From 8fc969d43826f5fdf17944ff6a34aacd3a995ed8 Mon Sep 17 00:00:00 2001 From: olgavrou Date: Fri, 19 Jan 2024 03:05:36 -0500 Subject: [PATCH 01/12] add blog and warning in readme for new breaking changes --- README.md | 2 + .../index.mdx | 42 +++++++++++++++++++ website/blog/authors.yml | 6 +++ 3 files changed, 50 insertions(+) create mode 100644 website/blog/2024-01-23-Code-execution-in-docker/index.mdx diff --git a/README.md b/README.md index e114036d2dda..39618b88c4f6 100644 --- a/README.md +++ b/README.md @@ -13,6 +13,8 @@

--> +:warning: Jan 23: **Breaking Change in Latest Release** `use_docker` defaults to `True` for code-execution. See [blog post](https://microsoft.github.io/autogen/blog/2024/01/23/Code-execution-in-docker) for details and [FAQ](https://microsoft.github.io/autogen/docs/FAQ#agents-are-throwing-due-to-docker-not-running-how-can-i-resolve-this) for troubleshooting any issues. + :fire: Dec 31: [AutoGen: Enabling Next-Gen LLM Applications via Multi-Agent Conversation Framework](https://arxiv.org/abs/2308.08155) is selected by [TheSequence: My Five Favorite AI Papers of 2023](https://thesequence.substack.com/p/my-five-favorite-ai-papers-of-2023). diff --git a/website/blog/2024-01-23-Code-execution-in-docker/index.mdx b/website/blog/2024-01-23-Code-execution-in-docker/index.mdx new file mode 100644 index 000000000000..d8464a669997 --- /dev/null +++ b/website/blog/2024-01-23-Code-execution-in-docker/index.mdx @@ -0,0 +1,42 @@ +--- +title: "Code execution inside docker container" +authors: + - olgavrou +tags: [AutoGen] +--- + + +## TLDR + +AutoGen 0.2.8 addresses security vulnerabilities, focusing on informing users about its operations and empowering them to make informed decisions regarding code execution. + +The new release introduces a breaking change where `use_docker` argument is set to `True` by default in code executing agents. This change underscores our commitment to prioritizing security in AutoGen. + +## Introduction + +AutoGen has code-executing agents, usually defined as a `UserProxyAgent`, where code execution is by default ON. Until now, unless explicitly specified by the user, any code generated by other agents would be executed by code-execution agents locally, i.e. wherever autogen was being executed. If autogen happened to be run in a docker container then the risks of running code were minimized. However, if AutoGen runs outside of Docker, it's easy particularly for new users to overlook code-execution risks. + +AutoGen has now changed to by default execute any code inside a docker container (unless execution is already happening inside a docker container). It will launch a Docker image (either user-provided or default), execute the new code, and then terminate the image, preparing for the next code execution cycle. + +We understand that not everyone is concerned about this especially when playing around with AutoGen for the first time. We have provided easy ways to turn this requirement off. But we believe that making sure that the user is aware of the fact that code will be executed locally, and prompting them to think about the security implications of running code locally is the right step for AutoGen. + +## Example + +Default behaviour, any code generated by assistant agent and executed by user_proxy agent, will attempt to use a docker container to execute the code. If docker is not running, it will throw an error. User can decide to activate docker or opt in for local code execution. + +```json +from autogen import AssistantAgent, UserProxyAgent, config_list_from_json +assistant = AssistantAgent("assistant", llm_config={"config_list": config_list}) +user_proxy = UserProxyAgent("user_proxy", code_execution_config={"work_dir": "coding"}) +user_proxy.initiate_chat(assistant, message="Plot a chart of NVDA and TESLA stock price change YTD.") +``` + +## Related documentation + +[code execution with docker](https://microsoft.github.io/autogen/docs/Installation#code-execution-with-docker-default) + +[how