diff --git a/changelog/12768.bugfix.md b/changelog/12768.bugfix.md new file mode 100644 index 000000000000..d9f8132b6f54 --- /dev/null +++ b/changelog/12768.bugfix.md @@ -0,0 +1 @@ +Updated certifi, cryptography, and scipy packages to address security vulnerabilities. \ No newline at end of file diff --git a/docs/docs/reference/rasa/core/lock_store.md b/docs/docs/reference/rasa/core/lock_store.md index da17d060069e..5710322c0506 100644 --- a/docs/docs/reference/rasa/core/lock_store.md +++ b/docs/docs/reference/rasa/core/lock_store.md @@ -152,6 +152,9 @@ def __init__( db: int = 1, password: Optional[Text] = None, use_ssl: bool = False, + ssl_certfile: Optional[Text] = None, + ssl_keyfile: Optional[Text] = None, + ssl_ca_certs: Optional[Text] = None, key_prefix: Optional[Text] = None, socket_timeout: float = DEFAULT_SOCKET_TIMEOUT_IN_SECONDS) -> None ``` @@ -167,10 +170,13 @@ Create a lock store which uses Redis for persistence. - `password` - The password which should be used for authentication with the Redis database. - `use_ssl` - `True` if SSL should be used for the connection to Redis. +- `ssl_certfile` - Path to the SSL certificate file. +- `ssl_keyfile` - Path to the SSL private key file. +- `ssl_ca_certs` - Path to the SSL CA certificate file. - `key_prefix` - prefix to prepend to all keys used by the lock store. Must be alphanumeric. -- `socket_timeout` - Timeout in seconds after which an exception will be raised - in case Redis doesn't respond within `socket_timeout` seconds. +- `port`0 - Timeout in seconds after which an exception will be raised + in case Redis doesn't respond within `port`0 seconds. #### get\_lock diff --git a/docs/docs/sources/rasa_interactive___help.txt b/docs/docs/sources/rasa_interactive___help.txt index c9b005eff841..1b07232a1a41 100644 --- a/docs/docs/sources/rasa_interactive___help.txt +++ b/docs/docs/sources/rasa_interactive___help.txt @@ -39,7 +39,7 @@ options: --conversation-id CONVERSATION_ID Specify the id of the conversation the messages are in. Defaults to a UUID that will be randomly - generated. (default: 8c645882ac2a4c34948282a7209f5c1b) + generated. (default: 19fc39f7978f427f9704ef27a1e2af10) --endpoints ENDPOINTS Configuration file for the model server and the connectors as a yml file. (default: endpoints.yml) diff --git a/docs/docs/sources/rasa_shell___help.txt b/docs/docs/sources/rasa_shell___help.txt index a21dbb943105..9f95e81b8182 100644 --- a/docs/docs/sources/rasa_shell___help.txt +++ b/docs/docs/sources/rasa_shell___help.txt @@ -30,7 +30,7 @@ options: -h, --help show this help message and exit --conversation-id CONVERSATION_ID Set the conversation ID. (default: - 1d482ae9279d4a3584db8c458ffea8fc) + 572acc8043b64b21a208c4d305b4b55c) -m MODEL, --model MODEL Path to a trained Rasa model. If a directory is specified, it will use the latest model in this diff --git a/poetry.lock b/poetry.lock index 3293d167def1..f0ce6ec09356 100644 --- a/poetry.lock +++ b/poetry.lock @@ -4801,6 +4801,7 @@ Sanic-Cors = ">=2.0.0,<3.0.0" setuptools = ">=65.5.1" typing-extensions = ">=4.1.1,<5.0.0" websockets = ">=10.0,<12.0" +wheel = ">=0.38.1" [[package]] name = "redis" @@ -5310,39 +5311,42 @@ tests = ["black (>=22.3.0)", "flake8 (>=3.8.2)", "matplotlib (>=3.1.2)", "mypy ( [[package]] name = "scipy" -version = "1.8.1" -description = "SciPy: Scientific Library for Python" -category = "main" -optional = false -python-versions = ">=3.8,<3.11" -files = [ - {file = "scipy-1.8.1-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:65b77f20202599c51eb2771d11a6b899b97989159b7975e9b5259594f1d35ef4"}, - {file = "scipy-1.8.1-cp310-cp310-macosx_12_0_arm64.whl", hash = "sha256:e013aed00ed776d790be4cb32826adb72799c61e318676172495383ba4570aa4"}, - {file = "scipy-1.8.1-cp310-cp310-macosx_12_0_universal2.macosx_10_9_x86_64.whl", hash = "sha256:02b567e722d62bddd4ac253dafb01ce7ed8742cf8031aea030a41414b86c1125"}, - {file = "scipy-1.8.1-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:1da52b45ce1a24a4a22db6c157c38b39885a990a566748fc904ec9f03ed8c6ba"}, - {file = "scipy-1.8.1-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:a0aa8220b89b2e3748a2836fbfa116194378910f1a6e78e4675a095bcd2c762d"}, - {file = "scipy-1.8.1-cp310-cp310-win_amd64.whl", hash = "sha256:4e53a55f6a4f22de01ffe1d2f016e30adedb67a699a310cdcac312806807ca81"}, - {file = "scipy-1.8.1-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:28d2cab0c6ac5aa131cc5071a3a1d8e1366dad82288d9ec2ca44df78fb50e649"}, - {file = "scipy-1.8.1-cp38-cp38-macosx_12_0_arm64.whl", hash = "sha256:6311e3ae9cc75f77c33076cb2794fb0606f14c8f1b1c9ff8ce6005ba2c283621"}, - {file = "scipy-1.8.1-cp38-cp38-macosx_12_0_universal2.macosx_10_9_x86_64.whl", hash = "sha256:3b69b90c9419884efeffaac2c38376d6ef566e6e730a231e15722b0ab58f0328"}, - {file = "scipy-1.8.1-cp38-cp38-manylinux_2_12_i686.manylinux2010_i686.whl", hash = "sha256:6cc6b33139eb63f30725d5f7fa175763dc2df6a8f38ddf8df971f7c345b652dc"}, - {file = "scipy-1.8.1-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:9c4e3ae8a716c8b3151e16c05edb1daf4cb4d866caa385e861556aff41300c14"}, - {file = "scipy-1.8.1-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:23b22fbeef3807966ea42d8163322366dd89da9bebdc075da7034cee3a1441ca"}, - {file = "scipy-1.8.1-cp38-cp38-win32.whl", hash = "sha256:4b93ec6f4c3c4d041b26b5f179a6aab8f5045423117ae7a45ba9710301d7e462"}, - {file = "scipy-1.8.1-cp38-cp38-win_amd64.whl", hash = "sha256:70ebc84134cf0c504ce6a5f12d6db92cb2a8a53a49437a6bb4edca0bc101f11c"}, - {file = "scipy-1.8.1-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:f3e7a8867f307e3359cc0ed2c63b61a1e33a19080f92fe377bc7d49f646f2ec1"}, - {file = "scipy-1.8.1-cp39-cp39-macosx_12_0_arm64.whl", hash = "sha256:2ef0fbc8bcf102c1998c1f16f15befe7cffba90895d6e84861cd6c6a33fb54f6"}, - {file = "scipy-1.8.1-cp39-cp39-macosx_12_0_universal2.macosx_10_9_x86_64.whl", hash = "sha256:83606129247e7610b58d0e1e93d2c5133959e9cf93555d3c27e536892f1ba1f2"}, - {file = "scipy-1.8.1-cp39-cp39-manylinux_2_12_i686.manylinux2010_i686.whl", hash = "sha256:93d07494a8900d55492401917a119948ed330b8c3f1d700e0b904a578f10ead4"}, - {file = "scipy-1.8.1-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:d3b3c8924252caaffc54d4a99f1360aeec001e61267595561089f8b5900821bb"}, - {file = "scipy-1.8.1-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:70de2f11bf64ca9921fda018864c78af7147025e467ce9f4a11bc877266900a6"}, - {file = "scipy-1.8.1-cp39-cp39-win32.whl", hash = "sha256:1166514aa3bbf04cb5941027c6e294a000bba0cf00f5cdac6c77f2dad479b434"}, - {file = "scipy-1.8.1-cp39-cp39-win_amd64.whl", hash = "sha256:9dd4012ac599a1e7eb63c114d1eee1bcfc6dc75a29b589ff0ad0bb3d9412034f"}, - {file = "scipy-1.8.1.tar.gz", hash = "sha256:9e3fb1b0e896f14a85aa9a28d5f755daaeeb54c897b746df7a55ccb02b340f33"}, -] - -[package.dependencies] -numpy = ">=1.17.3,<1.25.0" +version = "1.10.1" +description = "Fundamental algorithms for scientific computing in Python" +category = "main" +optional = false +python-versions = "<3.12,>=3.8" +files = [ + {file = "scipy-1.10.1-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:e7354fd7527a4b0377ce55f286805b34e8c54b91be865bac273f527e1b839019"}, + {file = "scipy-1.10.1-cp310-cp310-macosx_12_0_arm64.whl", hash = "sha256:4b3f429188c66603a1a5c549fb414e4d3bdc2a24792e061ffbd607d3d75fd84e"}, + {file = "scipy-1.10.1-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:1553b5dcddd64ba9a0d95355e63fe6c3fc303a8fd77c7bc91e77d61363f7433f"}, + {file = "scipy-1.10.1-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:4c0ff64b06b10e35215abce517252b375e580a6125fd5fdf6421b98efbefb2d2"}, + {file = "scipy-1.10.1-cp310-cp310-win_amd64.whl", hash = "sha256:fae8a7b898c42dffe3f7361c40d5952b6bf32d10c4569098d276b4c547905ee1"}, + {file = "scipy-1.10.1-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:0f1564ea217e82c1bbe75ddf7285ba0709ecd503f048cb1236ae9995f64217bd"}, + {file = "scipy-1.10.1-cp311-cp311-macosx_12_0_arm64.whl", hash = "sha256:d925fa1c81b772882aa55bcc10bf88324dadb66ff85d548c71515f6689c6dac5"}, + {file = "scipy-1.10.1-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:aaea0a6be54462ec027de54fca511540980d1e9eea68b2d5c1dbfe084797be35"}, + {file = "scipy-1.10.1-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:15a35c4242ec5f292c3dd364a7c71a61be87a3d4ddcc693372813c0b73c9af1d"}, + {file = "scipy-1.10.1-cp311-cp311-win_amd64.whl", hash = "sha256:43b8e0bcb877faf0abfb613d51026cd5cc78918e9530e375727bf0625c82788f"}, + {file = "scipy-1.10.1-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:5678f88c68ea866ed9ebe3a989091088553ba12c6090244fdae3e467b1139c35"}, + {file = "scipy-1.10.1-cp38-cp38-macosx_12_0_arm64.whl", hash = "sha256:39becb03541f9e58243f4197584286e339029e8908c46f7221abeea4b749fa88"}, + {file = "scipy-1.10.1-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:bce5869c8d68cf383ce240e44c1d9ae7c06078a9396df68ce88a1230f93a30c1"}, + {file = "scipy-1.10.1-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:07c3457ce0b3ad5124f98a86533106b643dd811dd61b548e78cf4c8786652f6f"}, + {file = "scipy-1.10.1-cp38-cp38-win_amd64.whl", hash = "sha256:049a8bbf0ad95277ffba9b3b7d23e5369cc39e66406d60422c8cfef40ccc8415"}, + {file = "scipy-1.10.1-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:cd9f1027ff30d90618914a64ca9b1a77a431159df0e2a195d8a9e8a04c78abf9"}, + {file = "scipy-1.10.1-cp39-cp39-macosx_12_0_arm64.whl", hash = "sha256:79c8e5a6c6ffaf3a2262ef1be1e108a035cf4f05c14df56057b64acc5bebffb6"}, + {file = "scipy-1.10.1-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:51af417a000d2dbe1ec6c372dfe688e041a7084da4fdd350aeb139bd3fb55353"}, + {file = "scipy-1.10.1-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:1b4735d6c28aad3cdcf52117e0e91d6b39acd4272f3f5cd9907c24ee931ad601"}, + {file = "scipy-1.10.1-cp39-cp39-win_amd64.whl", hash = "sha256:7ff7f37b1bf4417baca958d254e8e2875d0cc23aaadbe65b3d5b3077b0eb23ea"}, + {file = "scipy-1.10.1.tar.gz", hash = "sha256:2cf9dfb80a7b4589ba4c40ce7588986d6d5cebc5457cad2c2880f6bc2d42f3a5"}, +] + +[package.dependencies] +numpy = ">=1.19.5,<1.27.0" + +[package.extras] +dev = ["click", "doit (>=0.36.0)", "flake8", "mypy", "pycodestyle", "pydevtool", "rich-click", "typing_extensions"] +doc = ["matplotlib (>2)", "numpydoc", "pydata-sphinx-theme (==0.9.0)", "sphinx (!