kailash 0.6.3__py3-none-any.whl → 0.6.5__py3-none-any.whl

kailash/nodes/code/python.py

@@ -145,14 +145,44 @@ class SafeCodeChecker(ast.NodeVisitor):
                         "message": f"Import from module '{module_name}' is not allowed",
                     }
                 )
+            else:
+                # Check for dangerous function imports from allowed modules
+                dangerous_imports = {
+                    "os": {"system", "popen", "execv", "execl", "spawn"},
+                    "subprocess": {"run", "call", "check_call", "Popen"},
+                    "__builtin__": {"eval", "exec", "compile", "__import__"},
+                    "builtins": {"eval", "exec", "compile", "__import__"},
+                }
+
+                if module_name in dangerous_imports:
+                    for alias in node.names:
+                        import_name = alias.name
+                        if import_name in dangerous_imports[module_name]:
+                            self.violations.append(
+                                {
+                                    "type": "dangerous_import",
+                                    "module": module_name,
+                                    "function": import_name,
+                                    "line": node.lineno,
+                                    "message": f"Import of dangerous function '{import_name}' from module '{module_name}' is not allowed",
+                                }
+                            )
         self.generic_visit(node)
 
     def visit_Call(self, node):
         """Check function calls."""
         if isinstance(node.func, ast.Name):
             func_name = node.func.id
-            # Check for dangerous built-in functions
-            if func_name in {"eval", "exec", "compile"}:
+            # Check for dangerous built-in functions and imported dangerous functions
+            dangerous_functions = {
+                "eval",
+                "exec",
+                "compile",  # Built-in dangerous functions
+                "system",
+                "popen",  # os module dangerous functions
+                "__import__",  # Dynamic import function
+            }
+            if func_name in dangerous_functions:
                 self.violations.append(
                     {
                         "type": "function_call",
@@ -236,6 +266,7 @@ class CodeExecutor:
             "zip",
             "print",  # Allow print for debugging
             "hasattr",  # For attribute checking
+            "hash",  # For hashing operations
             # Exception classes for proper error handling
             "Exception",
             "ValueError",
@@ -449,15 +480,29 @@ class CodeExecutor:
         Raises:
             NodeExecutionError: If function execution fails
         """
+        # Sanitize inputs for security
+        sanitized_inputs = validate_node_parameters(inputs, self.security_config)
+
         try:
             # Get function signature
             sig = inspect.signature(func)
 
             # Map inputs to function parameters
             kwargs = {}
+            extra_kwargs = {}
+
+            # Check if function accepts **kwargs
+            accepts_var_keyword = any(
+                param.kind == inspect.Parameter.VAR_KEYWORD
+                for param in sig.parameters.values()
+            )
+
             for param_name, param in sig.parameters.items():
-                if param_name in inputs:
-                    kwargs[param_name] = inputs[param_name]
+                if param.kind == inspect.Parameter.VAR_KEYWORD:
+                    # This is **kwargs parameter, skip it
+                    continue
+                elif param_name in sanitized_inputs:
+                    kwargs[param_name] = sanitized_inputs[param_name]
                 elif param.default is not param.empty:
                     # Use default value
                     continue
@@ -466,6 +511,15 @@ class CodeExecutor:
                         f"Missing required parameter: {param_name}"
                     )
 
+            # Collect extra parameters if function accepts **kwargs
+            if accepts_var_keyword:
+                for key, value in sanitized_inputs.items():
+                    if key not in kwargs:
+                        extra_kwargs[key] = value
+
+                # Merge regular kwargs and extra kwargs
+                kwargs.update(extra_kwargs)
+
             # Execute function
             return func(**kwargs)
 
@@ -520,10 +574,44 @@ class FunctionWrapper:
             if param_name == "self":
                 continue
 
+            # Skip **kwargs parameter - it's handled separately
+            if param.kind == inspect.Parameter.VAR_KEYWORD:
+                continue
+
             param_type = self.type_hints.get(param_name, Any)
             input_types[param_name] = param_type
         return input_types
 