to disable code execution in docker](https://microsoft.github.io/autogen/docs/FAQ#agents-are-throwing-due-to-docker-not-running-how-can-i-resolve-this) + +## Conclusion + +AutoGen 0.2.8 addresses security vulnerabilities and is making a conscious effort to make sure that the user is properly informed of what autogen is doing and make decisions around code-execution. diff --git a/website/blog/authors.yml b/website/blog/authors.yml index 258fceffa411..7085702dfca9 100644 --- a/website/blog/authors.yml +++ b/website/blog/authors.yml @@ -99,3 +99,9 @@ skzhang1: title: PhD student at the Pennsylvania State University url: https://github.com/skzhang1 image_url: https://github.com/skzhang1.png + +olgavrou: + name: Olga Vrousgou + title: Senior Software Engineer at Microsoft Research + url: https://github.com/olgavrou/ + image_url: https://github.com/olgavrou.png From 428f469666bc2bd17f13e5f7a44be93576e5bc30 Mon Sep 17 00:00:00 2001 From: olgavrou Date: Fri, 19 Jan 2024 03:08:53 -0500 Subject: [PATCH 02/12] add version number to readme note --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 39618b88c4f6..6c2b30ff1708 100644 --- a/README.md +++ b/README.md @@ -13,7 +13,7 @@

--> -:warning: Jan 23: **Breaking Change in Latest Release** `use_docker` defaults to `True` for code-execution. See [blog post](https://microsoft.github.io/autogen/blog/2024/01/23/Code-execution-in-docker) for details and [FAQ](https://microsoft.github.io/autogen/docs/FAQ#agents-are-throwing-due-to-docker-not-running-how-can-i-resolve-this) for troubleshooting any issues. +:warning: Jan 23: **Breaking Change in Latest Release v0.2.8** `use_docker` defaults to `True` for code-execution. See [blog post](https://microsoft.github.io/autogen/blog/2024/01/23/Code-execution-in-docker) for details and [FAQ](https://microsoft.github.io/autogen/docs/FAQ#agents-are-throwing-due-to-docker-not-running-how-can-i-resolve-this) for troubleshooting any issues. :fire: Dec 31: [AutoGen: Enabling Next-Gen LLM Applications via Multi-Agent Conversation Framework](https://arxiv.org/abs/2308.08155) is selected by [TheSequence: My Five Favorite AI Papers of 2023](https://thesequence.substack.com/p/my-five-favorite-ai-papers-of-2023). From a98619fbeb2f751e71fa84c3ace8ec8ff8127390 Mon Sep 17 00:00:00 2001 From: olgavrou Date: Tue, 23 Jan 2024 14:45:06 -0500 Subject: [PATCH 03/12] Update website/blog/2024-01-23-Code-execution-in-docker/index.mdx Co-authored-by: Jack Gerrits --- website/blog/2024-01-23-Code-execution-in-docker/index.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/blog/2024-01-23-Code-execution-in-docker/index.mdx b/website/blog/2024-01-23-Code-execution-in-docker/index.mdx index d8464a669997..71ddc279a8f9 100644 --- a/website/blog/2024-01-23-Code-execution-in-docker/index.mdx +++ b/website/blog/2024-01-23-Code-execution-in-docker/index.mdx @@ -24,7 +24,7 @@ We understand that not everyone is concerned about this especially when playing Default behaviour, any code generated by assistant agent and executed by user_proxy agent, will attempt to use a docker container to execute the code. If docker is not running, it will throw an error. User can decide to activate docker or opt in for local code execution. -```json +```python from autogen import AssistantAgent, UserProxyAgent, config_list_from_json assistant = AssistantAgent("assistant", llm_config={"config_list": config_list}) user_proxy = UserProxyAgent("user_proxy", code_execution_config={"work_dir": "coding"}) From 0ba48ec24c542a1c2453159dc963705815dda95e Mon Sep 17 00:00:00 2001 From: olgavrou Date: Tue, 23 Jan 2024 14:45:25 -0500 Subject: [PATCH 04/12] Update website/blog/2024-01-23-Code-execution-in-docker/index.mdx Co-authored-by: Jack Gerrits --- website/blog/2024-01-23-Code-execution-in-docker/index.