)
|
|
283
302
|
|
|
303
|
+
def _normalize_arguments(self, arguments, tool, func):
|
|
304
|
+
"""
|
|
305
|
+
Normalize arguments to ensure proper type handling at the adapter level.
|
|
306
|
+
|
|
307
|
+
This handles cases where:
|
|
308
|
+
1. String is passed instead of list for array parameters
|
|
309
|
+
2. JSON string parsing issues
|
|
310
|
+
3. Other type mismatches that can be automatically resolved
|
|
311
|
+
"""
|
|
312
|
+
import inspect
|
|
313
|
+
import json
|
|
314
|
+
|
|
315
|
+
# If arguments is already a dict or None, return as-is
|
|
316
|
+
if isinstance(arguments, dict) or arguments is None:
|
|
317
|
+
return arguments
|
|
318
|
+
|
|
319
|
+
# If arguments is a list/tuple, return as-is (positional args)
|
|
320
|
+
if isinstance(arguments, (list, tuple)):
|
|
321
|
+
return arguments
|
|
322
|
+
|
|
323
|
+
# Handle string arguments
|
|
324
|
+
if isinstance(arguments, str):
|
|
325
|
+
# Try to parse as JSON if it looks like JSON
|
|
326
|
+
stripped = arguments.strip()
|
|
327
|
+
if (stripped.startswith('{') and stripped.endswith('}')) or \
|
|
328
|
+
(stripped.startswith('[') and stripped.endswith(']')):
|
|
329
|
+
try:
|
|
330
|
+
parsed = json.loads(arguments)
|
|
331
|
+
return parsed
|
|
332
|
+
except json.JSONDecodeError:
|
|
333
|
+
# If it looks like JSON but failed, try to handle common issues
|
|
334
|
+
pass
|
|
335
|
+
|
|
336
|
+
# Check if the function expects a list parameter
|
|
337
|
+
try:
|
|
338
|
+
sig = inspect.signature(func)
|
|
339
|
+
params = list(sig.parameters.values())
|
|
340
|
+
|
|
341
|
+
# Skip 'self' parameter for methods
|
|
342
|
+
if len(params) > 0 and params[0].name == 'self':
|
|
343
|
+
params = params[1:]
|
|
344
|
+
|
|
345
|
+
# If there's exactly one parameter that expects a list, wrap string in list
|
|
346
|
+
if len(params) == 1:
|
|
347
|
+
param = params[0]
|
|
348
|
+
annotation = param.annotation
|
|
349
|
+
|
|
350
|
+
# Check if annotation is list[str] or similar
|
|
351
|
+
if hasattr(annotation, '__origin__') and annotation.__origin__ is list:
|
|
352
|
+
return [arguments]
|
|
353
|
+
elif str(annotation).startswith('list[') or str(annotation) == 'list':
|
|
354
|
+
return [arguments]
|
|
355
|
+
|
|
356
|
+
except (ValueError, TypeError):
|
|
357
|
+
pass
|
|
358
|
+
|
|
359
|
+
# Return original arguments for other cases
|
|
360
|
+
return arguments
|
|
361
|
+
|
|
284
362
|
def execute_function_call_message_part(self, function_call_message_part):
|
|
285
363
|
"""
|
|
286
364
|
Execute a FunctionCallMessagePart by extracting the tool name and arguments and dispatching to execute_by_name.
