andre/crewAI
1
0
Fork 0
mirror of https://github.com/crewAIInc/crewAI.git synced 2026-05-07 18:19:00 +00:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity
Files
27d579041ae761c5ab2438b2d2512f0d529abf6c
crewAI/lib/crewai/tests
History
Devin AI 31c174e1a4 feat: add governance policy framework for ungoverned call sites (OWASP Agentic Top 10) 
Addresses issue #5280 - Security audit identified 266 ungoverned call sites
that could benefit from governance checks per OWASP Agentic Top 10 standards.

Changes:
- Add security/governance.py with SubprocessPolicy, HttpPolicy, ToolPolicy,
  GovernanceConfig classes supporting allowlist/blocklist and custom validators
- Integrate governance into SecurityConfig for crew-level configuration
- Add subprocess governance check in agent _validate_docker_installation
- Add tool governance checks in execute_tool_and_check_finality (sync/async)
- Add tool governance checks in crew_agent_executor native tool call path
- Export governance types from security module
- Add 42 comprehensive tests covering all policy types and integration points

Governance is permissive by default (allows all) to maintain backward
compatibility. Users can configure policies to restrict operations.

Co-Authored-By: João <joao@crewai.com>
2026-04-05 06:05:21 +00:00
..
a2a
feat(a2ui): add A2UI extension with v0.8/v0.9 support, schemas, and docs
2026-04-02 04:46:07 +08:00
agents
Revert "refactor: remove unused and methods from (#5172)" (#5243)
2026-04-02 18:02:59 -04:00
cassettes
feat: emit token usage data in LLMCallCompletedEvent
2026-04-01 00:18:36 +08:00
cli
fix: add tool repository credentials to uv build in tool publish (#5223)
2026-04-02 17:52:08 -03:00
config
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
crew
feat: async crew support
2025-12-04 16:53:19 -05:00
events
feat: emit token usage data in LLMCallCompletedEvent
2026-04-01 00:18:36 +08:00
experimental
fix: ensure otel span is closed
2025-12-05 13:23:26 -05:00
hooks
feat: implement before and after tool call hooks in CrewAgentExecutor… (#4287)
2026-01-27 14:56:50 -08:00
knowledge
refactor: replace InstanceOf[T] with plain type annotations
2026-03-31 08:11:21 +08:00
llms
refactor: convert LLM classes to Pydantic BaseModel
2026-03-31 07:07:11 +08:00
mcp
Addressing MCP tools resolutions & eliminates all shared mutable connection (#4792)
2026-03-10 14:00:40 -04:00
memory
feat: add Qdrant Edge storage backend for memory system
2026-03-25 23:42:09 +08:00
pipeline
chore: restructure test env, cassettes, and conftest; fix flaky tests
2025-11-29 16:55:24 -05:00
project
fix: hash callback args correctly to ensure caching works
2025-11-05 07:19:09 -05:00
rag
refactor: replace InstanceOf[T] with plain type annotations
2026-03-31 08:11:21 +08:00
security
feat: add governance policy framework for ungoverned call sites (OWASP Agentic Top 10)
2026-04-05 06:05:21 +00:00
skills
feat: agent skills
2026-03-24 19:03:35 +08:00
storage
New Unified Memory System (#4420)
2026-02-13 21:34:37 -03:00
task
feat: async task support (#4024)
2025-12-04 13:34:29 -08:00
telemetry
fix(telemetry): skip signal handler registration in non-main threads
2026-03-02 07:42:55 -05:00
tools
fix: pass cache_function from BaseTool to CrewStructuredTool
2026-03-20 16:04:52 -04:00
tracing
perf: reduce framework overhead — lazy event bus, skip tracing when disabled (#5187)
2026-04-01 14:17:57 -03:00
utilities
feat: emit token usage data in LLMCallCompletedEvent
2026-04-01 00:18:36 +08:00
__init__.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
test_agent_multimodal.py
Lorenze/feat/plan execute pattern (#4817)
2026-03-15 18:33:17 -07:00
test_async_human_feedback.py
refactor: convert Flow to Pydantic BaseModel
2026-04-01 03:48:41 +08:00
test_callback.py
refactor: replace Any-typed callback and model fields with serializable types
2026-03-20 15:18:50 -04:00
test_context.py
Lorenze/imp/native tool calling (#4258)
2026-01-22 17:44:03 -08:00
test_crew_multimodal.py
feat: native multimodal file handling; openai responses api
2026-01-23 15:13:25 -05:00
test_crew_thread_safety.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
test_crew.py
fix: propagate contextvars across all thread and executor boundaries
2026-03-13 00:32:22 -04:00
test_custom_llm.py
feat: async llm support
2025-12-01 18:56:56 -05:00
test_flow_ask.py
Implement user input handling in Flows (#4490)
2026-02-16 18:41:03 -03:00
test_flow_default_override.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
test_flow_human_input_integration.py
refactor: extract hitl to provider pattern
2026-02-04 15:40:22 -05:00
test_flow_multimodal.py
feat: native multimodal file handling; openai responses api
2026-01-23 15:13:25 -05:00
test_flow_persistence.py
Lorenze/enh decouple executor from crew (#4209)
2026-01-20 21:44:45 -08:00
test_flow_resumability_regression.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
test_flow_serializer.py
fix: use __router_paths__ for listener+router methods in FlowMeta (#5064)
2026-03-25 03:42:39 -03:00
test_flow_visualization.py
fix: ensure fuzzy returns are more strict, show type warning
2025-11-24 17:35:12 -05:00
test_flow.py
fix: add missing list/dict methods to LockedListProxy and LockedDictProxy
2026-03-09 09:38:35 -04:00
test_hallucination_guardrail.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
test_human_feedback_decorator.py
fix: preserve method return value as flow output for @human_feedback with emit (#5099)
2026-03-26 03:28:17 -03:00
test_human_feedback_integration.py
fix: preserve method return value as flow output for @human_feedback with emit (#5099)
2026-03-26 03:28:17 -03:00
test_imports.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
test_llm.py
feat: emit token usage data in LLMCallCompletedEvent
2026-04-01 00:18:36 +08:00
test_markdown_task.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
test_multimodal_validation.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
test_project.py
refactor: convert LLM classes to Pydantic BaseModel
2026-03-31 07:07:11 +08:00
test_streaming_integration.py
chore: restructure test env, cassettes, and conftest; fix flaky tests
2025-11-29 16:55:24 -05:00
test_streaming.py
Add call_id to LLM events for correlating requests (#4281)
2026-02-03 10:10:33 -03:00
test_task_guardrails.py
fix: resolve race condition in guardrail event emission test
2026-02-03 09:06:48 -05:00
test_task.py
fix: map output_pydantic/output_json to native structured output
2026-02-25 17:13:34 -05:00
utils.py
fix: add GPT-5 and o-series to multimodal vision prefixes (#5183)
2026-04-01 18:08:37 -03:00