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/blog/2024-01-23-Code-execution-in-docker/index.mdx b/website/blog/2024-01-23-Code-execution-in-docker/index.mdx index 71ddc279a8f9..bf56f232f917 100644 --- a/website/blog/2024-01-23-Code-execution-in-docker/index.mdx +++ b/website/blog/2024-01-23-Code-execution-in-docker/index.mdx @@ -14,7 +14,7 @@ The new release introduces a breaking change where `use_docker` argument is set ## Introduction -AutoGen has code-executing agents, usually defined as a `UserProxyAgent`, where code execution is by default ON. Until now, unless explicitly specified by the user, any code generated by other agents would be executed by code-execution agents locally, i.e. wherever autogen was being executed. If autogen happened to be run in a docker container then the risks of running code were minimized. However, if AutoGen runs outside of Docker, it's easy particularly for new users to overlook code-execution risks. +AutoGen has code-executing agents, usually defined as a `UserProxyAgent`, where code execution is by default ON. Until now, unless explicitly specified by the user, any code generated by other agents would be executed by code-execution agents locally, i.e. wherever AutoGen was being executed. If AutoGen happened to be run in a docker container then the risks of running code were minimized. However, if AutoGen runs outside of Docker, it's easy particularly for new users to overlook code-execution risks. AutoGen has now changed to by default execute any code inside a docker container (unless execution is already happening inside a docker container). It will launch a Docker image (either user-provided or default), execute the new code, and then terminate the image, preparing for the next code execution cycle. From ff58d67b87679db7431afce52f2d2176243c0dea Mon Sep 17 00:00:00 2001 From: olgavrou Date: Fri, 19 Jan 2024 04:08:52 -0500 Subject: [PATCH 05/12] pr comments --- website/blog/2024-01-23-Code-execution-in-docker/index.mdx | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/website/blog/2024-01-23-Code-execution-in-docker/index.mdx b/website/blog/2024-01-23-Code-execution-in-docker/index.mdx index bf56f232f917..aa597819734b 100644 --- a/website/blog/2024-01-23-Code-execution-in-docker/index.mdx +++ b/website/blog/2024-01-23-Code-execution-in-docker/index.mdx @@ -22,7 +22,7 @@ We understand that not everyone is concerned about this especially when playing ## Example -Default behaviour, any code generated by assistant agent and executed by user_proxy agent, will attempt to use a docker container to execute the code. If docker is not running, it will throw an error. User can decide to activate docker or opt in for local code execution. +The example shows the default behaviour which is that any code generated by assistant agent and executed by user_proxy agent, will attempt to use a docker container to execute the code. If docker is not running, it will throw an error. User can decide to activate docker or opt in for local code execution. ```python from autogen import AssistantAgent, UserProxyAgent, config_list_from_json @@ -33,9 +33,8 @@ user_proxy.initiate_chat(assistant, message="Plot a chart of NVDA and TESLA stoc ## Related documentation -[code execution with docker](https://microsoft.github.io/autogen/docs/Installation#code-execution-with-docker-default) - -[how to disable code execution in docker](https://microsoft.github.io/autogen/docs/FAQ#agents-are-throwing-due-to-docker-not-running-how-can-i-resolve-this) +- [Code execution with docker](https://microsoft.github.io/autogen/docs/Installation#code-execution-with-docker-default) +- [How to disable code execution in docker](https://microsoft.github.io/autogen/docs/FAQ#agents-are-throwing-due-to-docker-not-running-how-can-i-resolve-this) ## Conclusion From a5d8fb3f52aec0246602486416e77b4f83a6066a Mon Sep 17 00:00:00 2001 From: olgavrou Date: Tue, 23 Jan 2024 15:01:39 -0500 Subject: [PATCH 06/12] Update website/blog/2024-01-23-Code-execution-in-docker/index.mdx Co-authored-by: Eric Zhu --- website/blog/2024-01-23-Code-execution-in-docker/index.