github/langchain
1
0
Fork 0
mirror of https://github.com/hwchase17/langchain.git synced 2025-06-26 00:23:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add security considerations (#11869)

Browse Source 
Add security considerations to existing graph tools.
This commit is contained in:
Eugene Yurtsev 2023-10-16 12:23:48 -04:00 committed by GitHub
parent 201b7ce9af
commit 210a48cfb5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 108 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
libs/langchain/langchain/graphs/arangodb_graph.py
View File

@ -4,7 +4,17 @@ from typing import Any, Dict, List, Optional
class ArangoGraph: class ArangoGraph:
"""ArangoDB wrapper for graph operations.""" """ArangoDB wrapper for graph operations.
*Security note*: Make sure that the database connection uses credentials
that are narrowly-scoped to only include necessary permissions.
Failure to do so may result in data corruption or loss, since the calling
code may attempt commands that would result in deletion, mutation
of data if appropriately prompted or reading sensitive data if such
data is present in the database.
The best way to guard against such negative outcomes is to (as appropriate)
limit the permissions granted to the credentials used with this tool.
"""
def __init__(self, db: Any) -> None: def __init__(self, db: Any) -> None:
"""Create a new ArangoDB graph wrapper instance.""" """Create a new ArangoDB graph wrapper instance."""

12
libs/langchain/langchain/graphs/falkordb_graph.py
View File

@ -33,7 +33,17 @@ RETURN DISTINCT {start: src_label, type: rel_type, end: dst_label} AS output
class FalkorDBGraph(Neo4jGraph): class FalkorDBGraph(Neo4jGraph):
"""FalkorDB wrapper for graph operations.""" """FalkorDB wrapper for graph operations.
*Security note*: Make sure that the database connection uses credentials
that are narrowly-scoped to only include necessary permissions.
Failure to do so may result in data corruption or loss, since the calling
code may attempt commands that would result in deletion, mutation
of data if appropriately prompted or reading sensitive data if such
data is present in the database.
The best way to guard against such negative outcomes is to (as appropriate)
limit the permissions granted to the credentials used with this tool.
"""
def __init__( def __init__(
self, database: str, host: str = "localhost", port: int = 6379 self, database: str, host: str = "localhost", port: int = 6379

12
libs/langchain/langchain/graphs/hugegraph.py
View File

@ -2,7 +2,17 @@ from typing import Any, Dict, List
class HugeGraph: class HugeGraph:
"""HugeGraph wrapper for graph operations""" """HugeGraph wrapper for graph operations.
*Security note*: Make sure that the database connection uses credentials
that are narrowly-scoped to only include necessary permissions.
Failure to do so may result in data corruption or loss, since the calling
code may attempt commands that would result in deletion, mutation
of data if appropriately prompted or reading sensitive data if such
data is present in the database.
The best way to guard against such negative outcomes is to (as appropriate)
limit the permissions granted to the credentials used with this tool.
"""
def __init__( def __init__(
self, self,

12
libs/langchain/langchain/graphs/kuzu_graph.py
View File

@ -2,7 +2,17 @@ from typing import Any, Dict, List
class KuzuGraph: class KuzuGraph:
"""Kùzu wrapper for graph operations.""" """Kùzu wrapper for graph operations.
*Security note*: Make sure that the database connection uses credentials
that are narrowly-scoped to only include necessary permissions.
Failure to do so may result in data corruption or loss, since the calling
code may attempt commands that would result in deletion, mutation
of data if appropriately prompted or reading sensitive data if such
data is present in the database.
The best way to guard against such negative outcomes is to (as appropriate)
limit the permissions granted to the credentials used with this tool.
"""
def __init__(self, db: Any, database: str = "kuzu") -> None: def __init__(self, db: Any, database: str = "kuzu") -> None:
try: try:

12
libs/langchain/langchain/graphs/memgraph_graph.py
View File

@ -14,7 +14,17 @@ RETURN *
class MemgraphGraph(Neo4jGraph): class MemgraphGraph(Neo4jGraph):
"""Memgraph wrapper for graph operations.""" """Memgraph wrapper for graph operations.
*Security note*: Make sure that the database connection uses credentials
that are narrowly-scoped to only include necessary permissions.
Failure to do so may result in data corruption or loss, since the calling
code may attempt commands that would result in deletion, mutation
of data if appropriately prompted or reading sensitive data if such
data is present in the database.
The best way to guard against such negative outcomes is to (as appropriate)
limit the permissions granted to the credentials used with this tool.
"""
def __init__( def __init__(
self, url: str, username: str, password: str, *, database: str = "memgraph" self, url: str, username: str, password: str, *, database: str = "memgraph"

