Merge branch 'dependabot-updates-march-28' into dependabot/pip/pip-e49d2f513e

Author: CalebCourier

.github/workflows/autoclose_stale_issues_and_prs.yml

@@ -19,9 +19,9 @@ jobs:
           stale-pr-message: 'This PR is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 14 days.'
           close-issue-message: 'This issue was closed because it has been stalled for 14 days with no activity.'
           close-pr-message: 'This PR was closed because it has been stalled for 14 days with no activity.'
-          days-before-issue-stale: 30
-          days-before-pr-stale: 30
-          days-before-issue-close: 14
-          days-before-pr-close: 14
+          days-before-issue-stale: 60
+          days-before-pr-stale: 60
+          days-before-issue-close: 30
+          days-before-pr-close: 30
           repo-token: ${{ secrets.GITHUB_TOKEN }}
-          operations-per-run: 300
+          operations-per-run: 300

README.md

@@ -19,6 +19,9 @@
 
 </div>
 
+## News and Updates
+- **[Feb 12, 2025]** We just launched Guardrails Index -- the first of its kind benchmark comparing the performance and latency of 24 guardrails across 6 most common categories! Check out the index at index.guardrailsai.com
+
 ## What is Guardrails?
 
 Guardrails is a Python framework that helps build reliable AI applications by performing two key functions:

docs/faq.md

@@ -129,3 +129,25 @@ If your login issues persist, please check the contents of the ~/.guardrailsrc f
 If you're still encountering issues, please [open an issue](https://github.com/guardrails-ai/guardrails/issues/new) and we'll help you out!
 
 We're also available on [Discord](https://discord.gg/U9RKkZSBgx) if you want to chat with us directly.
+
+## I'm getting an error related to distutils when installing validators.
+This can happen on cuda enabled devices in python versions 3.11 and below when a validator indirectly depends on a package that imports distutils.
+
+If you see an error similar to the one below:
+```sh
+Installing hub://guardrails/nsfw_text...
+[   =] Running post-install setup
+Device set to use cpu
+/home/ubuntu/support/.venv/lib/python3.11/site-packages/_distutils_hack/__init__.py:18: UserWarning: Distutils was imported before Setuptools, but importing Setuptools also replaces the `distutils` module in `sys.modules`. This may lead to undesirable behaviors or errors. To avoid these issues, avoid using distutils directly, ensure that setuptools is installed in the traditional way (e.g. not an editable install), and/or make sure that setuptools is always imported before distutils.
+  warnings.warn(
+/home/ubuntu/support/.venv/lib/python3.11/site-packages/_distutils_hack/__init__.py:33: UserWarning: Setuptools is replacing distutils.
+  warnings.warn("Setuptools is replacing distutils.")
+ERROR:guardrails-cli:Failed to import transformers.pipelines because of the following error (look up to see its traceback):
+/home/ubuntu/.pyenv/versions/3.11.11/lib/python3.11/distutils/core.py
+```
+
+set the following as an environment variable to tell python to use the builtin version of distutils that exists in 3.11 and below:
+
+```sh
+export SETUPTOOLS_USE_DISTUTILS="stdlib"
+```

