andre/crewAI
1
0
Fork 0
mirror of https://github.com/crewAIInc/crewAI.git synced 2026-05-07 18:19:00 +00:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity
Files
a6378961f055f69196045a02f85b05de8e07759d
crewAI/lib/crewai/tests
History
Devin AI a6378961f0 fix: prevent path traversal in knowledge source file paths (#4547) 
Add path boundary validation in convert_to_path() to ensure resolved
paths stay within the knowledge directory. This prevents attackers from
using '../' sequences to read arbitrary files outside the knowledge dir.

Fixes:
- BaseFileKnowledgeSource.convert_to_path()
- ExcelKnowledgeSource.convert_to_path()
- CrewDoclingSource.validate_content() inline path construction

Added tests covering path traversal rejection and valid path acceptance.

Co-Authored-By: João <joao@crewai.com>
2026-02-20 12:56:20 +00:00
..
a2a
feat: add a2a liteagent, auth, transport negotiation, and file support
2026-01-30 17:10:00 -05:00
agents
supporting parallel tool use (#4513)
2026-02-19 14:07:28 -08:00
cassettes
supporting parallel tool use (#4513)
2026-02-19 14:07:28 -08:00
cli
Implement user input handling in Flows (#4490)
2026-02-16 18:41:03 -03:00
config
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
crew
feat: async crew support
2025-12-04 16:53:19 -05:00
events
Fix tool error causing double event scope pop (#4373)
2026-02-04 20:34:08 -03:00
experimental
fix: ensure otel span is closed
2025-12-05 13:23:26 -05:00
hooks
feat: implement before and after tool call hooks in CrewAgentExecutor… (#4287)
2026-01-27 14:56:50 -08:00
knowledge
fix: prevent path traversal in knowledge source file paths (#4547)
2026-02-20 12:56:20 +00:00
llms
supporting prompt cache results show (#4447)
2026-02-11 14:07:15 -08:00
mcp
fix: remove invalid param from sse client (#3980)
2025-11-26 21:37:55 -08:00
memory
New Unified Memory System (#4420)
2026-02-13 21:34:37 -03:00
pipeline
chore: restructure test env, cassettes, and conftest; fix flaky tests
2025-11-29 16:55:24 -05:00
project
fix: hash callback args correctly to ensure caching works
2025-11-05 07:19:09 -05:00
rag
New Unified Memory System (#4420)
2026-02-13 21:34:37 -03:00
security
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
storage
New Unified Memory System (#4420)
2026-02-13 21:34:37 -03:00
task
feat: async task support (#4024)
2025-12-04 13:34:29 -08:00
telemetry
fix: ensure otel span is closed
2025-12-05 13:23:26 -05:00
tools
Fix tool error causing double event scope pop (#4373)
2026-02-04 20:34:08 -03:00
tracing
chore: restructure test env, cassettes, and conftest; fix flaky tests
2025-11-29 16:55:24 -05:00
utilities
imp compaction (#4399)
2026-02-11 15:52:03 -08:00
__init__.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
test_agent_multimodal.py
feat: native multimodal file handling; openai responses api
2026-01-23 15:13:25 -05:00
test_async_human_feedback.py
Adding HITL for Flows (#4143)
2025-12-25 21:04:10 -03:00
test_context.py
Lorenze/imp/native tool calling (#4258)
2026-01-22 17:44:03 -08:00
test_crew_multimodal.py
feat: native multimodal file handling; openai responses api
2026-01-23 15:13:25 -05:00
test_crew_thread_safety.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
test_crew.py
New Unified Memory System (#4420)
2026-02-13 21:34:37 -03:00
test_custom_llm.py
feat: async llm support
2025-12-01 18:56:56 -05:00
test_flow_ask.py
Implement user input handling in Flows (#4490)
2026-02-16 18:41:03 -03:00
test_flow_default_override.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
test_flow_human_input_integration.py
refactor: extract hitl to provider pattern
2026-02-04 15:40:22 -05:00
test_flow_multimodal.py
feat: native multimodal file handling; openai responses api
2026-01-23 15:13:25 -05:00
test_flow_persistence.py
Lorenze/enh decouple executor from crew (#4209)
2026-01-20 21:44:45 -08:00
test_flow_resumability_regression.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
test_flow_visualization.py
fix: ensure fuzzy returns are more strict, show type warning
2025-11-24 17:35:12 -05:00
test_flow.py
Fix cyclic flows silently breaking when persistence ID is passed in inputs (#4501)
2026-02-18 03:27:24 -03:00
test_hallucination_guardrail.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
test_human_feedback_decorator.py
New Unified Memory System (#4420)
2026-02-13 21:34:37 -03:00
test_human_feedback_integration.py
Enhance HITL self-loop functionality in human feedback integration tests (#4493)
2026-02-15 21:54:42 -05:00
test_imports.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
test_llm.py
feat: native multimodal file handling; openai responses api
2026-01-23 15:13:25 -05:00
test_markdown_task.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
test_multimodal_validation.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00
test_project.py
chore: restructure test env, cassettes, and conftest; fix flaky tests
2025-11-29 16:55:24 -05:00
test_streaming_integration.py
chore: restructure test env, cassettes, and conftest; fix flaky tests
2025-11-29 16:55:24 -05:00
test_streaming.py
Add call_id to LLM events for correlating requests (#4281)
2026-02-03 10:10:33 -03:00
test_task_guardrails.py
fix: resolve race condition in guardrail event emission test
2026-02-03 09:06:48 -05:00
test_task.py
fix: gracefully terminate the future when executing a task async
2025-12-11 12:03:33 -05:00
utils.py
Release/v1.0.0 (#3618)
2025-10-20 14:10:19 -07:00