Skip to content

upgrade zero inflated lognormal loss, support export structure path #544

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
yangxudong wants to merge 60 commits into
base: master
Choose a base branch
from
Open

upgrade zero inflated lognormal loss, support export structure path #544

yangxudong wants to merge 60 commits into from

Conversation

@yangxudong
Copy link
Collaborator

@yangxudong yangxudong commented Nov 7, 2025

No description provided.

yangxudong and others added 30 commits December 20, 2024 14:52
@yangxudong
fix bug of autoint model demo config
4686391
@yangxudong
Merge branch 'master' into daily_bug_fix
4011d71
@yangxudong
fix bug of wrong demo model configs
a23298b
@yangxudong
Merge branch 'master' into daily_bug_fix
9e131bc
@yangxudong
fix bug of undefined flags of easyrec tools run with DeepRec
7f5ddad
@yangxudong
fix bug
74b1edc
@yangxudong
fix bug
8ffbc29
@yangxudong
fix bug
3f97db9
@yangxudong
fix bug
c7d7a0d
@yangxudong
fix bug
eed8283
@yanzhen1233 @yangxudong
Build docker (#515)
d7a1860 
* Updated Docker image
@yangxudong
merge from master
179cfa3
@yangxudong
fix bug of autoint model demo config
1f81f2b
@yangxudong
fix bug of wrong demo model configs
c00d33e
@yangxudong
Merge branch 'master' into daily_bug_fix
bf983d4
@yangxudong
merge from master
8317df7
@yangxudong
merge from master
9cd8ca1
@yangxudong
merge from master
cd9fdcc
@yangxudong
merge from master
8935776
@yangxudong
Merge branch 'master' into daily_bug_fix
e6dadc3
@yangxudong
fix bug of SeqAugment layer
fdffb37
@yangxudong
add compacity for windows users
a62c34b
@yangxudong
Merge branch 'master' into daily_bug_fix
2e80cf0
@yangxudong
prevant to include wrong tensorflow_probability version
0385791
@yangxudong
Merge branch 'master' into daily_bug_fix
fa41d55
@yangxudong
add some examples for backbone components
8f13ba4
@yangxudong
Merge branch 'master' into daily_bug_fix
cc7ee5d
@yangxudong
fix bug of gfile compatibility
55d6a87
@yangxudong
fix bug of gfile compatibility
a3efa85
@yangxudong
fix bug of gfile compatibility
20a391b
@yangxudong yangxudong changed the title Daily bug fix upgrade zero inflated lognormal loss, support export structure path Nov 7, 2025
@yangxudong
upgrade zero inflated lognormal loss, support export structure path
47c681d
@yangxudong
upgrade zero inflated lognormal loss, support export structure path, …
39a3fc2 
…upgrade pre-commit hooks
@yangxudong
upgrade zero inflated lognormal loss, support export structure path, …
a6fefaa 
…upgrade pre-commit hooks
@yangxudong
upgrade zero inflated lognormal loss, support export structure path, …
e5521f6 
…upgrade pre-commit hooks
@yangxudong
upgrade zero inflated lognormal loss, support export structure path, …
f8fde64 
…upgrade pre-commit hooks
@yangxudong
upgrade zero inflated lognormal loss, support export structure path, …
76b9f10 
…upgrade pre-commit hooks
@yangxudong
upgrade zero inflated lognormal loss, support export structure path, …
96a93ae 
…upgrade pre-commit hooks
@yangxudong
upgrade zero inflated lognormal loss, support export structure path, …
4697f88 
…upgrade pre-commit hooks
@yangxudong
upgrade zero inflated lognormal loss, support export structure path, …
19ffbdc 
…upgrade pre-commit hooks
github-advanced-security[bot]
github-advanced-security bot found potential problems Nov 11, 2025
View reviewed changes
easy_rec/python/utils/test_utils.py Outdated
@@ -100,8 +98,7 @@
cmd_str = cmd_str.replace('\r', ' ').replace('\n', ' ')
logging.info('RUNCMD: %s > %s 2>&1 ' % (cmd_str, log_file))
with open(log_file, 'w') as lfile:
proc = subprocess.Popen(
cmd_str, stdout=lfile, stderr=subprocess.STDOUT, shell=True, env=env)
proc = subprocess.Popen(cmd_str, stdout=lfile, stderr=subprocess.STDOUT, shell=True, env=env)

Check failure

Code scanning / CodeQL

Clear-text logging of sensitive information High test

This expression logs
sensitive data (password)
Loading
as clear text.

Copilot Autofix

AI 2 months ago

The issue should be fixed by ensuring that sensitive data, such as passwords present in environment variables (e.g., redis_passwd), is not included in log output.
To fix this, the run_cmd function in easy_rec/python/utils/test_utils.py (lines 100-111) should be modified so that command strings are either (1) not logged at all or (2) masked/redacted to replace any obvious sensitive values (e.g., --redis_passwd xxx) with a constant marker (e.g., --redis_passwd ******) before logging. A generic safe approach is to redact the value of --redis_passwd (and potentially other future flags like --password). This can be implemented via regex replacement before issuing the log statement.

Only easy_rec/python/utils/test_utils.py needs modification: add masking logic before the log statement in run_cmd.

Suggested changeset 1
easy_rec/python/utils/test_utils.py

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/easy_rec/python/utils/test_utils.py b/easy_rec/python/utils/test_utils.py
--- a/easy_rec/python/utils/test_utils.py
+++ b/easy_rec/python/utils/test_utils.py
@@ -100,7 +100,14 @@
 def run_cmd(cmd_str, log_file, env=None):
   """Run a shell cmd."""
   cmd_str = cmd_str.replace('\r', ' ').replace('\n', ' ')
-  logging.info('RUNCMD: %s > %s 2>&1 ' % (cmd_str, log_file))
+  # redact any instance of --redis_passwd <value> in logs
+  import re
+  def redact_password(cmd):
+    # redact patterns like --redis_passwd something (allow quoted/space values)
+    pattern = r'(--redis_passwd\s+)([^\s"\']+|"[^"]*"|\'[^\']*\')'
+    return re.sub(pattern, r'\1******', cmd)
+  safe_cmd_str = redact_password(cmd_str)
+  logging.info('RUNCMD: %s > %s 2>&1 ' % (safe_cmd_str, log_file))
   with open(log_file, 'w') as lfile:
     proc = subprocess.Popen(
         cmd_str, stdout=lfile, stderr=subprocess.STDOUT, shell=True, env=env)
EOF
@@ -100,7 +100,14 @@
def run_cmd(cmd_str, log_file, env=None):
"""Run a shell cmd."""
cmd_str = cmd_str.replace('\r', ' ').replace('\n', ' ')
logging.info('RUNCMD: %s > %s 2>&1 ' % (cmd_str, log_file))
# redact any instance of --redis_passwd <value> in logs
import re
def redact_password(cmd):
# redact patterns like --redis_passwd something (allow quoted/space values)
pattern = r'(--redis_passwd\s+)([^\s"\']+|"[^"]*"|\'[^\']*\')'
return re.sub(pattern, r'\1******', cmd)
safe_cmd_str = redact_password(cmd_str)
logging.info('RUNCMD: %s > %s 2>&1 ' % (safe_cmd_str, log_file))
with open(log_file, 'w') as lfile:
proc = subprocess.Popen(
cmd_str, stdout=lfile, stderr=subprocess.STDOUT, shell=True, env=env)
Copilot is powered by AI and may make mistakes. Always verify output.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@yangxudong @yanzhen1233