=4.1.0)", "sphinx-design (>=0.2.0)"] +test = ["asv", "gmpy2", "mpmath", "pooch", "pytest", "pytest-cov", "pytest-timeout", "pytest-xdist", "scikit-umfpack", "threadpoolctl"] [[package]] name = "sentencepiece" diff --git a/pyproject.toml b/pyproject.toml index e2998539c02f..29481b1450bf 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -155,6 +155,8 @@ structlog-sentry = "^2.0.2" # in order to fix https://rasahq.atlassian.net/browse/ATO-1419 dnspython = "2.3.0" wheel = ">=0.38.1" +certifi = ">=2023.7.22" +cryptography = ">=41.0.2" [[tool.poetry.dependencies.tensorflow-io-gcs-filesystem]] version = "==0.31" markers = "sys_platform == 'win32'" @@ -193,7 +195,7 @@ version = ">=1.4.1,<1.7.3" python = "~=3.7.0" [[tool.poetry.dependencies.scipy]] -version = ">=1.4.1,<1.9.0" +version = ">=1.10.0" python = ">=3.8,<3.11" [[tool.poetry.dependencies.scikit-learn]] diff --git a/rasa/core/actions/action.py b/rasa/core/actions/action.py index 7d6344098ea1..e150114fe26c 100644 --- a/rasa/core/actions/action.py +++ b/rasa/core/actions/action.py @@ -1066,7 +1066,6 @@ async def run( metadata: Optional[Dict[Text, Any]] = None, ) -> List[Event]: """Runs action. Please see parent class for the full docstring.""" - fallback = {"text": ""} message = metadata.get("message", fallback) if metadata else fallback return [create_bot_utterance(message)] @@ -1353,7 +1352,6 @@ def extract_slot_value_from_predefined_mapping( tracker: "DialogueStateTracker", ) -> List[Any]: """Extracts slot value if slot has an applicable predefined mapping.""" - if tracker.has_bot_message_after_latest_user_message(): # TODO: this needs further validation - not sure if this breaks something!!! diff --git a/rasa/core/lock_store.py b/rasa/core/lock_store.py index ab3c539b3853..b7d495b3f1f5 100644 --- a/rasa/core/lock_store.py +++ b/rasa/core/lock_store.py @@ -173,7 +173,6 @@ def finish_serving(self, conversation_id: Text, ticket_number: int) -> None: Removes ticket from lock and saves lock. """ - lock = self.get_lock(conversation_id) if lock: lock.remove_ticket_for(ticket_number) @@ -181,7 +180,6 @@ def finish_serving(self, conversation_id: Text, ticket_number: int) -> None: def cleanup(self, conversation_id: Text, ticket_number: int) -> None: """Remove lock for `conversation_id` if no one is waiting.""" - self.finish_serving(conversation_id, ticket_number) if not self.is_someone_waiting(conversation_id): self.delete_lock(conversation_id) @@ -204,6 +202,9 @@ def __init__( db: int = 1, password: Optional[Text] = None, use_ssl: bool = False, + ssl_certfile: Optional[Text] = None, + ssl_keyfile: Optional[Text] = None, + ssl_ca_certs: Optional[Text] = None, key_prefix: Optional[Text] = None, socket_timeout: float = DEFAULT_SOCKET_TIMEOUT_IN_SECONDS, ) -> None: @@ -217,6 +218,9 @@ def __init__( password: The password which should be used for authentication with the Redis database. use_ssl: `True` if SSL should be used for the connection to Redis. + ssl_certfile: Path to the SSL certificate file. + ssl_keyfile: Path to the SSL private key file. + ssl_ca_certs: Path to the SSL CA certificate file. key_prefix: prefix to prepend to all keys used by the lock store. Must be alphanumeric. socket_timeout: Timeout in seconds after which an exception will be raised @@ -230,6 +234,9 @@ def __init__( db=int(db), password=password, ssl=use_ssl, + ssl_certfile=ssl_certfile, + ssl_keyfile=ssl_keyfile, + ssl_ca_certs=ssl_ca_certs, socket_timeout=socket_timeout, ) diff --git a/rasa/shared/core/training_data/visualization.py b/rasa/shared/core/training_data/visualization.py index 3e7049cbc9fb..109082e960b8 100644 --- a/rasa/shared/core/training_data/visualization.py +++ b/rasa/shared/core/training_data/visualization.py @@ -52,10 +52,10 @@ def __init__(self, nlu_training_data: "TrainingData") -> None: def _create_reverse_mapping( data: "TrainingData", ) -> Dict[Dict[Text, Any], List["Message"]]: - """Create a mapping from intent to messages - - This allows a faster intent lookup.""" + """Create a mapping from intent to messages. + This allows a faster intent lookup. + """ d = defaultdict(list) for example in data.training_examples: if example.get(INTENT, {}) is not None: @@ -95,8 +95,8 @@ def _fingerprint_node( remember max history number of nodes we have visited. Hence, if we randomly walk on our directed graph, always only remembering the last `max_history` nodes we have visited, we can never remember if we have visited node A or - node B if both have the same fingerprint.""" - + node B if both have the same fingerprint. + """ # the candidate list contains all node paths that haven't been # extended till `max_history` length yet. candidates: Deque = deque() @@ -140,8 +140,8 @@ def _outgoing_edges_are_similar( it doesn't matter if you are in a or b. As your path will be the same because the outgoing edges will lead you to - the same nodes anyways.""" - + the same nodes anyways. + """ ignored = {node_b, node_a} a_edges = { (target, k) @@ -177,8 +177,8 @@ def _add_edge( **kwargs: Any, ) -> None: """Adds an edge to the graph if the edge is not already present. Uses the - label as the key.""" - + label as the key. + """ if key is None: key = EDGE_NONE_LABEL @@ -197,8 +197,8 @@ def _transfer_style( ) -> Dict[Text, Any]: """Copy over class names from source to target for all special classes. - Used if a node is highlighted and merged with another node.""" - + Used if a node is highlighted and merged with another node. + """ clazzes = source.get("class", "") special_classes = {"dashed", "active"} @@ -216,7 +216,6 @@ def _transfer_style( def _merge_equivalent_nodes(graph: "networkx.MultiDiGraph", max_history: int) -> None: """Searches for equivalent nodes in the graph and merges them.""" - changed = True # every node merge changes the graph and can trigger previously # impossible node merges - we need to repeat until @@ -364,7 +363,6 @@ def _length_of_common_action_prefix(this: List[Event], other: List[Event]) -> in def _add_default_nodes(graph: "networkx.MultiDiGraph", fontsize: int = 12) -> None: """Add the standard nodes we need.""" - graph.add_node( START_NODE_ID, label="START", @@ -386,7 +384,6 @@ def _add_default_nodes(graph: "networkx.MultiDiGraph", fontsize: int = 12) -> No def _create_graph(fontsize: int = 12) -> "networkx.MultiDiGraph": """Create a graph and adds the default nodes.""" - import networkx as nx graph = nx.MultiDiGraph() @@ -402,7 +399,6 @@ def _add_message_edge( is_current: bool, ) -> None: """Create an edge based on the user message.""" - if message: message_key = message.get("intent", {}).get("name", None) message_label = message.get("text", None) @@ -530,7 +526,6 @@ def _remove_auxiliary_nodes( graph: "networkx.MultiDiGraph", special_node_idx: int ) -> None: """Remove any temporary or unused nodes.""" - graph.remove_node(TMP_NODE_ID) if not graph.predecessors(END_NODE_ID):