farcasclaudiu/Flowise
1
0
Fork 0
mirror of https://github.com/farcasclaudiu/Flowise.git synced 2026-06-28 19:00:59 +03:00
Code Issues Packages Projects Releases Wiki Activity

Refractor/SecureZodSchemaParser (#4898)

Browse Source 
* refactor: Implement SecureZodSchemaParser for safe Zod schema handling and add FilterParser for Supabase filters

* Replaced direct Zod schema evaluation with SecureZodSchemaParser in StructuredOutputParserAdvanced and CustomTool.
* Introduced FilterParser to safely handle Supabase filter strings, preventing arbitrary code execution.
* Added new filterParser.ts file to encapsulate filter parsing logic.
* Updated Supabase vector store to utilize the new FilterParser for RPC filters.
* Created secureZodParser.ts for secure parsing of Zod schemas.

* remove console log
This commit is contained in:
Henry Heng
2025-07-19 01:11:31 +01:00
committed by GitHub
parent fbe9f34a60
commit 96a57a58e7
5 changed files with 536 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files
packages/components/nodes/vectorstores/Supabase/Supabase.ts
+3 -6
View File
@@ -3,11 +3,12 @@ import { v4 as uuidv4 } from 'uuid'
import { createClient } from '@supabase/supabase-js'
import { Document } from '@langchain/core/documents'
import { Embeddings } from '@langchain/core/embeddings'
import { SupabaseVectorStore, SupabaseLibArgs, SupabaseFilterRPCCall } from '@langchain/community/vectorstores/supabase'
import { SupabaseVectorStore, SupabaseLibArgs } from '@langchain/community/vectorstores/supabase'
import { ICommonObject, INode, INodeData, INodeOutputsValue, INodeParams, IndexingResult } from '../../../src/Interface'
import { getBaseClasses, getCredentialData, getCredentialParam } from '../../../src/utils'
import { addMMRInputParams, resolveVectorStoreOrRetriever } from '../VectorStoreUtils'
import { index } from '../../../src/indexing'
import { FilterParser } from './filterParser'
class Supabase_VectorStores implements INode {
label: string
@@ -233,11 +234,7 @@ class Supabase_VectorStores implements INode {
}
if (supabaseRPCFilter) {
const funcString = `return rpc.${supabaseRPCFilter};`
const funcFilter = new Function('rpc', funcString)
obj.filter = (rpc: SupabaseFilterRPCCall) => {
return funcFilter(rpc)
}
obj.filter = FilterParser.parseFilterString(supabaseRPCFilter)
}
const vectorStore = await SupabaseVectorStore.fromExistingIndex(embeddings, obj)