+    def get_parameter_info(self) -> dict[str, dict[str, Any]]:
+        """Extract detailed parameter information including defaults.
+
+        Returns:
+            Dictionary mapping parameter names to info dict with 'type' and 'has_default'
+        """
+        param_info = {}
+        for param_name, param in self.signature.parameters.items():
+            # Skip self parameter for class methods
+            if param_name == "self":
+                continue
+
+            # Skip **kwargs parameter - it's handled separately
+            if param.kind == inspect.Parameter.VAR_KEYWORD:
+                continue
+
+            param_info[param_name] = {
+                "type": self.type_hints.get(param_name, Any),
+                "has_default": param.default is not param.empty,
+                "default": param.default if param.default is not param.empty else None,
+            }
+        return param_info
+
+    def accepts_var_keyword(self) -> bool:
+        """Check if function accepts **kwargs."""
+        return any(
+            param.kind == inspect.Parameter.VAR_KEYWORD
+            for param in self.signature.parameters.values()
+        )
+
     def get_output_type(self) -> type:
         """Extract output type from function signature.
 
@@ -672,6 +760,36 @@ class ClassWrapper:
             input_types[param_name] = param_type
         return input_types
 
+    def get_parameter_info(self) -> dict[str, dict[str, Any]]:
+        """Extract detailed parameter information including defaults.
+
+        Returns:
+            Dictionary mapping parameter names to info dict with 'type' and 'has_default'
+        """
+        param_info = {}
+        for param_name, param in self.signature.parameters.items():
+            # Skip self parameter
+            if param_name == "self":
+                continue
+
+            # Skip **kwargs parameter - it's handled separately
+            if param.kind == inspect.Parameter.VAR_KEYWORD:
+                continue
+
+            param_info[param_name] = {
+                "type": self.type_hints.get(param_name, Any),
+                "has_default": param.default is not param.empty,
+                "default": param.default if param.default is not param.empty else None,
+            }
+        return param_info
+
+    def accepts_var_keyword(self) -> bool:
+        """Check if method accepts **kwargs."""
+        return any(
+            param.kind == inspect.Parameter.VAR_KEYWORD
+            for param in self.signature.parameters.values()
+        )
+
     def get_output_type(self) -> type:
         """Extract output type from method signature."""
         return self.type_hints.get("return", Any)
@@ -829,6 +947,7 @@ class PythonCodeNode(Node):
         output_schema: dict[str, "NodeParameter"] | None = None,
         description: str | None = None,
         max_code_lines: int = 10,
+        validate_security: bool = False,
         **kwargs,
     ):
         """Initialize a Python code node.
@@ -845,6 +964,7 @@ class PythonCodeNode(Node):
             output_schema: Explicit output parameter schema for validation
             description: Node description
             max_code_lines: Maximum lines before warning (default: 10)
+            validate_security: If True, validate code security at creation time (default: False)
             **kwargs: Additional node parameters
         """
         # Validate inputs
@@ -889,6 +1009,10 @@ class PythonCodeNode(Node):
         # Initialize executor
         self.executor = CodeExecutor()
 
+        # Validate code security if requested
+        if validate_security and self.code:
+            self.executor.check_code_safety(self.code)
+
         # Create metadata (avoiding conflicts with kwargs)
         if "metadata" not in kwargs:
             kwargs["metadata"] = NodeMetadata(
@@ -938,34 +1062,47 @@ class PythonCodeNode(Node):
             )
 
         # If we have a function/class, extract parameter info
+        # This overrides the basic input_types to include default parameter information
         if self.function:
             wrapper = FunctionWrapper(self.function, self.executor)
-            for name, type_ in wrapper.get_input_types().items():
-                if name not in parameters:
-                    # Use Any type for complex types to avoid validation issues
-                    param_type = Any if hasattr(type_, "__origin__") else type_
-
-                    parameters[name] = NodeParameter(
-                        name=name,
-                        type=param_type,
-                        required=True,
-                        description=f"Input parameter {name}",
-                    )
+            for name, param_info in wrapper.get_parameter_info().items():
+                # Use Any type for complex types to avoid validation issues
+                param_type = param_info["type"]
+                param_type = Any if hasattr(param_type, "__origin__") else param_type
+
+                # Override existing parameter or add new one with correct required flag
+                parameters[name] = NodeParameter(
+                    name=name,
+                    type=param_type,
+                    required=not param_info[
+                        "has_default"
+                    ],  # Fixed: respect default values
+                    description=f"Input parameter {name}",
+                    default=(
+                        param_info["default"] if param_info["has_default"] else None
+                    ),
+                )
         elif self.class_type and self.process_method:
             wrapper = ClassWrapper(
                 self.class_type, self.process_method or "process", self.executor
             )
-            for name, type_ in wrapper.get_input_types().items():
-                if name not in parameters:
-                    # Use Any type for complex types to avoid validation issues
-                    param_type = Any if hasattr(type_, "__origin__") else type_
-
-                    parameters[name] = NodeParameter(
-                        name=name,
-                        type=param_type,
-                        required=True,
-                        description=f"Input parameter {name}",
-                    )
+            for name, param_info in wrapper.get_parameter_info().items():
+                # Use Any type for complex types to avoid validation issues
+                param_type = param_info["type"]
+                param_type = Any if hasattr(param_type, "__origin__") else param_type
+
+                # Override existing parameter or add new one with correct required flag
+                parameters[name] = NodeParameter(
+                    name=name,
+                    type=param_type,
+                    required=not param_info[
+                        "has_default"
+                    ],  # Fixed: respect default values
+                    description=f"Input parameter {name}",
+                    default=(
+                        param_info["default"] if param_info["has_default"] else None
+                    ),
+                )
 
