langchain

mirror of https://github.com/kennethreitz/langchain.git synced 2026-06-05 23:00:18 +00:00

Files

T

Predrag Gruevski 6c308aabae Use the GitHub-suggested safer pattern for shell interpolation. (#9567 )

Using `${{ }}` to construct shell commands is risky, since the `${{ }}`
interpolation runs first and ignores shell quoting rules. This means
that shell commands that look safely quoted, like `echo "${{
github.event.issue.title }}"`, are actually vulnerable to shell
injection.

More details here:
https://github.blog/2023-08-09-four-tips-to-keep-your-github-actions-workflows-secure/

2023-08-21 17:59:10 -04:00

actions/poetry_setup

Use the GitHub-suggested safer pattern for shell interpolation. (#9567 )

2023-08-21 17:59:10 -04:00

ISSUE_TEMPLATE

Reminder to not report security issues as "bug" type issues. (#9554 )

2023-08-21 15:48:33 -04:00

tools

Cache black formatting information across CI runs. (#9413 )

2023-08-18 09:49:50 -04:00

workflows

Use PyPI Trusted Publishing to publish langchain packages. (#9467 )

2023-08-21 14:44:29 -04:00

CONTRIBUTING.md

Upgrade CI poetry version to 1.5.1. (#9479 )

2023-08-21 10:35:56 -04:00

PULL_REQUEST_TEMPLATE.md

update pr temp (#9062 )

2023-08-10 11:10:06 -07:00