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/blog/2024-01-23-Code-execution-in-docker/index.mdx b/website/blog/2024-01-23-Code-execution-in-docker/index.mdx index aa597819734b..c2b3f45266e8 100644 --- a/website/blog/2024-01-23-Code-execution-in-docker/index.mdx +++ b/website/blog/2024-01-23-Code-execution-in-docker/index.mdx @@ -1,5 +1,5 @@ --- -title: "Code execution inside docker container" +title: "Code execution is now by default inside docker container" authors: - olgavrou tags: [AutoGen] From 276e56ca8177e376f74302ce8de62ed73091d456 Mon Sep 17 00:00:00 2001 From: olgavrou Date: Fri, 19 Jan 2024 04:22:33 -0500 Subject: [PATCH 07/12] rephrase vulnterability --- website/blog/2024-01-23-Code-execution-in-docker/index.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/blog/2024-01-23-Code-execution-in-docker/index.mdx b/website/blog/2024-01-23-Code-execution-in-docker/index.mdx index c2b3f45266e8..86e8955e175a 100644 --- a/website/blog/2024-01-23-Code-execution-in-docker/index.mdx +++ b/website/blog/2024-01-23-Code-execution-in-docker/index.mdx @@ -8,7 +8,7 @@ tags: [AutoGen] ## TLDR -AutoGen 0.2.8 addresses security vulnerabilities, focusing on informing users about its operations and empowering them to make informed decisions regarding code execution. +AutoGen 0.2.8 enhances operational safety by making 'code execution inside a Docker container' the default setting, focusing on informing users about its operations and empowering them to make informed decisions regarding code execution. The new release introduces a breaking change where `use_docker` argument is set to `True` by default in code executing agents. This change underscores our commitment to prioritizing security in AutoGen. From 0c4c8526c71ac437aa9b56e3b3f8eb365e5e7378 Mon Sep 17 00:00:00 2001 From: olgavrou Date: Fri, 19 Jan 2024 05:19:38 -0500 Subject: [PATCH 08/12] address pr comments --- website/blog/2024-01-23-Code-execution-in-docker/index.mdx | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/website/blog/2024-01-23-Code-execution-in-docker/index.mdx b/website/blog/2024-01-23-Code-execution-in-docker/index.mdx index 86e8955e175a..642b44d9e31a 100644 --- a/website/blog/2024-01-23-Code-execution-in-docker/index.mdx +++ b/website/blog/2024-01-23-Code-execution-in-docker/index.mdx @@ -10,7 +10,7 @@ tags: [AutoGen] AutoGen 0.2.8 enhances operational safety by making 'code execution inside a Docker container' the default setting, focusing on informing users about its operations and empowering them to make informed decisions regarding code execution. -The new release introduces a breaking change where `use_docker` argument is set to `True` by default in code executing agents. This change underscores our commitment to prioritizing security in AutoGen. +The new release introduces a breaking change where the `use_docker` argument is set to `True` by default in code executing agents. This change underscores our commitment to prioritizing security and safety in AutoGen. ## Introduction @@ -31,11 +31,11 @@ user_proxy = UserProxyAgent("user_proxy", code_execution_config={"work_dir": "co user_proxy.initiate_chat(assistant, message="Plot a chart of NVDA and TESLA stock price change YTD.") ``` -## Related documentation +## Related documentation and how to opt-out of the default behaviour - [Code execution with docker](https://microsoft.github.io/autogen/docs/Installation#code-execution-with-docker-default) - [How to disable code execution in docker](https://microsoft.github.io/autogen/docs/FAQ#agents-are-throwing-due-to-docker-not-running-how-can-i-resolve-this) ## Conclusion -AutoGen 0.2.8 addresses security vulnerabilities and is making a conscious effort to make sure that the user is properly informed of what autogen is doing and make decisions around code-execution. +AutoGen 0.2.8 now improves the code execution safety and is ensuring that the user is properly informed of what autogen is doing and can make decisions around code-execution. From c53b6d67436f0aea5abba80ff76b0f30350f7605 Mon Sep 17 00:00:00 2001 From: olgavrou Date: Wed, 24 Jan 2024 09:59:03 -0500 Subject: [PATCH 