12
libs/langchain/langchain/graphs/nebula_graph.py
View File

@ -17,8 +17,18 @@ RETRY_TIMES = 3
class NebulaGraph: class NebulaGraph:
"""NebulaGraph wrapper for graph operations """NebulaGraph wrapper for graph operations.
NebulaGraph inherits methods from Neo4jGraph to bring ease to the user space. NebulaGraph inherits methods from Neo4jGraph to bring ease to the user space.
*Security note*: Make sure that the database connection uses credentials
that are narrowly-scoped to only include necessary permissions.
Failure to do so may result in data corruption or loss, since the calling
code may attempt commands that would result in deletion, mutation
of data if appropriately prompted or reading sensitive data if such
data is present in the database.
The best way to guard against such negative outcomes is to (as appropriate)
limit the permissions granted to the credentials used with this tool.
""" """
def __init__( def __init__(

12
libs/langchain/langchain/graphs/neo4j_graph.py
View File

@ -29,7 +29,17 @@ RETURN {start: label, type: property, end: toString(other_node)} AS output
class Neo4jGraph: class Neo4jGraph:
"""Neo4j wrapper for graph operations.""" """Neo4j wrapper for graph operations.
*Security note*: Make sure that the database connection uses credentials
that are narrowly-scoped to only include necessary permissions.
Failure to do so may result in data corruption or loss, since the calling
code may attempt commands that would result in deletion, mutation
of data if appropriately prompted or reading sensitive data if such
data is present in the database.
The best way to guard against such negative outcomes is to (as appropriate)
limit the permissions granted to the credentials used with this tool.
"""
def __init__( def __init__(
self, url: str, username: str, password: str, database: str = "neo4j" self, url: str, username: str, password: str, database: str = "neo4j"

9
libs/langchain/langchain/graphs/neptune_graph.py
View File

@ -38,6 +38,15 @@ class NeptuneGraph:
host='<my-cluster>', host='<my-cluster>',
port=8182 port=8182
) )
*Security note*: Make sure that the database connection uses credentials
that are narrowly-scoped to only include necessary permissions.
Failure to do so may result in data corruption or loss, since the calling
code may attempt commands that would result in deletion, mutation
of data if appropriately prompted or reading sensitive data if such
data is present in the database.
The best way to guard against such negative outcomes is to (as appropriate)
limit the permissions granted to the credentials used with this tool.
""" """
def __init__( def __init__(

12
libs/langchain/langchain/graphs/networkx_graph.py
View File

@ -47,7 +47,17 @@ def get_entities(entity_str: str) -> List[str]:
class NetworkxEntityGraph: class NetworkxEntityGraph:
"""Networkx wrapper for entity graph operations.""" """Networkx wrapper for entity graph operations.
*Security note*: Make sure that the database connection uses credentials
that are narrowly-scoped to only include necessary permissions.
Failure to do so may result in data corruption or loss, since the calling
code may attempt commands that would result in deletion, mutation
of data if appropriately prompted or reading sensitive data if such
data is present in the database.
The best way to guard against such negative outcomes is to (as appropriate)
limit the permissions granted to the credentials used with this tool.
"""
def __init__(self, graph: Optional[Any] = None) -> None: def __init__(self, graph: Optional[Any] = None) -> None:
"""Create a new graph.""" """Create a new graph."""

13
libs/langchain/langchain/graphs/rdf_graph.py
View File

@ -87,13 +87,22 @@ dp_query_owl = (
class RdfGraph: class RdfGraph:
""" """RDFlib wrapper for graph operations.
RDFlib wrapper for graph operations.
Modes: Modes:
* local: Local file - can be queried and changed * local: Local file - can be queried and changed
* online: Online file - can only be queried, changes can be stored locally * online: Online file - can only be queried, changes can be stored locally
* store: Triple store - can be queried and changed if update_endpoint available * store: Triple store - can be queried and changed if update_endpoint available
Together with a source file, the serialization should be specified. Together with a source file, the serialization should be specified.
*Security note*: Make sure that the database connection uses credentials
that are narrowly-scoped to only include necessary permissions.
Failure to do so may result in data corruption or loss, since the calling
code may attempt commands that would result in deletion, mutation
of data if appropriately prompted or reading sensitive data if such
data is present in the database.
The best way to guard against such negative outcomes is to (as appropriate)
limit the permissions granted to the credentials used with this tool.
""" """
def __init__( def __init__(