         return parameters
 
@@ -985,6 +1122,21 @@ class PythonCodeNode(Node):
         if self.code:
             return kwargs
 
+        # Check if function/class accepts **kwargs
+        accepts_var_keyword = False
+        if self.function:
+            wrapper = FunctionWrapper(self.function, self.executor)
+            accepts_var_keyword = wrapper.accepts_var_keyword()
+        elif self.class_type:
+            wrapper = ClassWrapper(
+                self.class_type, self.process_method or "process", self.executor
+            )
+            accepts_var_keyword = wrapper.accepts_var_keyword()
+
+        # If function accepts **kwargs, pass through all inputs
+        if accepts_var_keyword:
+            return kwargs
+
         # Otherwise use standard validation for function/class nodes
         return super().validate_inputs(**kwargs)
 
@@ -1429,12 +1581,24 @@ class PythonCodeNode(Node):
 
                 # Add suggestions from violations
                 for violation in violations:
-                    if violation["type"] in ["import", "import_from"]:
-                        module_info = self.check_module_availability(
-                            violation["module"]
-                        )
+                    if violation["type"] in [
+                        "import",
+                        "import_from",
+                        "dangerous_import",
+                    ]:
+                        module = violation.get("module", "unknown")
+                        module_info = self.check_module_availability(module)
                         result["suggestions"].extend(module_info["suggestions"])
 
+        except SafetyViolationError as e:
+            # Safety violations should mark code as invalid, not just warnings
+            result["valid"] = False
+            result["safety_violations"].append(
+                {"type": "safety_error", "message": str(e), "line": 1}
+            )
+            result["suggestions"].append(
+                "Fix security violations before using this code."
+            )
         except Exception as e:
             result["warnings"].append(f"Could not complete safety check: {e}")
 

kailash/nodes/compliance/data_retention.py

@@ -122,7 +122,7 @@ class DataRetentionPolicyNode(SecurityMixin, PerformanceMixin, LoggingMixin, Nod
         ...     {"id": "session_456", "type": "session_logs", "created": "2022-01-01", "size": 512}
         ... ]
         >>>
-        >>> result = retention_node.run(
+        >>> result = retention_node.execute(
         ...     action="apply_policy",
         ...     data_type="user_data",
         ...     data_records=data_records
@@ -130,7 +130,7 @@ class DataRetentionPolicyNode(SecurityMixin, PerformanceMixin, LoggingMixin, Nod
         >>> print(f"Actions taken: {result['actions_taken']}")
         >>>
         >>> # Scan for expired data
-        >>> scan_result = retention_node.run(
+        >>> scan_result = retention_node.execute(
         ...     action="scan_expired",
         ...     data_types=["user_data", "session_logs"]
         ... )
@@ -430,11 +430,11 @@ class DataRetentionPolicyNode(SecurityMixin, PerformanceMixin, LoggingMixin, Nod
 
     async def async_run(self, **kwargs) -> Dict[str, Any]:
         """Async wrapper for run method."""
-        return self.run(**kwargs)
+        return self.execute(**kwargs)
 
     async def execute_async(self, **kwargs) -> Dict[str, Any]:
         """Async execution method for test compatibility."""
-        return self.run(**kwargs)
+        return self.execute(**kwargs)
 
     def _apply_retention_policy(
         self, data_type: str, data_records: List[Dict[str, Any]]
@@ -1351,7 +1351,7 @@ class DataRetentionPolicyNode(SecurityMixin, PerformanceMixin, LoggingMixin, Nod
         }
 
         try:
-            self.audit_log_node.run(**audit_entry)
+            self.audit_log_node.execute(**audit_entry)
         except Exception as e:
             self.log_with_context("WARNING", f"Failed to audit retention action: {e}")
 