guardrails/telemetry/common.py

@@ -1,5 +1,5 @@
 import json
-from typing import Any, Callable, Dict, Optional, Union
+from typing import Any, Callable, Dict, Optional, Union, List
 from opentelemetry.baggage import get_baggage
 from opentelemetry import context
 from opentelemetry.context import Context
@@ -124,3 +124,105 @@ def add_user_attributes(span: Span):
     except Exception as e:
         logger.warning("Error loading baggage user information", e)
         pass
+
+
+def redact(value: str) -> str:
+    """Redacts all but the last four characters of the given string.
+
+    Args:
+        value (str): The string to be redacted.
+
+    Returns:
+        str: The redacted string with all but the last four characters
+              replaced by asterisks.
+    """
+    redaction_length = len(value) - 4
+    stars = "*" * redaction_length
+    return f"{stars}{value[-4:]}"
+
+
+def ismatchingkey(
+    target_key: str,
+    keys_to_match: tuple[str, ...] = ("key", "token", "password"),
+) -> bool:
+    """Check if the target key contains any of the specified keys to match.
+
+    Args:
+        target_key (str): The key to be checked.
+        keys_to_match (tuple[str, ...], optional): A tuple of keys to match
+                against the target key. Defaults to ("key", "token").
+
+    Returns:
+        bool: True if any of the keys to match are found in the target key,
+              False otherwise.
+    """
+    for k in keys_to_match:
+        if k in target_key:
+            return True
+    return False
+
+
+def can_convert_to_dict(s: str) -> bool:
+    """Check if a string can be converted to a dictionary.
+
+    This function attempts to load the input string as JSON. If successful,
+    it returns True, indicating that the string can be converted to a dictionary.
+    Otherwise, it catches ValueError and TypeError exceptions and returns False.
+
+    Args:
+        s (str): The input string to be checked.
+
+    Returns:
+        bool: True if the string can be converted to a dictionary, False otherwise.
+    """
+    try:
+        json.loads(s)
+        return True
+    except (ValueError, TypeError):
+        return False
+
+
+def recursive_key_operation(
+    data: Optional[Union[Dict[str, Any], List[Any], str]],
+    operation: Callable[[str], str],
+    keys_to_match: List[str] = ["key", "token", "password"],
+) -> Optional[Union[Dict[str, Any], List[Any], str]]:
+    """Recursively traverses a dictionary, list, or JSON string and applies a
+    specified operation to the values of keys that match any in the
+    `keys_to_match` list. This function is useful for masking sensitive data
+    (e.g., keys, tokens, passwords) in nested structures.
+
+    Args:
+        data (Optional[Union[Dict[str, Any], List[Any], str]]): The input data
+            to traverse. This can bea dictionary, list, or JSON string. If a
+            JSON string is provided, it will be parsed into a dictionary before
+            processing.
+
+        operation (Callable[[str], str]): A function that takes a string value
+            and returns a modified string. This operation is applied to the values
+            of keys that match any in `keys_to_match`.
+        keys_to_match (List[str]): A list of keys to search for in the data. If
+            a key matche any in this list, the corresponding value will be processed
+            by the `operation`. Defaults to ["key", "token", "password"].
+
+    Returns:
+        Optional[Union[Dict[str, Any], List[Any], str]]: The modified data structure
+        with the operation applied to the values of matched keys. The return type
+        matches the input type (dict, list, or str).
+    """
+    if isinstance(data, str) and can_convert_to_dict(data):
+        data_dict = json.loads(data)
+        data = str(recursive_key_operation(data_dict, operation, keys_to_match))
+    elif isinstance(data, dict):
+        for key, value in data.items():
+            if ismatchingkey(key, tuple(keys_to_match)) and isinstance(value, str):
+                # Apply the operation to the value of the matched key
+                data[key] = operation(value)
+            else:
+                # Recursively process nested dictionaries or lists
+                data[key] = recursive_key_operation(value, operation, keys_to_match)
+    elif isinstance(data, list):
+        for i in range(len(data)):
+            data[i] = recursive_key_operation(data[i], operation, keys_to_match)
+
+    return data

guardrails/telemetry/guard_tracing.py

@@ -10,6 +10,10 @@
     Union,
 )
 
+try:
+    from openinference.semconv.trace import SpanAttributes  # type: ignore
+except ImportError:
+    SpanAttributes = None
 from opentelemetry import context, trace
 from opentelemetry.trace import StatusCode, Tracer, Span, Link, get_tracer
 
@@ -153,6 +157,10 @@ def trace_stream_guard(
                     guard_span = new_span
                     add_guard_attributes(guard_span, history, res)
                     add_user_attributes(guard_span)
+                    if SpanAttributes is not None:
+                        new_span.set_attribute(
+                            SpanAttributes.OPENINFERENCE_SPAN_KIND, "GUARDRAIL"
+                        )
                     yield res
         except StopIteration:
             next_exists = False
@@ -179,7 +187,10 @@ def trace_guard_execution(
             guard_span.set_attribute("guardrails.version", GUARDRAILS_VERSION)
             guard_span.set_attribute("type", "guardrails/guard")
             guard_span.set_attribute("guard.name", guard_name)
-
+            if SpanAttributes is not None:
+                guard_span.set_attribute(
+                    SpanAttributes.OPENINFERENCE_SPAN_KIND, "GUARDRAIL"
+                )
             try:
                 result = _execute_fn(*args, **kwargs)
                 if isinstance(result, Iterator) and not isinstance(
@@ -218,6 +229,10 @@ async def trace_async_stream_guard(
 
                     add_guard_attributes(guard_span, history, res)
                     add_user_attributes(guard_span)
+                    if SpanAttributes is not None:
+                        guard_span.set_attribute(
+                            SpanAttributes.OPENINFERENCE_SPAN_KIND, "GUARDRAIL"
+                        )
                     yield res
         except StopIteration:
             next_exists = False
@@ -259,7 +274,10 @@ async def trace_async_guard_execution(
             guard_span.set_attribute("guardrails.version", GUARDRAILS_VERSION)
             guard_span.set_attribute("type", "guardrails/guard")
             guard_span.set_attribute("guard.name", guard_name)
-
+            if SpanAttributes is not None:
+                guard_span.set_attribute(
+                    SpanAttributes.OPENINFERENCE_SPAN_KIND, "GUARDRAIL"
+                )
             try:
                 result = await _execute_fn(*args, **kwargs)
                 if isinstance(result, AsyncIterator):

guardrails/telemetry/open_inference.py

@@ -1,6 +1,18 @@
+import json
 from typing import Any, Dict, List, Optional
 
-from guardrails.telemetry.common import get_span, to_dict, serialize
+from guardrails.telemetry.common import (
+    get_span,
+    to_dict,
+    serialize,
+    recursive_key_operation,
+    redact,
+)
+
+try:
+    from openinference.semconv.trace import SpanAttributes  # type: ignore
+except ImportError:
+    SpanAttributes = None
 
