FEATURE: use a safer eval code, with limited arithmetic capabilities. #133
Conversation
☂️ Python Coverage
Overall Coverage
New Files
Modified FilesNo covered modified files...
|
amilcarlucas
force-pushed
the
safe_eval
branch
from
71c909a to
4f23347
Compare
Test Results 2 files 2 suites 1m 33s ⏱️ Results for commit 284b22f. ♻️ This comment has been updated with latest results. |
There was a problem hiding this comment.
PR Overview
This PR introduces a safe_eval implementation for arithmetic expressions with limited mathematical functions and operators while adding comprehensive tests to ensure its correctness and security.
- Introduces a secure evaluator module (safe_eval.py) that parses and evaluates arithmetic expressions
- Provides extensive test cases (tests/test_safe_eval.py) to cover basic arithmetic, math functions, operator precedence, nested expressions, error handling, and security against code injection
Reviewed Changes
| File | Description |
|---|---|
| tests/test_safe_eval.py | Comprehensive tests covering arithmetic, math functions, and errors |
| ardupilot_methodic_configurator/safe_eval.py | Implementation of a secure evaluator using Python's ast module |
Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.
Comments suppressed due to low confidence (1)
ardupilot_methodic_configurator/safe_eval.py:25
- [nitpick] Consider renaming the inner variable in the list comprehension (e.g., 'func') to avoid shadowing the parameter 'x'.
if x not in [x for x in dir(math) if "__" not in x]:
| ast.Call: checkmath, | ||
| ast.BinOp: ast.BinOp, |
There was a problem hiding this comment.
The 'bin_ops' dictionary includes extraneous keys (ast.Call and ast.BinOp) that are not used for arithmetic operations and may lead to confusion; consider removing them.
| ast.Call: checkmath, | |
| ast.BinOp: ast.BinOp, | |
| # ast.Call and ast.BinOp removed as they are not used for arithmetic operations |
Copilot uses AI. Check for mistakes.
No description provided.