09/12] add doc for turning off code execution entirely --- .../index.mdx | 24 ++++++++++++++- website/docs/FAQ.md | 29 +++++++++++++++++-- 2 files changed, 49 insertions(+), 4 deletions(-) diff --git a/website/blog/2024-01-23-Code-execution-in-docker/index.mdx b/website/blog/2024-01-23-Code-execution-in-docker/index.mdx index 642b44d9e31a..b0749a8bc2bf 100644 --- a/website/blog/2024-01-23-Code-execution-in-docker/index.mdx +++ b/website/blog/2024-01-23-Code-execution-in-docker/index.mdx @@ -31,7 +31,29 @@ user_proxy = UserProxyAgent("user_proxy", code_execution_config={"work_dir": "co user_proxy.initiate_chat(assistant, message="Plot a chart of NVDA and TESLA stock price change YTD.") ``` -## Related documentation and how to opt-out of the default behaviour +To opt out of from this default behaviour there are some options. + +### Diasable code execution entirely + +- Set `code_execution_config` to `False` for each code-execution agent. E.g.: + +```python +user_proxy = autogen.UserProxyAgent(name="user_proxy", code_execution_config=False) +``` + +### Run code execution locally + +- `use_docker` can be set to `False` in `code_execution_config` for each code-execution agent. +- To set it for all code-execution agents at once: set `AUTOGEN_USE_DOCKER` to `False` as an environment variable. + +E.g.: + +```python +user_proxy = autogen.UserProxyAgent(name="user_proxy", + code_execution_config={"work_dir":"coding", "use_docker":False}) +``` + +## Related documentation - [Code execution with docker](https://microsoft.github.io/autogen/docs/Installation#code-execution-with-docker-default) - [How to disable code execution in docker](https://microsoft.github.io/autogen/docs/FAQ#agents-are-throwing-due-to-docker-not-running-how-can-i-resolve-this) diff --git a/website/docs/FAQ.md b/website/docs/FAQ.md index 442399f02929..00e6cbe04757 100644 --- a/website/docs/FAQ.md +++ b/website/docs/FAQ.md @@ -222,8 +222,31 @@ You can also disable the cache. See [here](./Use-Cases/agent_chat.md#llm-caching ## Agents are throwing due to docker not running, how can I resolve this? -If running AutoGen locally the default for agents who execute code is for them to try and perform code execution within a docker container. If docker is not running, this will cause the agent to throw an error. To resolve this you have the below options: +If running AutoGen locally the default for agents who execute code is for them to try and perform code execution within a docker container. If docker is not running, this will cause the agent to throw an error. To resolve this you have some options. + +### If you want to diasable code execution entirely + +- Set `code_execution_config` to `False` for each code-execution agent. E.g.: + +```python +user_proxy = autogen.UserProxyAgent( + name="agent", + code_execution_config=False) +``` + +### If you want to run code execution in docker - **Recommended**: Make sure docker is up and running. -- If you want to run the code locally then `use_docker` can be set to `False` in `code_execution_config` for each code-execution agent. -- If you want to run the code locally for all code-execution agents: set `AUTOGEN_USE_DOCKER` to `False` as an environment variable. + +### If you want to run code execution locally + +- `use_docker` can be set to `False` in `code_execution_config` for each code-execution agent. +- To set it for all code-execution agents at once: set `AUTOGEN_USE_DOCKER` to `False` as an environment variable. + +E.g.: + +```python +user_proxy = autogen.UserProxyAgent( + name="agent", + code_execution_config={"work_dir":"coding", "use_docker":False}) +``` From cef91d7629dccc4e8317ca5f6da638665eb75ed7 Mon Sep 17 00:00:00 2001 From: olgavrou Date: Wed, 24 Jan 2024 10:04:48 -0500 Subject: [PATCH 10/12] add more in docs about disabling code execution entirely --- .../blog/2024-01-23-Code-execution-in-docker/index.mdx | 4 ++-- website/docs/FAQ.md | 3 ++- website/docs/Installation.md | 10 ++++++++++ 3 files changed, 14 insertions(+), 3 