Skip to content

refactor(nano): improve custom imports#1348

Merged
glevco merged 1 commit intomasterfrom
refactor/nano/imports
Aug 8, 2025
Merged

refactor(nano): improve custom imports#1348
glevco merged 1 commit intomasterfrom
refactor/nano/imports

Conversation

@glevco
Copy link
Contributor

@glevco glevco commented Aug 5, 2025
edited
Loading

Depends on #1347

Motivation

This PR provides a few improvements in how the custom __import__ function is provided for blueprints. Currently, it uses the actual builtins.__import__ function internally, but this is not necessary, as we can simply return the allowed and pre-imported objects directly. This adds a new security layer as now it's impossible to call the builtin function, even indirectly, from blueprints.

It also moves the ALLOWED_IMPORTS objects to its own file, to improve organization, and it will be easier to implement custom shells for the allowed objects in a future PR, to provide immutability.

Acceptance Criteria

  • Move ALLOWED_IMPORTS to its own file, and provide the pre-imported objects in it.
  • Update custom builtins to return the pre-imported objects directly, instead of using the builtins.__import__ function itself.
  • Update exposed properties test to not skip the typing module — it works, and finds more exposed cases.

Checklist

  • If you are requesting a merge into master, confirm this code is production-ready and can be included in future releases as soon as it gets merged

@glevco glevco self-assigned this Aug 5, 2025
@glevco glevco requested a review from jansegre as a code owner August 5, 2025 19:43
@glevco glevco requested a review from msbrogli as a code owner August 5, 2025 19:43
@glevco glevco moved this from Todo to In Progress (WIP) in Hathor Network Aug 5, 2025
@glevco glevco force-pushed the refactor/nano/imports branch 2 times, most recently from 8a12406 to caa70ac Compare August 5, 2025 20:34
@glevco glevco moved this from In Progress (WIP) to In Progress (Done) in Hathor Network Aug 5, 2025
msbrogli
msbrogli previously approved these changes Aug 6, 2025
View reviewed changes
@github-project-automation github-project-automation bot moved this from In Progress (Done) to In Review (WIP) in Hathor Network Aug 6, 2025
@codecov
Copy link

codecov bot commented Aug 6, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 85.71%. Comparing base (48ac10a) to head (aca527d).
⚠️ Report is 1 commits behind head on master.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #1348      +/-   ##
==========================================
+ Coverage   85.69%   85.71%   +0.01%     
==========================================
  Files         425      426       +1     
  Lines       32259    32270      +11     
  Branches     5025     5025              
==========================================
+ Hits        27645    27660      +15     
+ Misses       3602     3600       -2     
+ Partials     1012     1010       -2

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@glevco glevco changed the base branch from glevco/my-master to feat/nano/ocb-restrictions August 7, 2025 01:02
@glevco glevco force-pushed the refactor/nano/imports branch from caa70ac to 32b8694 Compare August 7, 2025 01:03
@glevco glevco force-pushed the feat/nano/ocb-restrictions branch from ca71a4d to c42478c Compare August 7, 2025 15:27
jansegre
jansegre previously approved these changes Aug 7, 2025
View reviewed changes
@glevco glevco force-pushed the feat/nano/ocb-restrictions branch from c42478c to a642840 Compare August 7, 2025 19:47
@glevco glevco moved this from In Review (WIP) to In Review (Done) in Hathor Network Aug 7, 2025
@glevco glevco force-pushed the refactor/nano/imports branch from 32b8694 to e880df3 Compare August 7, 2025 19:49
@glevco glevco changed the base branch from feat/nano/ocb-restrictions to master August 7, 2025 21:11
@glevco glevco dismissed stale reviews from jansegre and msbrogli August 7, 2025 21:11

The base branch was changed.

@glevco glevco force-pushed the refactor/nano/imports branch from e880df3 to aca527d Compare August 7, 2025 21:11
@github-actions
Copy link

github-actions bot commented Aug 7, 2025

🐰 Bencher Report

Branchrefactor/nano/imports
Testbedubuntu-22.04
Click to view all benchmark results
BenchmarkLatencyBenchmark Result
minutes (m)
(Result Δ%)		Lower Boundary
minutes (m)
(Limit %)		Upper Boundary
minutes (m)
(Limit %)
sync-v2 (up to 20000 blocks)📈 view plot
🚷 view threshold		1.71 m
(+3.78%)Baseline: 1.64 m
1.48 m
(86.72%)		1.81 m
(94.34%)
🐰 View full continuous benchmarking report in Bencher

@github-project-automation github-project-automation bot moved this from In Review (Done) to In Review (WIP) in Hathor Network Aug 7, 2025
@glevco glevco moved this from In Review (WIP) to In Review (Done) in Hathor Network Aug 8, 2025
@glevco glevco merged commit 4b8dbc6 into master Aug 8, 2025
7 of 8 checks passed
@glevco glevco deleted the refactor/nano/imports branch August 8, 2025 01:15
@github-project-automation github-project-automation bot moved this from In Review (Done) to Waiting to be deployed in Hathor Network Aug 8, 2025
This was referenced Aug 12, 2025
Merged
Merged
@jansegre jansegre moved this from Waiting to be deployed to Done in Hathor Network Aug 13, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@msbrogli msbrogli msbrogli approved these changes

@jansegre jansegre jansegre approved these changes

Assignees

@glevco glevco

Labels

None yet

Projects

Hathor Network
Archived in project

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@glevco @msbrogli @jansegre