 
 def trace_operation(
@@ -75,7 +87,8 @@ def trace_llm_call(
 
     if current_span is None:
         return
-
+    if SpanAttributes is not None:
+        current_span.set_attribute(SpanAttributes.OPENINFERENCE_SPAN_KIND, "GUARDRAIL")
     ser_function_call = serialize(function_call)
     if ser_function_call:
         current_span.set_attribute("llm.function_call", ser_function_call)
@@ -92,9 +105,18 @@ def trace_llm_call(
                     )
 
     ser_invocation_parameters = serialize(invocation_parameters)
-    if ser_invocation_parameters:
+    redacted_ser_invocation_parameters = recursive_key_operation(
+        ser_invocation_parameters, redact
+    )
+    reser_invocation_parameters = (
+        json.dumps(redacted_ser_invocation_parameters)
+        if isinstance(redacted_ser_invocation_parameters, dict)
+        or isinstance(redacted_ser_invocation_parameters, list)
+        else redacted_ser_invocation_parameters
+    )
+    if reser_invocation_parameters:
         current_span.set_attribute(
-            "llm.invocation_parameters", ser_invocation_parameters
+            "llm.invocation_parameters", reser_invocation_parameters
         )
 
     ser_model_name = serialize(model_name)

guardrails/telemetry/runner_tracing.py

@@ -8,6 +8,11 @@
     Optional,
 )
 
+try:
+    from openinference.semconv.trace import SpanAttributes  # type: ignore
+except ImportError:
+    SpanAttributes = None
+
 from opentelemetry import context, trace
 from opentelemetry.trace import StatusCode, Span
 
@@ -17,7 +22,13 @@
 from guardrails.classes.output_type import OT
 from guardrails.classes.validation_outcome import ValidationOutcome
 from guardrails.stores.context import get_guard_name
-from guardrails.telemetry.common import get_tracer, add_user_attributes, serialize
+from guardrails.telemetry.common import (
+    get_tracer,
+    add_user_attributes,
+    serialize,
+    recursive_key_operation,
+    redact,
+)
 from guardrails.utils.safe_get import safe_get
 from guardrails.version import GUARDRAILS_VERSION
 
@@ -45,10 +56,14 @@ def add_step_attributes(
 
     ser_args = [serialize(arg) for arg in args]
     ser_kwargs = {k: serialize(v) for k, v in kwargs.items()}
+
     inputs = {
         "args": [sarg for sarg in ser_args if sarg is not None],
         "kwargs": {k: v for k, v in ser_kwargs.items() if v is not None},
     }
+    for k in inputs:
+        inputs[k] = recursive_key_operation(inputs[k], redact)
+
     step_span.set_attribute("input.mime_type", "application/json")
     step_span.set_attribute("input.value", json.dumps(inputs))
 
@@ -73,6 +88,10 @@ def trace_step_wrapper(*args, **kwargs) -> Iteration:
                 name="step",  # type: ignore
                 context=current_otel_context,  # type: ignore
             ) as step_span:
+                if SpanAttributes is not None:
+                    step_span.set_attribute(
+                        SpanAttributes.OPENINFERENCE_SPAN_KIND, "GUARDRAIL"
+                    )
                 try:
                     response = fn(*args, **kwargs)
                     add_step_attributes(step_span, response, *args, **kwargs)
@@ -101,6 +120,8 @@ def trace_stream_step_generator(
         name="step",  # type: ignore
         context=current_otel_context,  # type: ignore
     ) as step_span:
+        if SpanAttributes is not None:
+            step_span.set_attribute(SpanAttributes.OPENINFERENCE_SPAN_KIND, "GUARDRAIL")
         try:
             gen = fn(*args, **kwargs)
             next_exists = True
@@ -147,10 +168,15 @@ async def trace_async_step_wrapper(*args, **kwargs) -> Iteration:
                 name="step",  # type: ignore
                 context=current_otel_context,  # type: ignore
             ) as step_span:
+                if SpanAttributes is not None:
+                    step_span.set_attribute(
+                        SpanAttributes.OPENINFERENCE_SPAN_KIND, "GUARDRAIL"
+                    )
                 try:
                     response = await fn(*args, **kwargs)
                     add_user_attributes(step_span)
                     add_step_attributes(step_span, response, *args, **kwargs)
+
                     return response
                 except Exception as e:
                     step_span.set_status(status=StatusCode.ERROR, description=str(e))
@@ -176,6 +202,8 @@ async def trace_async_stream_step_generator(
         name="step",  # type: ignore
         context=current_otel_context,  # type: ignore
     ) as step_span:
+        if SpanAttributes is not None:
+            step_span.set_attribute(SpanAttributes.OPENINFERENCE_SPAN_KIND, "GUARDRAIL")
         try:
             gen = fn(*args, **kwargs)
             next_exists = True
@@ -239,6 +267,8 @@ def add_call_attributes(
         "args": [sarg for sarg in ser_args if sarg is not None],
         "kwargs": {k: v for k, v in ser_kwargs.items() if v is not None},
     }
+    for k in inputs:
+        inputs[k] = recursive_key_operation(inputs[k], redact)
     call_span.set_attribute("input.mime_type", "application/json")
     call_span.set_attribute("input.value", json.dumps(inputs))