deletions(-) diff --git a/website/blog/2024-01-23-Code-execution-in-docker/index.mdx b/website/blog/2024-01-23-Code-execution-in-docker/index.mdx index b0749a8bc2bf..a08e42c6c7c8 100644 --- a/website/blog/2024-01-23-Code-execution-in-docker/index.mdx +++ b/website/blog/2024-01-23-Code-execution-in-docker/index.mdx @@ -38,7 +38,7 @@ To opt out of from this default behaviour there are some options. - Set `code_execution_config` to `False` for each code-execution agent. E.g.: ```python -user_proxy = autogen.UserProxyAgent(name="user_proxy", code_execution_config=False) +user_proxy = autogen.UserProxyAgent(name="user_proxy", llm_config=llm_config, code_execution_config=False) ``` ### Run code execution locally @@ -49,7 +49,7 @@ user_proxy = autogen.UserProxyAgent(name="user_proxy", code_execution_config=Fal E.g.: ```python -user_proxy = autogen.UserProxyAgent(name="user_proxy", +user_proxy = autogen.UserProxyAgent(name="user_proxy", llm_config=llm_config, code_execution_config={"work_dir":"coding", "use_docker":False}) ``` diff --git a/website/docs/FAQ.md b/website/docs/FAQ.md index 00e6cbe04757..7687c1eda1cf 100644 --- a/website/docs/FAQ.md +++ b/website/docs/FAQ.md @@ -231,6 +231,7 @@ If running AutoGen locally the default for agents who execute code is for them t ```python user_proxy = autogen.UserProxyAgent( name="agent", + llm_config=llm_config, code_execution_config=False) ``` @@ -247,6 +248,6 @@ E.g.: ```python user_proxy = autogen.UserProxyAgent( - name="agent", + name="agent", llm_config=llm_config, code_execution_config={"work_dir":"coding", "use_docker":False}) ``` diff --git a/website/docs/Installation.md b/website/docs/Installation.md index 6f515bb2dade..74b0c3cfcad0 100644 --- a/website/docs/Installation.md +++ b/website/docs/Installation.md @@ -185,6 +185,16 @@ Otherwise, reply CONTINUE, or the reason why the task is not solved yet.""" ) ``` +**Turn off code execution entirely**: if you want to turn off code execution entirely, set `code_execution_config` to `False`. E.g.: + +```python +user_proxy = autogen.UserProxyAgent( + name="agent", + llm_config=llm_config + code_execution_config=False +) +``` + ### Migration guide to v0.2 openai v1 is a total rewrite of the library with many breaking changes. For example, the inference requires instantiating a client, instead of using a global class method. From f6cabc9668b011bfd5761e94d711018694772ffc Mon Sep 17 00:00:00 2001 From: olgavrou Date: Wed, 24 Jan 2024 12:34:01 -0500 Subject: [PATCH 11/12] Update website/docs/FAQ.md Co-authored-by: Chi Wang --- website/docs/FAQ.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/FAQ.md b/website/docs/FAQ.md index 7687c1eda1cf..ea59c9041387 100644 --- a/website/docs/FAQ.md +++ b/website/docs/FAQ.md @@ -224,7 +224,7 @@ You can also disable the cache. See [here](./Use-Cases/agent_chat.md#llm-caching If running AutoGen locally the default for agents who execute code is for them to try and perform code execution within a docker container. If docker is not running, this will cause the agent to throw an error. To resolve this you have some options. -### If you want to diasable code execution entirely +### If you want to disable code execution entirely - Set `code_execution_config` to `False` for each code-execution agent. E.g.: From 1992581b03eec0f7e18c0395e8735fe7bd770993 Mon Sep 17 00:00:00 2001 From: olgavrou Date: Wed, 24 Jan 2024 12:34:12 -0500 Subject: [PATCH 12/12] Update website/docs/Installation.md Co-authored-by: Chi Wang --- website/docs/Installation.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/website/docs/Installation.md b/website/docs/Installation.md index 74b0c3cfcad0..0b5d374bafb9 100644 --- a/website/docs/Installation.md +++ b/website/docs/Installation.md @@ -190,8 +190,8 @@ Otherwise, reply CONTINUE, or the reason why the task is not solved yet.""" ```python user_proxy = autogen.UserProxyAgent( name="agent", - llm_config=llm_config - code_execution_config=False + llm_config=llm_config, + code_execution_config=False, ) ```