@@ -1375,7 +1375,7 @@ class DataRetentionPolicyNode(SecurityMixin, PerformanceMixin, LoggingMixin, Nod
         }
 
         try:
-            self.security_event_node.run(**security_event)
+            self.security_event_node.execute(**security_event)
         except Exception as e:
             self.log_with_context("WARNING", f"Failed to log security event: {e}")
 

kailash/nodes/compliance/gdpr.py

@@ -152,7 +152,7 @@ class GDPRComplianceNode(SecurityMixin, PerformanceMixin, LoggingMixin, Node):
         ...     "address": "123 Main St"
         ... }
         >>>
-        >>> result = gdpr_node.run(
+        >>> result = gdpr_node.execute(
         ...     action="check_compliance",
         ...     data_type="user_profile",
         ...     data=data
@@ -160,7 +160,7 @@ class GDPRComplianceNode(SecurityMixin, PerformanceMixin, LoggingMixin, Node):
         >>> print(f"Compliance: {result['compliant']}")
         >>>
         >>> # Process data subject request
-        >>> request_result = gdpr_node.run(
+        >>> request_result = gdpr_node.execute(
         ...     action="process_data_subject_request",
         ...     request_type="erasure",
         ...     user_id="user123"
@@ -515,7 +515,7 @@ class GDPRComplianceNode(SecurityMixin, PerformanceMixin, LoggingMixin, Node):
 
     async def execute_async(self, **kwargs) -> Dict[str, Any]:
         """Async execution method for test compatibility."""
-        return self.run(**kwargs)
+        return self.execute(**kwargs)
 
     def _check_data_compliance(
         self, data_type: str, data: Dict[str, Any]
@@ -1523,7 +1523,7 @@ RESPONSE FORMAT:
 """
 
             # Run AI analysis
-            ai_response = self.ai_agent.run(
+            ai_response = self.ai_agent.execute(
                 provider="ollama",
                 model=self.ai_model.replace("ollama:", ""),
                 messages=[{"role": "user", "content": prompt}],
@@ -1749,7 +1749,7 @@ RESPONSE FORMAT:
         }
 
         try:
-            self.audit_log_node.run(**audit_entry)
+            self.audit_log_node.execute(**audit_entry)
         except Exception as e:
             self.log_with_context(
                 "WARNING", f"Failed to audit data subject request: {e}"

kailash/nodes/data/__init__.py

@@ -91,12 +91,16 @@ from kailash.nodes.data.async_vector import AsyncPostgreSQLVectorNode
 from kailash.nodes.data.directory import DirectoryReaderNode
 from kailash.nodes.data.event_generation import EventGeneratorNode
 from kailash.nodes.data.file_discovery import FileDiscoveryNode
+from kailash.nodes.data.query_router import QueryRouterNode
 from kailash.nodes.data.readers import (
     CSVReaderNode,
     DocumentProcessorNode,
     JSONReaderNode,
     TextReaderNode,
 )
+
+# Redis
+from kailash.nodes.data.redis import RedisNode
 from kailash.nodes.data.retrieval import HybridRetrieverNode, RelevanceScorerNode
 from kailash.nodes.data.sharepoint_graph import (
     SharePointGraphReader,
@@ -115,6 +119,7 @@ from kailash.nodes.data.vector_db import (
     TextSplitterNode,
     VectorDatabaseNode,
 )
+from kailash.nodes.data.workflow_connection_pool import WorkflowConnectionPool
 from kailash.nodes.data.writers import CSVWriterNode, JSONWriterNode, TextWriterNode
 
 __all__ = [
@@ -143,6 +148,8 @@ __all__ = [
     "HybridRetrieverNode",
     # SQL
     "SQLDatabaseNode",
+    # Redis
+    "RedisNode",
     # Vector DB
     "EmbeddingNode",
     "VectorDatabaseNode",
@@ -157,4 +164,7 @@ __all__ = [
     "AsyncConnectionManager",
     "get_connection_manager",
     "AsyncPostgreSQLVectorNode",
+    # Connection Pool & Query Routing
+    "WorkflowConnectionPool",
+    "QueryRouterNode",
 ]