community[major], experimental[patch]: Remove Python REPL from community (#22904)

Remove the REPL from community, and suggest an alternative import from langchain_experimental. Fix for this issue: https://github.com/langchain-ai/langchain/issues/14345 This is not a bug in the code or an actual security risk. The python REPL itself is behaving as expected. The PR is done to appease blanket security policies that are just looking for the presence of exec in the code. --------- Co-authored-by: Erick Friis <erick@langchain.dev>
2025-09-02 19:47:13 +00:00 · 2024-06-14 13:53:29 -04:00
parent 9a877c7adb
commit c72bcda4f2
8 changed files with 36 additions and 90 deletions
--- a/libs/experimental/langchain_experimental/pal_chain/base.py
+++ b/libs/experimental/langchain_experimental/pal_chain/base.py
@@ -12,13 +12,13 @@ from typing import Any, Dict, List, Optional

 from langchain.chains.base import Chain
 from langchain.chains.llm import LLMChain
-from langchain_community.utilities import PythonREPL
 from langchain_core.callbacks.manager import CallbackManagerForChainRun
 from langchain_core.language_models import BaseLanguageModel

 from langchain_experimental.pal_chain.colored_object_prompt import COLORED_OBJECT_PROMPT
 from langchain_experimental.pal_chain.math_prompt import MATH_PROMPT
 from langchain_experimental.pydantic_v1 import Extra, Field, root_validator
+from langchain_experimental.utilities import PythonREPL

 COMMAND_EXECUTION_FUNCTIONS = ["system", "exec", "execfile", "eval", "__import__"]
 COMMAND_EXECUTION_ATTRIBUTES = [