|
|
@@ -298,9 +376,23 @@ class ToolsAdapterBase:
|
|
|
298
376
|
# Parse arguments if they are a JSON string
|
|
299
377
|
if isinstance(arguments, str):
|
|
300
378
|
try:
|
|
379
|
+
# Try to parse as JSON first
|
|
301
380
|
arguments = json.loads(arguments)
|
|
302
|
-
except
|
|
303
|
-
|
|
381
|
+
except json.JSONDecodeError:
|
|
382
|
+
# Handle single quotes in JSON strings
|
|
383
|
+
try:
|
|
384
|
+
# Replace single quotes with double quotes for JSON compatibility
|
|
385
|
+
fixed_json = arguments.replace("'", '"')
|
|
386
|
+
arguments = json.loads(fixed_json)
|
|
387
|
+
except (json.JSONDecodeError, ValueError):
|
|
388
|
+
# If it's a string that looks like it might be a single path parameter,
|
|
389
|
+
# try to handle it gracefully
|
|
390
|
+
if arguments.startswith("{") and arguments.endswith("}"):
|
|
391
|
+
# Looks like JSON but failed to parse - this is likely an error
|
|
392
|
+
pass
|
|
393
|
+
else:
|
|
394
|
+
# Single string argument - let the normalization handle it
|
|
395
|
+
pass
|
|
304
396
|
if self.verbose_tools:
|
|
305
397
|
print(
|
|
306
398
|
f"[tools-adapter] Executing FunctionCallMessagePart: tool={tool_name}, arguments={arguments}, tool_call_id={tool_call_id}"
|
|
@@ -162,7 +162,7 @@ janito/tools/__init__.py,sha256=W1B39PztC2UF7PS2WyLH6el32MFOETMlN1-LurOROCg,1171
|
|
|
162
162
|
janito/tools/disabled_tools.py,sha256=Tx__16wtMWZ9z34cYLdH1gukwot5MCL-9kLjd5MPX6Y,2110
|
|
163
163
|
janito/tools/inspect_registry.py,sha256=Jo7PrMPRKLuR-j_mBAk9PBcTzeJf1eQrS1ChGofgQk0,538
|
|
164
164
|
janito/tools/outline_file.bak.zip,sha256=EeI2cBXCwTdWVgJDNiroxKeYlkjwo6NLKeXz3J-2iZI,15607
|
|
165
|
-
janito/tools/path_security.py,sha256=
|
|
165
|
+
janito/tools/path_security.py,sha256=40b0hV0X3449Dht93A04Q3c9AYSsBQsBFy2BjzM83lA,8214
|
|
166
166
|
janito/tools/permissions.py,sha256=_viTVXyetZC01HjI2s5c3klIJ8-RkWB1ShdOaV__loY,1508
|
|
167
167
|
janito/tools/permissions_parse.py,sha256=LHadt0bWglm9Q2BbbVVbKePg4oa7QLeRQ-ChQZsE_dI,384
|
|
168
168
|
janito/tools/tool_base.py,sha256=TSrXDknqIqOtY3xzuvtsxZ3qwbvmGzUruBiqVzzICfc,3689
|
|
@@ -170,7 +170,7 @@ janito/tools/tool_events.py,sha256=czRtC2TYakAySBZvfHS_Q6_NY_7_krxzAzAL1ggRFWA,1
|
|
|
170
170
|
janito/tools/tool_run_exception.py,sha256=43yWgTaGBGEtRteo6FvTrane6fEVGo9FU1uOdjMRWJE,525
|
|
171
171
|
janito/tools/tool_use_tracker.py,sha256=IaEmA22D6RuL1xMUCScOMGv0crLPwEJVGmj49cydIaM,2662
|
|
172
172
|
janito/tools/tool_utils.py,sha256=alPm9DvtXSw_zPRKvP5GjbebPRf_nfvmWk2TNlL5Cws,1219
|
|
173
|
-
janito/tools/tools_adapter.py,sha256=
|
|
173
|
+
janito/tools/tools_adapter.py,sha256=aPzyJnm1pNwsEKNcXs-gKFurlOaZqzxkiktHOjITp_8,18724
|
|
174
174
|
janito/tools/tools_schema.py,sha256=rGrKrmpPNR07VXHAJ_haGBRRO-YGLOF51BlYRep9AAQ,4415
|
|
175
175
|
janito/tools/adapters/__init__.py,sha256=XKixOKtUJs1R-rGwGDXSLVLg5-Kp090gvWbsseWT4LI,92
|
|
176
176
|
janito/tools/adapters/local/__init__.py,sha256=_nxMg2uPX18DHNtyHR6SDwYMZvDLpy6gyaCt-75unao,2172
|
|
@@ -188,7 +188,7 @@ janito/tools/adapters/local/open_url.py,sha256=WHOJ2TaUVye2iUnrcdu93A_xKBx2lYcK0
|
|
|
188
188
|
janito/tools/adapters/local/python_code_run.py,sha256=UrQ_rv_qVjY1vNdpACDAma5eFbAj_WhvgQjghRpv9hg,6681
|
|
189
189
|
janito/tools/adapters/local/python_command_run.py,sha256=M-TxoGND45zKSMrYPjD6juSo0UhfsilXEBiyQdzQkiI,6621
|
|
190
190
|
janito/tools/adapters/local/python_file_run.py,sha256=OsHc9rpyGWUjLE7Zin9Gl7YOLf9QVe8NoXXcdTkpJyE,6466
|
|
191
|
-
janito/tools/adapters/local/read_files.py,sha256=
|
|
191
|
+
janito/tools/adapters/local/read_files.py,sha256=2wYo60G6FCzpcpiBFv9-XBqSD6j4oO2AUe3v7Gm90kQ,2092
|
|
192
192
|
janito/tools/adapters/local/remove_directory.py,sha256=g1wkHcWNgtv3mfuZ4GfvqtKU3th-Du_058FMcNmc1TA,1830
|
|
193
193
|
janito/tools/adapters/local/remove_file.py,sha256=cSs7EIhEqblnLmwjUKrUq2M8axyT2oTXJqZs5waOAFw,2090
|
|
194
194
|
janito/tools/adapters/local/replace_text_in_file.py,sha256=zFGWORuaw50ZlEFf3q_s7K25Tt0QXu8yOXDeodY6kcE,10791
|
|
@@ -217,9 +217,9 @@ janito/tools/adapters/local/validate_file_syntax/ps1_validator.py,sha256=TeIkPt0
|
|
|
217
217
|
janito/tools/adapters/local/validate_file_syntax/python_validator.py,sha256=BfCO_K18qy92m-2ZVvHsbEU5e11OPo1pO9Vz4G4616E,130
|
|
218
218
|
janito/tools/adapters/local/validate_file_syntax/xml_validator.py,sha256=AijlsP_PgNuC8ZbGsC5vOTt3Jur76otQzkd_7qR0QFY,284
|
|
219
219
|
janito/tools/adapters/local/validate_file_syntax/yaml_validator.py,sha256=TgyI0HRL6ug_gBcWEm5TGJJuA4E34ZXcIzMpAbv3oJs,155
|
|
220
|
-
janito-2.17.
|
|
221
|
-
janito-2.17.
|
|
222
|
-
janito-2.17.
|
|
223
|
-
janito-2.17.
|
|
224
|
-
janito-2.17.
|
|
225
|
-
janito-2.17.
|
|
220
|
+
janito-2.17.1.dist-info/licenses/LICENSE,sha256=GSAKapQH5ZIGWlpQTA7v5YrfECyaxaohUb1vJX-qepw,1090
|
|
221
|
+
janito-2.17.1.dist-info/METADATA,sha256=-5Gl5IbWdd_Fi-ecNEpqQgWNe5O_e_ZuKPKeZimz-zg,16365
|
|
222
|
+
janito-2.17.1.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
|
|
223
|
+
janito-2.17.1.dist-info/entry_points.txt,sha256=wIo5zZxbmu4fC-ZMrsKD0T0vq7IqkOOLYhrqRGypkx4,48
|
|
224
|
+
janito-2.17.1.dist-info/top_level.txt,sha256=m0NaVCq0-ivxbazE2-ND0EA9Hmuijj_OGkmCbnBcCig,7
|
|
225
|
+
janito-2.17.1.dist-info/RECORD,,
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|